Syllabus MIS496, IT Security Management
Spring 2016
Instructor Information
Bongsik Shin, Ph.D
Office: SS-3118, Phone: 619-594-2133
Email: bshin@mail.sdsu.edu
Office Hours: TTH 14:00~15:00 PM or by appointment
Class Information
Schedule #: 22166, Class hour: TH 16:00-18:40, Classroom: SS2512
GENERAL BSBA GOALS
BSBA students will graduate being:
 Effective Communicators
 Critical Thinkers
 Able to Analyze Ethical Problems
 Global in their perspective
 Knowledgeable about the essentials of business
COURSE OBJECTIVES/LEARNING OUTCOMES
At the end of the course, students should achieve the following:
 Possess knowledge of various threat types.
 Understand methods of host, application, data, and network security.
 Describe various cryptography technologies.
 Explain various access control and identity management methods
 Discuss elements of risk mitigation and compliance
 Become familir in using various security tools to analyze data, network, and system threats and
vulnerabilities
 Get familiar with the creation and usage of Virtual Machines
 Explain computer architecture and operating system, which are fundamental in growing
knowledge of IT security
COURSE DESIGN
This course is intended to cover managerial and technical aspects of IT security. There is a large industry
demand for seasoned IT security skills and it is definitely a perfect time to consider IT Security as a lifelong career path. IT security is a huge area in its scope. In this course, a comprehensive overview is
offered on a large array of IT Security issues. To realize the learning outcomes, this course relies on
various pedagogical approaches: reading assignments & quizzes, classroom lectures, classroom hands-on
exercises, topic presentations and a group project. Each class session is divided into three parts: lecture
(about an hour and 20 minutes), hands-on exercise (about an hour), and topic presentation (about 20
minutes). The class is designed that, at the end of the semester, students are encouraged to take the
CompTIA Security+ certification test. Anyone who passes the 90 minute certification test before 5/13 will
be given an A for the final grade.
1
BOOKS (REQUIRED) AND REFERENCES


Security+ Guide to Network Security Fundamentals by Mark Ciampa (2015)
There are useful Internet sources that can further strengthen learning. I will take full advantage of
the following sources to supplement the textbook.
Professor Messer
http://www.professormesser.com
YouTube
http://www.youtube.com
GENERAL CLASS POLICY





Course information including the syllabus and exam/quiz scores will be updated on Blackboard.
Students are required to check Blackboard regularly.
Usage of a laptop computer is allowed only during the hands-on session.
Students caught giving or receiving assistance to/from another student(s) during an exam will be
asked to leave and will receive an F for the course. Every case will be reported to the Center for
Student Rights and Responsibilities for a possible disciplinary action. Visit
http://www.sa.sdsu.edu/srr/index.html for more information on academic dishonesty.
PPT slides are designed to: (1) extract important concepts students are expected to understand; (2)
define the scope of the two exams; and (3) extend the textbook coverage as needed. For efficient
use of class time, the class lecture focuses on items that need further explanations, skipping those
that can be understood through self-reading.
If you are a student with a disability and believe you will need accommodations for this class, it is
your responsibility to contact Student Disability Services at (619) 594-6473. To avoid any delay
in the receipt of your accommodations, you should contact Student Disability Services as soon as
possible. Please note that accommodations are not retroactive, and that I cannot
provide accommodations based upon disability until I have received an accommodation letter
from Student Disability Services. Your cooperation is appreciated.
TESTS




