...Technical Institute IT255 Introduction to Information Systems Security Onsite Course SYLLABUS Credit hours: 4 Contact/Instructional hours: 50 (30 Theory Hours, 20 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security Capstone Project 400 Level IS404 Access Control, Authentication & KPI IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications IS418 Securing Linux Platforms & Applications IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications 300...
Words: 4114 - Pages: 17
...Systems Security [Onsite] Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Credit hours: 4 Contact hours: 50 (30 Theory Hours, 20 Lab Hours) Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security 400 Level Capstone Project IS418 IS404 Access Control, Authentication & KPI IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications Securing Linux Platforms & Applications 300 Level IS305 Managing Risk in Information Systems IS308 Security Strategies...
Words: 4296 - Pages: 18
...IS4550 Security Policies and Implementation INSTRUCTOR GUIDE Course Revision Table Change Date | Updated Section | Change Description | Change Rationale | Implementation Quarter | 12/20/2011 | All | New curriculum | | June 2012 | | | | | | | | | | | | | | | | | | | | | | | | | | ------------------------------------------------- ------------------------------------------------- Credit hours: 4.5 Contact/Instructional hours: 60 (30 Theory, 30 Lab) Prerequisite: IS3110 Risk Management in Information Technology Security or equivalent Corequisite: None Table of Contents Course Overview 5 Course Summary 5 Critical Considerations 5 Instructional Resources 6 Required Resources 6 Additional Resources 6 Course Management 8 Technical Requirements 8 Test Administration and Processing 8 Replacement of Learning Assignments 9 Communication and Student Support 9 Academic Integrity 10 Grading 11 Course Delivery 13 Instructional Approach 13 Methodology 13 Facilitation Strategies 14 Unit Plans 15 Unit 1: Information Security Policy Management 15 Unit 2: Risk Mitigation and Business Support Processes 25 Unit 3: Policies, Standards, Procedures, and Guidelines 33 Unit 4: Information Systems Security Policy Framework 42 Unit 5: User Policies 50 Unit 6: IT Infrastructure Security Policies 58 Unit 7: Risk Management 66 Unit 8: Incident Response Team Policies 74 Unit 9: Implementing...
Words: 18421 - Pages: 74
...Technical Institute IS3340 Windows Security Onsite Course SYLLABUS Credit hours: 4.5 Contact/Instructional hours: 60 (30 Theory Hours, 30 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisite: NT2580 Introduction to Information Security or equivalent Course Description: This course examines security implementations for a variety of Windows platforms and applications. Areas of study include analysis of the security architecture of Windows systems. Students will identify and examine security risks and apply tools and methods to address security issues in the Windows environment. Windows Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA NT2580 NT2670 Introduction to Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to Security Auditing for Compliance Countermeasures Information Security Email and Web Services NT1230 NT1330 Client-Server Client-Server Networking I Networking II IS3230 IS3350 NT1230 NT1330 Issues Client-Server Client-Server SecurityContext in Legal Access Security Networking I Networking II NT1110 ...
Words: 2305 - Pages: 10
...Unit Plans Unit 1: Information Systems Security Fundamentals Learning Objective Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts Confidentiality, integrity, and availability (CIA) concepts Layered security solutions implemented for the seven domains of a typical IT infrastructure Common threats for each of the seven domains IT security policy framework Impact of data classification standard on the seven domains Reading Kim and Solomon, Chapter 1: Information Systems Security. Keywords Use the following keywords to search for additional materials to support your work: Data Classification Standard Information System Information Systems Security Layered Security Solution Policy Framework ------------------------------------------------- Week 1 Assignment (See Below) * Match Risks/Threats to Solutions * Impact of a Data Classification Standard Lab * Perform Reconnaissance & Probing Using ZenMap GUI (Nmap) * Page 7-14 in lab book. Project (See Below) * Project Part 1. Multi-Layered Security Plan ------------------------------------------------- Unit 1 Assignment 1: Match Risks/Threats to Solutions Learning Objectives and Outcomes You will learn how to match common risks or threats within the seven domains of a typical IT infrastructure with solutions and preventative actions...
