CIS 494I:
Introduction to Information Security
Description
An introduction to security of digital information,
including: threats; regulations; vulnerability assessment; attack detection
and response; cryptography; forensics; technical training and certifications.
Level and Credits
-
U 3 (three one-hour lectures)
Prerequisites
-
314 or 321 or AMIS 531; second writing course
Quarters Offered
General Information, Exclusions, etc.
Objectives
Provide students with a high-level understanding
of how information security functions in an organization. Topics
will be both business and technology-centric.
-
Mastery of information security governance, and related legal and regulatory
issues
-
Mastery of understanding external and internal information security threats
to an organization
-
Familiarity with the structure of information security policies, standards,
and guidelines
-
Familiarity with information security awareness and a clear understanding
of its importance
-
Familiarity with how information security threats to an organization are
discovered, analyzed, and dealt with
Texts
Michael
E. Whitman and Herbert J. Mattord, Principles of Information Security,
Thomson/Course Technology, ISBN 0-619-06318-1, 2003.
Christopher
King, Ertem Osmanoglu, Curtis Dalton, Security Architecture: Design,
Deployment and Operations, McGraw-Hill Osborne Media; ISBN: 0072133856;
1st edition (July 30, 2001) (Optional)
Topics
|
Number of Weeks
|
Topics
|
|
1
|
-
Primer on information security and network basics
-
Information Security and its role in an organization
-
Legal and regulatory issues; government homeland security initiatives and
how they impact business and individuals
|
|
1
|
-
Threats
-
Internal -- employees, contractors, third parties
-
External -- criminals, corporate espionage, hackers, cyber warfare, cyber
terrorism
-
The psychology of computer criminals and info-terrorists and associated
ethical issues
|
|
2
|
-
Governance, policies, standards, and guidelines
-
Architecture
-
Awareness
|
|
3.5
|
-
Vulnerability assessment and intrusion detection
-
Malicious code protection
-
Content filtering
-
Internet DMZ and related components
-
Incident response
-
Application security
|
|
1.5
|
|
|
1
|
-
Information security directions
-
Technical training and certifications
-
What's next?
|
Grading Plan
|
Homework Assignments
|
15%
|
|
Paper and Presentation
|
15%
|
|
Participation
|
10%
|
|
Midterm Exam
|
20%
|
|
Final Exam
|
40%
|
Relation to ABET Criterion 3 and CSE Program Objectives
|
Relationship to ABET Criterion 3
|
Relationship to CSE Program Objectives
|
|
a
|
b
|
c
|
d
|
e
|
f
|
g
|
h
|
i
|
j
|
k
|
| |
|
X
|
|
X
|
XX
|
XX
|
XXX
|
XX
|
XXX
|
X
|
|
|
1a
|
1b
|
1c
|
2a
|
2b
|
3a
|
3b
|
3c
|
4a
|
4b
|
| |
|
|
|
X
|
XX
|
X
|
XXX
|
XXX
|
|
|
Preparer
Information and Date: Syllabus prepared by Robert West, Anish Arora,
Dong Xuan and Rajiv Ramnath, 11/02; last modified 5/17/03.