There are two non-cumulative exams: one mid-term and one final. All exams must be taken at
their scheduled time and at the course venue. No early or late examinations unless a student
experiences emergency.
Test questions are drawn from lecture materials covered in classes, but not from hands-on
exercises.
There will be 50 multiple-choice questions in each exam and students are required to bring a
Scantron (Form 882-E).
Each test is 100 points.
HANDS-ON EXERCISES
The second part of each class is used for instructor-guided hands-on exercises. During the session,
students are going to use their own laptop computer to do assigned exercises. All security programs
“have to” run ONLY on the virtual machine to keep any unexpected mistakes from paralyzing your
physical (or host) machine. For this, all students are required to install VirtualBox from Oracle and
Windows client on top of VirtualBox (you need to save enough HD space). You should be able to
download Windows from the MS Dreamspark account.
2
Just in case you are unable to ping from one VM to another VM, one possible solution is: go to
"Control Panel\Network and Internet\Network and Sharing Center\Advanced sharing settings" and
then turn on the "file and printer sharing" so that the ping packets can get through the firewall.
TOPIC RESEARCH & PRESENTATION
Two students forms a group and will be assigned a topic to be presented for up to 20 minutes. The
group will also undertake a hands-on oriented semester project. 7-8 PPT well-designed slides
(excluding the cover) are to be prepared and should be submitted to Turnitin for plagiarism checking
and for distribution to other students.
The PPT submission should be completed by Tuesday (2 days before the scheduled presentation) of
the week to avoid penalty and to provide time for students/instructor to browse in advance. To receive
a good score, each presenter should be thoroughly familiar with the subject and thus should
effectively answer questions from students and the instructor. Also, please do not read a prepared
script but explain the slides with your own language. Through topic presentations, more advanced
IT security concepts, not covered by the textbook, are introduced to the class. The rubrics of written
and oral communications will be used for grading.
When your team submit group works (i.e., topic presentation and semester project) to Turnitin, please
combine all materials into one file. Also please make sure that only one copy is submitted by a team
member. Lastly the title section in Turnitin should clearly indicate the title of your presentation topic
or group project.
The grading of presentation will be withheld from viewing until all groups complete their
presentations so that the instructor makes necessary adjustments based on the relative performance of
all groups. It is very important that, as shown in the rubrics, a presenter become an effective oral and
written communicator.
INDIVIDUAL ASSIGNMENT
There will be individual assignments on advanced subjects that are not covered during the regular
class session due to time constraints. IT security is an extremely broad field with numerous topics to
learn and balanced exposure to them will better prepare a student for a related career. Most of them
are very important but less-technical and thus can be self-studied. In the beginning of each class, there
will be a short quiz that tests completion of your homework assignment. There will be two short
answer questions in each quiz, each question counting 5 points. The instructor will provide key terms
that students should understand in preparing for the quiz. Both class lectures and homework
assignments are designed to prepare students for the CompTIA Security+ certification exam.
SEMESTER PROJECT
Each group will conduct a semester project and present it for 30 minutes. The project is primarily
software-usage related and designed to give students additional hands-on experience. Each group is
going to choose a project from the list (see below), gets thoroughly competent in using it, and present
it to the class. During the presentation, each group provides general introduction of software functions
and guides the class for hands on exercise.
For the hands-on each group should prepare a fairly detailed hands-on guide so that students can
follow through the instructions. The PPT report is divided into two parts: (1) general introduction of
3
the project (up to 10 slides); and (2) hands-on instructions (unlimited). Again, the report and hands-on
instructions should be submitted to Turnitin for plagiarism checking.
In combining the group project report and hands on instructions, please do not zip them
as Turnitin may not accept the file format. Students are responsible for preparing hard copies of the
hands-on materials.
Each group should email the instructor the software link. Many security tools are not stable and each
group should thoroughly test the stability of software well in advance to confirm the viability of the
assigned (or chosen) project. Once the project list is finalized, the instructor will decide the order of
presentations in a random fashion. Please remember that one of the most important considerations of
the final project performance is how you design the oral and written parts effectively to share your
learned knowledge with students.
Possible Semester Projects:
o Password cracking (brute force and dictionary methods) and tools (e.g., John the Ripper, Cain and
Abel, Hydra, cloudcracker.com
o Session hijacking (e.g., MITM) with Ettercap
o Survey of security tools from Microsoft (e.g., Malware Removal Starter Kit, MS Baseline
Security Analyzer)
o Snort: Open source intrusion detection system
o Metasploit: Penetration testing
o Nessus: Vulnerability Scanning
o Threat Modeling and threat modeling tool (e.g., Microsoft)
o Gathering hacking information using Google search engine
o Gathering hacking information using SHODAN search engine
o Using the Web (Sandbox) to identify malware (e.g., Anubis, GFI, Norman, Wepawet)
o Open Source Intelligence Platform: Collaborative Research into Threats (CRITs)
platform/Collective Intelligence Framework (CIF)
o Hacking with the Zeus Trojan Malware
PEER EVALUATIONS
Given that there are only two students for a group, peer evaluations will be conducted in the form of
in-person interviews if a student files a complaint of free riding (or similar).
FINAL GRADING