Words: 1409 - Pages: 6
...ITT TECHNICAL INSTITUTE NT1310 Physical Networking GRADED ASSIGNMENTS ------------------------------------------------- Student Professional Experience Project NSA SPE Project 1 (to be completed by the end of NT1310): Install, Configure, Test, Maintain and/or Document the Worksite Local Area Network and Its Components Purpose The purpose of the Student Professional Experience (SPE) project is to provide you an opportunity for work experience in your field or in a related field to add to your résumé. You may have an opportunity to serve your community or work for a local employer for a project that will take between 20 and 30 hours. Project Logistics Career Services will identify an employer with needs in the following areas: Network related tasks (mostly confined to the LAN and Microsoft Windows Server 2008 environments) Students are expected to practice various skills discussed in all the technical courses in Quarters 1 through 3 of the NSA program at an employer’s site on network related tasks (more confined to the LAN and Microsoft Windows Networking with Server 2008 environments) that would involve installation, configuration, testing, maintenance and documentation of the worksite network and its components, and to properly document the technical information in all involved activities. Such documentation will be used as the source material for Items 2 and 3 defined in the Deliverables section of this document. Possible example projects could...
Words: 6762 - Pages: 28
...CIS4361C IT Security Course Syllabus Version 1 FALL 2015 Course Description This course introduces students to information security. Security often involves social and organizational skills as well as technical understanding. In order to solve the practical security problems, we must balance real-world risks and rewards against the cost and bother of available security techniques. During this course we will use continuous process improvement to investigate these elements. Security is a very broad field. Some people may excel in the technical aspects, while others may do better in more social or process-oriented aspects. Others will successfully succeed between these poles. This course applies to all students, and help you find where you will excel. To learn a solid understanding of security technology, look must look closely at the underlying strengths and weakness of information technology itself. This requires particularly in cryptography (diagram or in mathematical notation). The book will use both, but is bias toward diagrams. Prerequisites COP2253 Java Programming or COP2830 Script Programming Student Learning Outcomes Upon completion of this course, students will be able to: * Describe the common treats of information and communication systems * Identify safeguards for securing data and systems * Gather and analyze digital evidence after a security breach * Develop an IT security program based upon a risk assessment Course Objectives ...
Words: 1802 - Pages: 8
... |[pic]www.csudh.edu | | |[pic] | |[pic] |College of Natural and Behavioral Sciences | | |Department of Computer Science | | |http://csc.csudh.edu | |Course Title: |Communication Systems Security | |Course Number: |CTC 362 | |Instructor Name: | Mehrdad S. sharbaf, ph.d. msharbaf@csudh.edu, Office: tba, phone: tba, office Hours: tba | |Date: |Spring Semester, 2016 | |Course Length: |_15_ Weeks | |Web Companion |N/A ...
Words: 1433 - Pages: 6
...Unit 3 Assignment Instructions: Download this document to your computer before filling it out. Each of the responses below should be appropriately filled in and the document saved again before submitting to the Unit 3 Dropbox. Be certain to answer each question completely. Unit 3 Assignment Outcomes addressed in this activity • Describe the origin of the internet • Explain various multimedia files found on the Web • Discuss how to search the internet effectively Course Outcomes practiced in this unit: IT190-2: Describe the basic components of a computer network. GEL-7.1: Identify the ethical issues within the field of study. Do not forget, whenever you look up information, you need to cite your sources! Please copy and paste the full URL of any website you use in researching your answers to the following questions. If you use your book, please place the page number from your book in parentheses next to the answer. Unit 3 is a Master Learning Unit. A Master Learning Unit presents an opportunity for you to grow and improve as a student. In order to qualify for Master Unit Grading you must: • Respond to all questions • Make a determined first attempt • Cite your responses • Submit your assignment on time If you meet the above criteria, your instructor will grade your assignment if it meets mastery level. However, if your assignment does not meet mastery level standards, your grade will be withheld and you will...
