Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

INFO 2805 Network and Information Security Basics

advertisement 
METROPOLITAN COMMUNITY COLLEGE
COURSE OUTLINE
COURSE TITLE:
Network & Information Security Basics
COURSE NUMBER:
INFO 2805
LEC
4
LAB 1.5
CREDIT HOURS 4.5
COURSE DESCRIPTION:
This course is survey of network and information security. A study of threat assessment, risk
management, establishing and managing network security policy, user training, security models,
objective, architectures, and the investigative process. Constitutional issues, applicable laws and rights
and rules of evidence will be covered. The class will also cover and discuss confidentiality, integrity,
availability, accountability, and auditing.
COURSE PREREQUISITE (S):
None
RATIONAL:
When working in the IT world with the new crimes that are being committed against organizations and
the need to secure proprietary data and ensure the privacy of the employees and the customers. It is
imperative IT professionals are indoctrinated in the procedural as well as technical aspects of security.
This course introduces the IT professional to the disciplines necessary for network security as well as
the procedures for developing and implementing policy to secure information systems.
REQUIRED TEXTBOOK (S) and/or MATERIALS:
Title:
Principals of Information Security
Edition:
2nd
Author:
Michael Whitman and Herbert Mattord
Publisher:
Course Technology
Materials:
Removable media and e-mail address
Attached course outline written by:
Gary Sparks
Outline reviewed/revised by:
Effective quarter of course outline:
Academic Dean:
Date:
05/FA
Thos C. Pensabene
Metro Community College
Date: 4/03
Date
1 of 4
Revised: Aug-05
COURSE OBJECTIVES/TOPICAL UNIT OUTLINE/UNIT OBJECTIVES
TITLE:
Network & Information Security Basics
PREFIX/NO.: INFO 2805
COURSE REQUIREMENTS/EVALUATION:
Upon successful completion of this course, the student will be able to:
1.
Explain the basics of security in the IT environment.
2.
Describe the security disciplines involved in the IT environment.
3.
Discuss the importance of Ethical behavior in the IT environment.
4.
Interpret the legal ramifications to the use of IT systems.
5.
Describe the investigative process used to determine events and evidence collection.
6.
Understand and complete a threat assessment and a risk assessment.
7.
Examine information security policy.
8.
Identify the departmental information security responsibilities for business.
9.
Prepare security policies for an IT area.
TOPICAL UNIT OUTLINE/UNIT OBJECTIVES:
UNIT I:
A.
B.
C.
UNIT II:
A.
B.
C.
D.
E.
F.
BASICS OF SECURITY IN THE IT ENVIRONMENT
Identify and explain the principles and objectives of security.
Identify and explain the security models, architectures and layers.
Identify and explain Confidentiality, Integrity, Availability, Accountability and
Auditability.
SECURITY DISCIPLINES IN THE IT ENVIRONMENT
Understand and explain the purpose of Physical Security in an IT environment.
Understand and explain the purpose of Personnel Security in an IT environment.
Understand and explain the purpose of Information Security in an IT environment.
Understand and explain the purpose of Network Security in an IT environment.
Understand and explain the purpose of Transmission Security in an IT environment.
Understand and explain the purpose of Computer Security.
Metro Community College
2 of 4
Revised: Aug-05
UNIT III:
A.
B.
C.
UNIT IV:
A.
B.
C.
D.
E.
F.
UNIT V:
A.
B.
C.
D.
F.
G.
H.
I.
UNIT VI:
A.
B.
C.
D.
UNTI VII:
A.
B.
C.
D.
E.
ETHICAL BEHAVIOR IN THE IT ENVIRONMENT.
Understand and explain general canons of ethical conduct.
Understand, explain and comply with IT ethics.
Understand, explain and comply with business ethical conduct.
LEGAL RAMIFICATIONS TO THE USE OF IT SYSTEMS.
Understand and explain Constitutional Rights.
Understand and explain the purpose and applicability of probable cause.
Understand and determine what a crime is and if a crime has been committed.
Understand and explain legal jurisdictions.
Understand and reference Federal Codes in relation to IT.
Understand and reference State Codes in relation to IT.
investigative process used to determine events and evidence collection.
Understand and explain the differences between an interview and an interrogation.
Understand and explain search and seizure.
Identify the difference between an inspection and a search.
Understand and explain getting permission to search vs. a warrant to search.
Understand and explain the rules of evidence.
Explain identifying evidence and how to preserve it.
Explain the purpose process of the chain of custody.
Understand the issues that impact admissibility of evidence.
THREAT ASSESSMENT AND RISK ASSESSMENT.
Identify what a threat assessment is.
Describe and process for identifying threats.
Identify what a risk assessment is.
Understand the process for identifying risks.
INFORMATION SECURITY POLICY.
Determine who should participate on a development team.
Identify resources that need to be protected.
Determine liabilities that need to be considered in the policy.
Identify internal and external threats to resources.
Determine the appropriate level of protection.
Metro Community College
3 of 4
Revised: Aug-05
UNTI VIII:
A.
B.
C.
D.
UNIT XI:
A.
B.
C.
D.
E.
F.
G.
H.
I.
J.
DEPARTMENTAL INFORMATION SECURITY RESPONSIBILITIES FOR
BUSINESS.
Identify and explain management’s responsibilities in securing information.
Identify and explain the security department’s responsibilities with IT systems.
Identify contractor and consultant’s responsibilities in securing corp. information.
Identify the employee/user responsibilities in securing corp. information.
SECURITY POLICIES FOR AN IT AREA.
Understand and write physical security policy.
Understand and write policy for authentication and network access.
Understand and write Internet policy.
Understand and write e-mail policy.
Understand and write policy dealing with malicious logic.
Understand and write policy on the use of encryption.
Understand and write policy on software development.
Understand and write policy on Fair Use or Acceptable Use.
Determine compliance and how policies will be enforced.
Determine and document the review process of IT policy.
OUTCOME MEASURES
1. Explain the basics of security in the IT environment.
ASSESSMENT
MEASURES
Quiz and Exam
2. Describe the security disciplines involved in the IT environment.
Quiz and Exam
3. Discuss the importance of Ethical behavior in the IT
environment.
4. Interpret the legal ramifications to the use of IT systems..
Quiz, Exam and class
observation
Quiz, Lab and Exam
5. Describe the investigative process used to determine events and
evidence collection.
Quiz, Exam Lab and class
observation
6. Understand and complete a threat assessment and a risk
assessment.
Quiz, Lab, Exam and
project
7. Examine information security policy.
Quiz and Exam
8. Identify the departmental information security responsibilities
for business..
Quiz and Exam
9. Prepare security policies for an IT area.
Quiz, Exam and project
COURSE OBJECTIVES
Metro Community College
4 of 4
Revised: Aug-05
Related documents
Order of Operations Review Stations
Order of Operations Review Stations
Document
Document
PHYSICS 1A QUIZ 1
PHYSICS 1A QUIZ 1
Homework 6
Homework 6
Chapter A Test Review - Jessamine County Schools
Chapter A Test Review - Jessamine County Schools
Open notes quiz: Animal Behavior Take out your notes from
Open notes quiz: Animal Behavior Take out your notes from
Download
advertisement