| | CIS 411 Intermediate Information Assurance 3 Credits
|
Course Designator |
CIS 411 | | Course Title: |
Intermediate Information Assurance | | Course Length: |
45 contact hours during 15 weeks | | Course Description: |
Focuses on information security, integrity and privacy techniques. Comparison of standards. Implications for electronic commerce and international trade are discussed. | | Prerequisites |
Junior Standing and database course, any law course or CIS 310; or instructor permission | | Course Learning Objective: |
The original McCumber model is used to provide a framework for the student. The student will be able to create a security plan, explain and discuss access control and building secure systems. | |
Major Topics:
|
 |
1. Introduction to Computer Security
|
|
Computer Security definition, laws, historical perspective
|
|
|
|
2. Access Control
Identification and Authentication; Discretionary Access
Control
Mandatory Access Control and Supporting Policies
|
|
|
3. Building Secure Systems
|
|
Design and implementation concepts that support assurance
|
|
|
|
4. Malicious Software and Intrusion Detection
|
|
Trojan horses, viruses, worms, etc.
|
|
|
|
5. Certification and Accreditation, Disaster Planning and Recovery and Risk Analysis
|
|
Certification and accreditation issues
|
|
|
|
6. Basics of Cryptography
|
|
Private key, public key and hashing schemes
|
|
|
|
7. Cryptographic Protocols and Applications
|
|
Cryptographic protocols for providing secrecy, integrity and authentication
|
|
|
|
8. Network Security
|
|
Special considerations, combining access control and cryptography
|
|
|
|
9. Network Security in Today’s Environment
|
|
TCP/IP, Internet and firewalls
|
|
|
|
10. Building Secure Systems II
|
* System evaluation issues
| | Method of Instruction: |
This is a lecture course involving planning and implementation issues associated with Information Assurance. The student will have limited hands on and research activities. The student is required to develop a research paper that is part of the class discussion. | |
Evaluation Methods: |
As an introductory course, the student is evaluated predominantly by examination and by evaluation of a research paper. The examinations cover the fundamental understanding of the vocabulary of Information Assurance. The research paper allows the student to focus on specific issues. | | Student Enrollment: |
| The course materials are keyed directly to NSTISSI 4011
including topics such as Hostile Intelligence Service (HOIS), malicious logic,
hackers, environmental and technological hazards, disgruntled employees,
careless employees, HUMINT, and monitoring |