Words: 1405 - Pages: 6
...Running Head: UNIT 1 ASSIGNMENT Unit 1 - Information Security Policy Regina Sykes Kaplan University Abstract ------------------------------------------------- This paper will provide information on the purpose of a security policy and components of a security policy. Additionally, this paper contains information on a specific organization and the unique important items the organization choose to establish security policies around. Lastly, this paper provides information around the major areas of concern, missing or incomplete information in the policy and areas that are ill-advised in an identified organization’s security policy. Unit 1 - Information Security Policy Introduction Many organizations rely on the use of networks and computers to manage the business. Along with the use of networks and computers to manage the business there is also the need to establish a plan to secure the technology both the network and computers . A security policy is the plan developed with instructions from senior leadership instructing decision makers in the organization on how to protect the organization’s assets (Mattord & Whitman, 2012). There are various components of a security policy which include, statement of policy, equipment usage and access control, prohibited uses regarding equipment, who manages the systems, policies around violations of the policy, modifications and review section and lastly, limits of liability (Mattord & Whitman, 2012). Part 1 Wells...
Words: 2121 - Pages: 9
...Objectives and Assignments Week 7 Instructor: Thomas W. Chappell, PhD. Office Hours (For appointments): Monday, Tuesday, Wednesday, Thursday 3:30 – 6:00 PM Objectives: Complete current week’s assignments submissions Important Notes: Attendance in class is critical to your accomplishments Missing class is missing valuable information that will help you succeed and accomplish your goals Please attend every class for success in your field! Grading Policy: * Please read the last page of your syllabus which will be covered in week one. * Missing labs will be made up at 80% after the first week, 70% the after the second week and 0% the third week. * Quizzes will not be made up. * Students can potentially be dropped by the Dean of Academic Affairs after missing 4 or 5 cumulative classes. * Students who miss three consecutive class will be dropped by the Dean of Academic Affairs * Assignments and Labs will be counted at 0% after three weeks. Course Objectives Covered by This Unit * CO1 Identify the major needs and stakeholders for computer networks and network applications * CO2 Identify the classifications of networks and how they are applied to various types of enterprises * CO3 Compare and contrast the OSI and TCP/IP models and their applications to actual networks * CO4 Explain the functionality and use of typical network protocols * CO5 Analyze...
Words: 799 - Pages: 4
...Application Services and Security Course Revision Table Footer Date: 09/30/07 10/10/07 Section: All All Reason for Change: New Curriculum QA Edits Implementation Date: December 2007 December 2007 © ITT Educational Services, Inc. Date: 10/10/07 Exams & Answer Keys [Exam I —Unit 6] DATE: ________________________________ STUDENT NAME: ________________________________ COURSE NUMBER: ________________________________ INSTRUCTOR: ________________________________ ITT COLLEGE: ________________________________ General Instructions: 1. This is a closed-book, closed-notes Exam. No reference material (including assignments and lab) will be permitted for use during the exam session. 2. The exam contains true/false and multiple choice types of questions. 3. Please use the separate answer sheet provided to you for marking your answers. 4. Each question is worth two points. Good luck! © ITT Educational Services, Inc. Date: 10/10/07 Exams & Answer Keys 1. The most common cause of security breaches is ______. a. no alarm system b. weak passwords c. untrained security guards d. poor perimeter lighting 2. Windows Server administrators should not use the Administrator account for everyday activity. They should use the ________ command, only when performing administrative functions. a. super user b. run as c. task manager d. power user 3. For organizations with wireless networks, deployment of ________ is necessary to vastly increase the security of the wireless access...
