Course Description:
This course provides the foundation for understanding the key issues associated with protecting information assets, determining the levels of protection and response to security incidents, and designing a consistent, reasonable information security system, with appropriate intrusion detection and reporting features. The purpose of the course is to provide the student with an overview of the field of information security and assurance. Students will be exposed to the spectrum of security activities, methods, methodologies, and procedures. Coverage will include inspection and protection of information assets, detection of and reaction to threats to information assets, and examination of pre- and post-incident procedures, technical and managerial responses, and an overview of the information security planning and staffing functions.
This course provides the foundation for understanding the key issues associated with protecting information assets, determining the levels of protection and response to security incidents, and designing a consistent, reasonable information security system, with appropriate intrusion detection and reporting features. The purpose of the course is to provide the student with an overview of the field of information security and assurance. Students will be exposed to the spectrum of security activities, methods, methodologies, and procedures. Coverage will include inspection and protection of information assets, detection of and reaction to threats to information assets, and examination of pre- and post-incident procedures, technical and managerial responses, and an overview of the information security planning and staffing functions.
Course Objectives:
After completing this course the student will be able to:
. Explore the facts and reasons for the need of security
. Describe the security systems development life cycle
. Define an information security strategy and architecture
. Categorize and prioritize information assets
. Classify and prioritize threats to information assets
. Identify, assess, and control risk
. Plan for and respond to intruders in an information system
. Describe legal and public relations implications of security and privacy issues
. Present a disaster recovery plan for recovery of information assets after an incident
After completing this course the student will be able to:
. Explore the facts and reasons for the need of security
. Describe the security systems development life cycle
. Define an information security strategy and architecture
. Categorize and prioritize information assets
. Classify and prioritize threats to information assets
. Identify, assess, and control risk
. Plan for and respond to intruders in an information system
. Describe legal and public relations implications of security and privacy issues
. Present a disaster recovery plan for recovery of information assets after an incident
Course Outline:
. Introduction to Information Security
. Legal, Ethical, and Professional Issues in Information Security
. Risk Management
. Planning for Security
. Security Technology: Firewalls, VPNs, and Wireless
. Security Technology: Intrusion Detection, Access Control, and other Security Tools
. Cryptography
. Physical Security
. Implementing Information Security
. Introduction to Information Security
. Legal, Ethical, and Professional Issues in Information Security
. Risk Management
. Planning for Security
. Security Technology: Firewalls, VPNs, and Wireless
. Security Technology: Intrusion Detection, Access Control, and other Security Tools
. Cryptography
. Physical Security
. Implementing Information Security
Lab:
A practical session with a mini-project will be used as a case study (or a mini-project) using as reference the above course outline.
A practical session with a mini-project will be used as a case study (or a mini-project) using as reference the above course outline.
Textbooks:
[1] Principles of Information Security by Michael E. Whitman and Herbert J. Mattord, 5th ed., Thomson/Cengage Learning, 2014.[PDF]
[2] Mark Stamp (2012): Information Security: Principles and Practice, nd Edition, Wiley-Blackwell.
[1] Principles of Information Security by Michael E. Whitman and Herbert J. Mattord, 5th ed., Thomson/Cengage Learning, 2014.[PDF]
[2] Mark Stamp (2012): Information Security: Principles and Practice, nd Edition, Wiley-Blackwell.
Slides:
- Chapter 1- Introduction to information security [PPT]
- Chapter 2- Threats and Attacks to The organization [PPT]
- Chapter 3- Legal and Ethical Issues [PPT]
- Chapter 4- Risk Management [PPT]
- Chapter 6- Technologies: Firewalls and VPNs [PPT]
- Chapter 7- Technologies: Intrusion Detection System (IDS) [PPT]
- Chapter 8- Cryptography [PPT]
- Chapter 9- Physical Security [PPT]
This comment has been removed by the author.
ReplyDelete