Course Syllabus - The University of Tulsa

advertisement
Spring 2013 CS7493/CS5493 Course Syllabus
Secure System Administration and Certification
Instructor:
James Childress
Contact:
james-childress@utulsa.edu
Office Hours: MWF 10:00am-11:30am; MW 2:00pm-3:00pm
Math and Computer Science Department
Office: Rayzor 2090
Days
Time
Lecture
T-Th
3:30pm-4:45pm
KEP-U4
Course Home Page
http://www.personal.utulsa.edu/~james-childress/
Prerequisite
CS4153, Computer Security
Textbook
Title: Fundamentals of Information Systems Security
Author: David Kim, et. al.
Publisher: Jones & Bartlett Learning
ISBN: 9780 76379 0257
Course Description
Provisioning, procurement and installation of network, hardware and software systems for
mission critical enterprises. System configuration and maintenance. Incident handling and
response. System certification, testing and validation. This course partially satisfies requirements
for the CNSS 4013 System Administrator certificate.
Teaching Methods
Lecture will be used to explain concepts that may or may not be covered in the textbook. Students
will be responsible for topics assigned from the text as well as additional topics covered during
lecture. Students will participate in group discussions and present their groups results to their
peers. Projects and homework will be assigned in class and posted on the course web page.
Exams, quizzes, in-class assignments, homework, and projects will be used to facilitate the
learning process. Attendance is a requirement for many of the in-class activities and there are no
make-up assignments granted for missing an in-class activity. Students are encouraged to bring a
network accessible device to lecture.
ADA Policy
Students with special needs as outlined in the Americans with Disabilities Act: Academic
accommodations will be provided when appropriate documentation is presented. Contact the
Center for Student Academic Support in Lorton Hall for details. The Center for Student
Academic Support will inform the instructor as to what special accommodations must be
provided.
Student Evaluation and Grade Assignments
Students will be evaluated by their performance on exams, labs, homework, in-class exercises,
projects, and quizzes. Final grades as well as all assignments will use the following criteria for
assigning grades:
Exceeds the instructor’s expectations:
A
Meets the instructor’s expectations:
B
Does not meet the instructor’s expectations:
C
Did not participate in the assignment:
F
Exam I
15%
Final Exam
25%
System Project
10%
Individual Project
15%
Group Project
30%
Other
5%
Assignment Submission Policy
Assignments will be announced in class and posted on the course web page. Many assignments
and the term project-milestones must be submitted by the due date. Any late work submitted by a
student by definition cannot exceed the instructor’s expectations. No work will be accepted by the
instructor after the instructor has graded and returned the completed assignments.
Exam, Quiz, and Assignment Make-Up Policy
You may be granted a make-up if a valid and excused absence is documented and approved by
the Center for Student Academic Support. Valid and excused absences must be:
 A University sponsored event or trip.
 Extraordinary family or medical hardships. Hardships must have supporting
documentation to receive special consideration. Supporting documentation does not
entitle the student to a make-up. The decision to grant a make-up is at the discretion of
the instructor.
All other requests for rescheduling a make-up will be denied. Any make-up exams will be
scheduled at the convenience of the instructor. If you miss an assignment, you must complete and
return the assignment before the assignment is graded and returned to the other students.
Attendance
Absence is a detriment to your overall performance. Poor attendance fails to meet the instructor’s
expectations. Some assignments will require students to present information during lecture. Some
in-class activities cannot be rescheduled and no make-up assignment will be available.
Electronic Devices
Exams for this class have been of the essay type. The instructor will attempt to reserve a
computer lab where students can write and submit an electronic copy of their exam. No other
electronic device will be allowed during an exam. Accessing an unauthorized electronic device
during an exam will result in no credit for the exam. Students are encouraged to bring a network
accessible device to lecture.
Failure to Withdraw Policy
If you wish to withdraw from the course, you must fill out the necessary forms. Failure to follow
through could result in a grade of F for the course in accordance with university policy.
Student Competency Clause
A student may be asked by a lab instructor or the course instructor to demonstrate a level of
competency that is contained in any assignment completed by the student. It is possible to receive
no credit for an assignment if a student is unable to demonstrate a level of competency contained
in a completed assignment.
Plagiarism Policy
Plagiarism is claiming, indicating, or implying that the ideas, sentences, or words of another
writer are your own. Plagiarism includes having another writer do work claimed to be your own,
copying the work of another and presenting it as your own, or following the work of another as a
guide to ideas and expression that are then presented as your own. Any work plagiarized by a
student will receive no credit (zero points). Plagiarism is considered academic misconduct.
Academic Dishonesty or Misconduct
Academic dishonesty or misconduct is not condoned nor tolerated at Tulsa University. Academic
dishonesty is behavior in which a deliberately fraudulent misrepresentation is employed in an
attempt to gain undeserved intellectual credit, either for oneself or for another. Academic
violations could result in no credit for an assignment, quiz, or exam; a failing grade for the
course, or dismissal from the University. Deliberate misuse of the computing facilities falls under
the heading of Academic Dishonesty or Misconduct. Examples of computing resource misuse
includes but is not limited to the following: downloading or accessing information that is not used
for academic purposes, copyright infringements, downloading or accessing illegal materials,
personal business transactions for profit, malicious computer attacks designed to disrupt general
computer activities, etc. See the University of Tulsa Undergraduate Bulletin for more details.
Student Etiquette
Students are expected to be attentive during class and not disrupt the learning process. Everyone
is encouraged to participate in class discussions as directed by the instructor. Students are also
encouraged to ask the instructor questions about the course material. Here is a list of activities
that can disrupt the learning process:
 Forgetting to turn-off your cell phone during lecture, quiz, or exam time.
 Habitual tardiness.
 Leaving and re-entering the classroom during lecture, quiz or exam time.
 Engaging in conversation not relevant to the classroom activities.
Exams will have assigned seating as directed by the course instructor. Any refusal to abide by the
policies outlined in this document could result in any of the following: no credit for an
assignment, a failing grade for the course, or dismissal from the university.
Tentative Schedule of Activities
The instructor may change the assignment schedule at any time by verbal or written notification
in class and posted on the course web site.
Important dates:
First Mid-Term Exam
February 28, 2013 @ 3:30pm
Final Exam
TBA*
Presentations begin during the week of April 16-18, 2013
The final exam will be kept on file for a period of one year and will not be available to students.
*The final exam will be scheduled in accordance with University policy.
Confidential Information
Grades will be posted using Web Advisor at the end of the semester after all exams, quizzes,
projects, and assignments are graded. Point totals may be periodically posted using WebCT. No
confidential information will be sent through the e-mail or given over the phone. All requests for
grades by e-mail or phone will be denied. Be sure to check the web site for further information
about grades. Avoid sending e-mails with attachments. You must make prior arrangements to
send the instructor an e-mail message containing an attachment.
Topics








Course Introduction, vocabulary & student survey
CSI Survey and critical evaluation
Physical security by environmental design
Breaking in: Malware, Social Engineering, & Emanations
A brief history of computing security
Computer Security Standards
o Orange Book
o NIST FISMA Guide, National Institute of Standards & Technology, Federal Information
Security Management Act
o CERT Guide
o Common Criteria
o SDLC – System Development Life Cycle
Computer System
o Deployment
o Security
o Maintenance
o Incident Handling & Response
Special topics chosen and presented by the students
Acknowledgements
 Brett Bartow of Tripwire, Inc.
Download