Words: 3277 - Pages: 14
...3110 Unit 2 Assignment 1 12/15/2014 PCI DSS and the Seven Domains YieldMore YieldMore has a network needing to configure its current configuration and policy to meet PCI DSS standards which can be found at: https://www.pcisecuritystandards.org/security_standards/documents.php?agreements=pcidss&association=pcidss In order to be in compliance a basic compliance plan has been created to ensure YieldMore and customer data in the reconfiguration will be met. Software and hardware used will be checked to PCI DSS database to ensure compliance. The network plan will be required to meet these minimum requirements before compliance assessment test will be made. *Note: If third party is to host the payment process and procedure. They will be responsible to uphold the PCI DSS standards, they will be held liable if failure to maintain compliance. Build and Maintain a Secure Network Requirement 1: Install and maintain a firewall -In reference to previous network plan U1A1 a firewall will be in place in the LAN/WAN Domain & System/Application Domain to protect internal network from potential external threats. Requirement 2: Do not use defaults, such as default password -In reference to previous network plan U1A1 GPO and AD will be created and upheld for the internal network. GPO will be in place to provide username and password security policy for external network users. (System/Application Domain) Protect Cardholder Data Requirement 3: Protect stored data -Policy will...
Words: 572 - Pages: 3
...Lab #10 Securing the Network with an Intrusion Detection System (IDS) Introduction Nearly every day there are reports of information security breaches and resulting monetary losses in the news. Businesses and governments have increased their security budgets and undertaken measures to minimize the loss from security breaches. While cyberlaws act as a broad deterrent, internal controls are needed to secure networks from malicious activity. Internal controls traditionally fall into two major categories: prevention and detection. Intrusion prevention systems (IPS) block the IP traffic based on the filtering criteria that the information systems security practitioner must configure. Typically, the LAN-to-WAN domain and Internet ingress/egress point is the primary location for IPS devices. Second to that would be internal networks that have or require the highest level of security and protection from unauthorized access. If you can prevent the IP packets from entering the network or LAN segment, then a remote attacker can’t do any damage. A host-based intrusion detection system (IDS) is installed on a host machine, such as a server, and monitors traffic to and from the server and other items on the system. A network-based IDS deals with traffic to and from the network and does not have access to directly interface with the host. Intrusion detection systems are alert-driven, but they require the information systems security practitioner to configure them properly. An IDS provides...
Words: 3209 - Pages: 13
...Business and Public Administration CIS375-01: Data Communications Spring 2015 Section 01: Monday/Wednesday, 1:00-2:15 PM; Classroom: SAC-2103 Instructor Name: Christian Ogwo Office: SAC 2103 Phone: 213-446-8172 Email: cogwo@csudh.edu Website: Office Hours Mon. 2:15 – 3:15 p.m., Wed. 6:00 – 7:00 p.m. Course Description and Prerequisites Course Description: History and trends of hardware/software for telecommunications; asynchronous and synchronous protocols; codes; case studies of current commercial applications; distributed processing; carriers, services and regulatory agencies; standards; error management; reliability; design and tuning of networks; security. Prerequisites: CIS 370 Textbooks and Other Materials Required: Business Data Communications and Networking, Eleventh Edition, by J. FitzGerald and A. Dennis (ISBN: 978-1118-086834) Recommended: Network Fundamentals, CCNA Exploration Companion Guide, 1st edition, by Mark Dye, Rick McDonald, Antoon Rufi, Publisher: Cisco Press. ISBN-10: 1-58713-208-7; ISBN-13: 978-1-58713-208-7; Published: Oct 29, 2007. Network Fundamentals, CCNA Exploration Labs and Study Guide, 1st edition, by Antoon Rufi, Priscilla Oppenheimer, Belle Woodward, Gerlinde Brady. Publisher: Cisco Press. ISBN-10: 1-58713-203-6; ISBN-13: 978-1-58713-203-2; Published: Jan 18, 2008 Supplemental Materials: CCNA Exploration Course Materials, provided...
Words: 1655 - Pages: 7