The final grade will be based on two in-class exams, quizzes, topic presentation, and a semester
project. Their weights are shown below.
Sources
Midterm
Final test
Semester Project (Written)
Semester project (Oral)
Homework Assignment & Quizzes
Topic Presentation (Written)
Topic Presentation (Oral)
Total
Points
100
100
40
30
110 (approx.)
20
20
420
4

The following table summarizes the distribution of final grades.
A
AB+
B
BC+
C
CD+
D
DF

Final Grade Distribution
100 – 95.00 %
94.99 – 90.00 %
89.99 – 87.00 %
86.99 – 83.00 %
82.99 – 79.00 %
78.99 – 77.00 %
76.99 – 73.00 %
72.99 – 69.00 %
68.99 – 67.00 %
66.99 – 63.00 %
62.99 – 59.00 %
58.99 – 0.00 %
The posting of final grades on the university system will be notified via email. Appeal for grading
should be done within a week of the posted date.
INDIVIDUAL ASSIGNMENT & QUIZ
Assign #1: VM hands on: 1-3 & 1-4. Install Linux Mint (Tutorial 1) and go through three tutorials below.
Submission requirement: A printed screenshot that shows VirtualBox and Linux VM
https://www.youtube.com/watch?v=H_ustCy4Ks8 (22:33)
https://www.youtube.com/watch?v=3hkSbafnWTs (16:07)
https://www.youtube.com/watch?v=hXp8AdbLaFo (15:29)
Assign #2: Fundamentals of how computers work (refreshing your knowledge).
Introduction to Personal Computers (9:18; 9:51; and 6:52): 3 parts
https://www.youtube.com/watch?v=ymsJyo1_6QM
https://www.youtube.com/watch?v=zLRLraI0Y7M
https://www.youtube.com/watch?v=4ULJYi4gnGU
See how computers add numbers (14:26):
https://www.youtube.com/watch?v=VBDoT8o4q00&list=PLekivpoaIPnAdg8QnM3wGYNUl7Quy3Aq
How a CPU works (20:41):
https://www.youtube.com/watch?v=cNN_tTXABUA&index=2&list=PLekivpoaIPnAdg8QnM3wGYNUl7Quy3Aq
Assign #3: Fundamentals of how operating systems work
Professor Messar (Part 1 only,8:20): http://www.professormesser.com/free-a-plus-training/220701/operating-systems/
OS Lecture 1(51:23): https://www.youtube.com/watch?v=55FeqGGzE5Q
The remaining assignments are based on CompTIA Security+ Training Videos (Professor Messer)
available at http://www.professormesser.com/security-plus/sy0-401/sy0-401-course-index/
5
Assign #4: Section 2 – Compliance and Operational Security (2.1 & 2.2)
Assign #5: Section 2 – Compliance and Operational Security (2.3 & 2.4)
Assign #6: Section 2 – Compliance and Operational Security (2.5 & 2.6)
Assign #7: Section 2 – Compliance and Operational Security (2.7, 2.8, and 2.9)
Assign #8: Section 3 – Threat and Vulnerabilities (3.6, 3.7 & 3.8)
Assign #9: Section 4 – Application, Data, and Host Security (4.1, 4.2 & 4.3)
Assign #10: Section 4 – Application, Data, and Host Security (4.4 & 4.5)
Assign #11: Section 5 – Threat and Vulnerabilities (5.1, 5.2 & 5.3)
6
TENTATIVE COURSE OUTLINE
Date
Topics (Subject to change)
1/21
Syllabus, Dreamspark
1/28
Intro. to Security (CH1)
Classroom Hands-On
(Subject to change)

