CS 410 Top: Information Security Assurance
| Credit Hours: | 4 |
| Course Coordinator: | N/A |
| Course Description: | This course provides students an understanding of the lifecycle of Information Security Assurance. Information security assurance is the process of protecting and defending information by ensuring its confidentiality, integrity and availability.
Most organizations depend on information for their business processes to operate effectively. Information can take various forms including personal information on laptop computers, sales data in corporate databases or company product data in research laboratory computers. Significant advances continue to be made in the storage, analysis, processing and transmission of critical information. More and more information is being shared with trading partners, customers, and employees. If this information is compromised, it could end up in the wrong hands and cause undue damage to a company's reputation or hurt its competitive position in the marketplace. Additionally, with the advent of legislation such as HIPAA, GLBA, and SARBOX companies are investing more and more resources in the management of the risk associated with unauthorized disclosure of proprietary information or downtime associated with virus or denial of service attacks.
Sudents attending this class can expect to leave with a good understanding of the major elements of Information Security Assurance including risk management, policy development, authentication/authorization, network security, applicaiton security, and security operations in an enterprise context. Recent security related legislation will be covered in the class and there will be one or two guest lectures presented by personnel managing information security for their organizations.
Grading:
Quizzes and exams are closed book and in class. They are comprehensive. There will probably be two exams - midterm and final, each worth 100 points. There may also be surprise quizzes worth 50 points each.
There will be projects assigned to teams of students. The number of students in a team will depend on the number of students signing up for the class. It can vary from 1-4. Each team will be assigned a topic in security. The team must research the topic and present the best practices on that topic in class as well as submit a short report on their findings. This presentation and report will be worth 100 points. |
| Prerequisites: | * Graduate student or senior standing for undergraduate students.
* Previous programming experience with "C" and/or Java programming languages.
*Knowledge of basic TCP/IP networking, operating systems, and database systems.
* CS 333 and CS 494
* Desire and enthusiasm to learn about the challenges of managing information security for an organizaiton. |
| Goals: | |
| Textbooks: | 1. Information Assurance - Managing Organizational IT Security Risks by Joseph G. Boyce and Dan W. Jennings. Published by Elsevier Science, ISBN 0-7506-7327-3.
This book offers good coverage of the basics of information assurance including basic security concepts, policies, architecture, administration, user education, training and awareness and incident response.
2. Network Security - The Complete Reference by Roberta Bragg, Mark Rhodes-Ousley and Keith Strassberg, ISBN 0-07-22697-8.
This book covers more of the technical detail. It covers a number of detailed areas in network security, operating systems security and application layer security. |
| References: | |
| Major Topics: | |
| Laboratory Exercises: | |
| CAC Category Credits |
Core | | Advanced |
| Data Structures |
| |
| Algorithms |
| |
| Software Design |
| |
| Computer Architecture |
| |
| Programming Languages |
| |
| Oral and Written Communications: | |
| Social and Ethical Issues: | |
| Theoretical Content: | |
| Problem Analysis: | |
| Solution Design: | |
|
