IS 370: Information Security

Course Description:

This course introduces students to the field of information systems security from both managerial and technical perspectives. The topics to be examined include legal and ethical issues in information systems, risk identification and management, security planning, security technology, cryptography, and information system implementation and maintenance. Prerequisite: CS 365. 3:0:3

Learning Outcomes:

Upon completion of this course, the student should possess the following skills:

• Information Security, Planning, Implementation
• • Understand the definition of information security.
  • Discuss the security system development life cycle.
  • Discuss information security policy, standards, and practices.
  • Discuss project management in information security
  • Explain contingency planning, incident response planning, and disaster recovery planning.
  • Discuss information security professional and employment policies
• Risk Management and Information Security Maintenance
• • Identify risks, threats, and attacks.
  • Discuss risk management, risk control, risk assessment, and risk evaluation techniques.
  • Discuss Information Security Maintenance including Security Management Models, and Maintenance Model.
• Security Systems and Technologies
• • Identify and describe various security systems and analysis tools such as Firewall, VPN, Intrusion detection system, honey pots, port scanner, vulnerability scanner, and packet sniffer.
  • Discuss various approaches to access control, such as password and biometric mechanism.
  • Discuss the need for physical security and identify the physical access techniques.
• Cryptography and other Information Security related topics, including but not limited to
• • Describe the significance of cryptography
  • Discuss the role of cryptography in providing confidentiality, authentication, message integrity, and non-repudiation.
  • Discuss the legal, ethical, and professional issues in Information Security.

Teaching Directives:	Linkage to Learning Outcome #:
Homework Assignments:
Assign a sufficient amount of homework such that all of the above objectives are covered.	All
For each homework assignment, include problem-solving questions that require the student to apply the above objectives.	All
For each homework assignment, include short-essay questions that require the student to effective communicate the technical content of the above objectives.	All
For each homework assignment, include short-essay questions that require the student to effective communicate the technical content of the above objectives.	All
For certain homework assignments, include critical-thinking questions that require the student to evaluate and analyze the information security situation, and provide a suitable security solution for the environment.	All
Exams:
Include one or more of: short essay, short answer, multiple choice, multiple answer, mathematical calculation, information security design.	All
Given a problem description, apply an appropriate information security solution.	All

Textbooks

To view the approved textbook list, click here.