Assign #1
2-3, 2-4, and
Case Project 2-6
3-1, 3-2, 3-3, 3-4, and
3-6
4-1, 4-2, 4-3
5-1, 5-2, 5-4, 5-5
6-1, 6-2, 6-3, 6-4
Assign #2
7-1, 7-2, 7-3, 7-4, 8-1,
8-4, 8-5, 8-6, 8-7
9-1, 9-2, 9-3, 9-4
Assign #6
11-1, 11-2, 11-3, 11-4
Assign #8
12-1, 12-2, 12-3, 12-4,
12-5, 12-6
13-1, 13-2, 13-3, 13-4,
13-5, 14-3
15-1, 15-2, 15-3, 15-4
Assign #9
1-1, 1-2, 2-1, 2-2
2/4
2/11
2/18
Malware and Social
Engineering Attacks (CH2)
Application and Network
Attacks (CH3)
Host, Application, & Data
Security (CH4)
2/25
Basic Cryptography (CH5)
3/3
Mid-Term Exam
Advanced Cryptography
(CH6)
Network Security
Fundamentals (CH7)
Administering a Secure
Network (CH8)
Administering a Secure
Network (CH8)
Wireless Network Security
(CH9)
Access Control Fundamentals
(CH11)
Project presentation
3/10
3/17
3/24
4/7
4/14
4/21
4/28
Homework Due
Dates (10 points)
Assign #3
Assign #4
Assign #5
Assign #7
Assign #10
Assign #11
Important Dates
Topic Presentations



Case selection
- Project group
formation
Using Wireshark to detect network
vulnerabilities
Packet construction with Colasoft’s
Packet Builder
STIX (Structured Threat Information
Expression) / TAXII (Trusted
Automated Exchange of Indicator
Information)
Domain Shadowing
DNS fast-flux attack
Security Information and Event
Management (SIEM)
Email SW URL
to instructor
Tor Network and Browser
Open Web Application Security
Project (OWASP)
Cybercrime/Criminal Web Portals
Due: Project
Report (PPT)
5/5
Project presentation
5/12 Final exam
* Instructor reserves the rights to make any changes necessary.
** Students are responsible for staying updated on the changes.
7
CBA WRITTEN COMMUNICATIONS SKILLS RUBRIC
Content
(20 points)
Organization
(20 points)
Below Expectations
Does not adequately cover the
assigned task. The primary thesis may
not be clear or if it is, little topic
development is evident. Assertions
made in the writing are either weakly
supported or no support is offered.
Paper lacks logical sequence hence
causing format to interfere with
readability. Does not use proper
paragraphing. Topic sentences do not
lead to rest of paragraph or are
missing altogether.
Meets Expectations
The assigned task is covered sufficiently.
The primary thesis is clear but there is some
room for further development of the topic.
Support is offered for assertions that are
made but that support could be stronger,
more compelling or more inclusive of all
issues.
Paper follows logical sequence with
identifiable beginning, development, and
conclusion. Generally proper use of
paragraph structure and topic sentences.
Organization and/or headings help the
reader to follow and find information.
Exceeds Expectations
The assigned task is thoroughly covered and
completed. The primary thesis is clear and
fully developed. Assertions made throughout
the writing are compelling and clearly
supported.
Paper flows well with appropriate beginning,
development, and conclusion. Paragraph
structure contributes to flow and transitions.
Organization and/or headings help the reader
to understand and remember information.
CBA ORAL COMMUNICATIONS SKILLS RUBRIC
Voice Quality & Pace
(15 points)
Rapport with
Audience & Use of
Media (15 points)
Below Expectations
Mumbles, mispronounces words,
grammatical errors, “umms”.
Difficult to understand. Speaks too
quietly or too loudly. Speaks too
fast or too slow. Loses train of
thought, tentative. Lacks
enthusiasm. Mechanistic
Does not connect with audience.
Little to no eye contact. Reads.
Relies heavily on slides and/or
notes. Attempts to cover too many
slides or lingers too long on too few
slides.
Meets Expectations
Easily understood. Speaks loud
enough to be heard and at appropriate
pace. Some awkward pauses or
halting delivery but mostly clear and
natural. Could display greater
enthusiasm, seem more genuinely
interested in own presentation.
Tries to maintain eye contact most of
the time but instances may be fleeting
in length. Scans the room. Some
reliance on notes or slides.
Exceeds Expectations
Enthusiastic and engaging. Speaks clearly
and loudly enough at a comfortable pace.
Exudes confidence and interest. No
grammatical or pronunciation errors.
Presentation appears conversational,
extemporaneous, and natural.
Genuinely connects with audience.
Maintains eye contact. Visuals (slides,
etc.) effortlessly enhance speech.
8