Fall                                                                                               1 credit

Dr. Corey Schou or James Frost with V Nestler                     Office location: Bldg 5, Rm. 415

Preferred email: Schou@mentor.net                                        Office Phone: 282-4893

Secondary email: Schou@cob.isu.edu                                    Office hours: By Appointment

Course Description

This course provides students with a security administrator's view of the diverse management concerns associated with administering and operating an automated information system facility with minimized risk. Students will examine both the technical and non-technical security issues associated with managing a computer facility. The technical side of the course is designed to provide in-depth information on the software and hardware components of Information Security and Assurance. Topics covered include: firewall configurations, hardening Unix and NT servers, Web and distributed systems security, and specific implementation of security models and architectures. Non-technical aspects of the course includes an examination of the policies, procedures and staffing functions necessary to organize and administrate ongoing security functions in the organization. Subjects include security practices, security architecture and models, continuity planning and disaster recovery planning.

PREREQUISITES: CIS 411/511, CIS 414/514, CIS 485/585

Targeted Standards

CNSSI 4013 -- Competencies for this course are found on this website. Students may qualify at entry (1-274), intermediate (275-543) and advanced (544-624) levels.

Students should submit the competencies form for evaluation prior to the examinations.

Required Materials

CNNSSI 4013 (available at http://www.nstissc.gov/Assets/pdf/cnssi_4013.pdf)

Course Objectives

As a result of participation if CIS 413, the successful student will be able to

In addition, given various scenarios and typical situations containing information systems security issues, the successful student, depending on prior experience, will be able to

·         Describe and apply the appropriate actions to manage and administer an IS in a secure manner. To be acceptable, the description and application must be in accordance with applicable IA regulations, policies, and guidelines. (Entry Level)

·         Explain and implement the appropriate actions to manage and administer an IS in a secure manner. To be acceptable, the explanation and implementation must be in accordance with applicable IA regulations, policies, and guidelines. (Intermediate Level)

·         Verify that the appropriate actions are implemented to manage and administer an IS in a secure manner. To be acceptable, verification must be in accordance with applicable IA regulations, policies, and guidelines. (Advanced Level)