ITSY 1300 Information Security Fall 2009 - Northridge
Professor: Ronald L. Mendell
Phone: 512-692-1074
Office Hours: Thursdays
5-6 pm 4216A Northridge
Email:
rmendell@austincc.edu
Web site: http://www.austincc.edu/rmendell
Description
The course provides instruction in security for network hardware, software, and data including physical security, backup procedures, and protection from viruses. And, the course covers applying these concepts to the theme of “Protecting Yourself in the Digital Age.”
Prerequisites
There are no prerequisites for this course.
Class Structure
Class time will contain lectures, demonstrations, class discussions, and labs.
Exams
Two exams will be given, a midterm and a final. Exams must be taken on the scheduled date. If you miss an exam you will receive a grade of zero for that exam, unless prior arrangements have been made to take the comprehensive final, or there was a compelling, verifiable personal emergency that prevented your attendance and giving prior notice. There are no “make-up exams,” rather the student will be permitted, if approved by the instructor, to take a comprehensive final exam in lieu of the missing exam.
Lab Exercises
Labs exercises in class will a part of the course. The instructor will brief the class on lab exercises at appropriate times during the course. Some lab exercises may be assigned as homework depending upon the needs of the class.
Grade Policy:
Grades will be based both on concepts and practical applications.
Exams = 80%
Classroom Participation = 20%
Grade Scale:
A = 90 - 100
B = 80 - 89
C = 70 - 79
D = 60 - 69
F = below 60
Required texts
Principles of Computer
Security: Security+ and Beyond
Wm. Arthur Conking, Gregory B. White, et al
(McGraw Hill, 2005) ISBN: 0-07-225509-9
Recommended but not required texts:
Secrets of Computer
Espionage: Tactics and Countermeasures
Joel McNamara
(Wiley, 2003) ISBN: 0-7645-3710-5
At the completion of this course, the student will have demonstrated the ability to:
Understand how
information security can counteract attempts to attack an individual’s
“infosphere,” the person’s sensitive information.
Understand how people
are the weakest components in any security system.
Identify social engineering schemes.
Develop appropriate countermeasures.
Learn the
fundamentals of cryptography and how cryptography serves as the central
language of information security.
Identify the basic cryptographic tools.
Implement cryptography to protect the confidentiality and integrity of data.
Develop and Implement
Physical Security
Identify and assess current and anticipated security risks and vulnerabilities
Monitor, evaluate, and test security conditions and environment
Implement, extend, and refine physical security plans and policies
Ensure Infrastructure
and Network Security
Gather data and analyze security requirements
Identify, analyze, and evaluate infrastructure and network vulnerabilities
Develop critical situation contingency plans and disaster recovery plan
Implement/test contingency and backup plans and coordinate with stakeholders
Monitor, report, and resolve security problems
Designing Perimeter Security for a Network
Understand Security
Baselines
Establishing baselines
Testing networks and computers for vulnerabilities
Understand the Roles
of Computer Forensics and the Law in Information Security
Attendance and
Withdrawal
Students are expected to attend classes and will be held responsible for
all material covered in class. Regular attendance helps ensure satisfactory
progress towards completion of the course. It is the student's responsibility
to complete a withdrawal form in the Admissions Office if they wish to
withdraw from this class. The instructor may withdraw students from this
class if their absences exceed 10% of the total number of class meetings.
The last date to withdraw for this semester is available in the ACC Academic calendar posted on the ACC Web site.
It is not the responsibility of the instructor to withdraw the students from their
class even though the instructor has the prerogative to do so under the
above listed circumstances.
ALERT:
New state law for new students. No more than six course withdrawals throughout
your undergraduate education, regardless of how many colleges
you attend. Students who entered college before fall 2007 are not affected.
(Ask a counselor for details.)
Incomplete
A student may receive a temporary grade of "I" (Incomplete) at the end of the semester
only if ALL of the following conditions are satisfied:
The student is unable to complete the course during the semester due to
circumstances beyond their control.
The student must have earned at least half of the grade points needed for a "C" by
the end of the semester.
The request for the grade must be made in person with the instructor and
necessary documents completed.
To remove an "I", the student must complete the course by two weeks before the
end of the following semester. Failure to do so will result in the grade automatically
reverting to an "F".
Academic Integrity
Acts prohibited by the college, for which discipline may be administered, are
scholastic dishonesty (including but not limited to cheating on an exam or quiz),
plagiarizing, and unauthorized collaboration with another in preparing outside work.
Academic work submitted by students shall be the result of their thought, research
or self-expression. Academic work is defined as, but not limited to, tests and
quizzes (whether taken electronically or on paper); projects, (either individual or
group); classroom presentations, and homework.
Freedom of Expression
It is expected that faculty and students will respect the views of others when
expressed in classroom discussions.
Students With Disabilities
Each ACC campus offers support services for students with documented physical
or psychological disabilities. Students with disabilities must request reasonable
accommodations through the Office for Students with Disabilities on the campus where
they expect to take the majority of their classes. Students are encouraged to do this
three weeks before the start of the semester. (Please refer to the current ACC
Student Handbook.)
Class Schedule: The following is a tentative schedule for the course. The instructor reserves the right to make schedule changes based on the needs of the students in the class.
|
Date |
Chapter |
Assignment |
|
Orienting as an Information Security Professional |
||
|
08/27 |
1 & 2 |
Introduction and Security Trends Inside the Security Mind |
|
People in Information Security |
||
|
09/03 |
3: pp. 43-46 4 |
Operational/Organizational Security The Role of People in Security The Psychology of Information Security |
|
Physical Security, Risk Management, Disaster Planning |
||
|
09/10 |
3: pp. 46-62 8 |
The Impact of Physical Security on Network Security |
|
09/17 |
19 & 20 |
Physical Security Con’t: Disaster Planning and Management and Risk Management |
|
Technical Security |
||
|
09/24 |
9 & 10 |
Technical Security
I – Networking |
|
10/01 |
5: especially review on pp. 101-102 6: especially review on pp. 147-148 7: pp. 160-165, pp. 170-177 |
Technical Security II – Cryptography
Standards and Protocols for Cryptography |
|
10/08 |
EXAM 1 |
Midterm Exam |
|
Security Baselines and Attacks |
||
|
10/15 |
13 & 14 |
Security Baselines and IDS |
|
10/22 |
15, 16 & 17 |
Attacks and Malware |
|
10/29 |
11 & 12 |
Wireless and Remote Access |
|
Operational Security |
||
|
11/05 |
18 & 21 |
Software Development and Change Management |
|
11/12 |
22 |
Privilege Management Practical Hacking – Instructor will provide materials in class
|
|
Computer Forensics |
||
|
11/19 |
23 & 24 |
Computer Forensics and the Law
|
|
11/26 |
No Class |
Thanksgiving |
|
12/03 |
23 & 24 |
Computer Forensics and the Law Pt. 2 Review of the Course |
|
12/10 |
|
Final Exam |