Course Title:
| Information System Security Mechanisms | |
Course Materials:
|
Johansson, J. M., & Riley, S. (2005). Protect your windows network: From perimeter to data. Upper Saddle River, NJ: Addison-Wesley.
Jones, K. J., Bejtlich, R., & Rose, C. W. (2006). Real digital forensics: Computer security and incident response. Upper Saddle River, NJ: Addison-Wesley. | |
Course Description:
| IFSM 454 Information Security Mechanisms (3) Prerequisite: IFSM 450. Recommended: IFSM 430. A hands-on technical examination of six areas of security vital to any organization: authentication, authorization and access control, confidentiality, availability, data integrity (encryption), and nonrepudiation. Topics include firewalls, intrusion detection systems (IDSs), vulnerability software, Public-Key Infrastructure (PKI), IP security (IPSec), virtual private networks (VPNs), and Web server lockdown procedures. Review also covers the types of attacks often launched on the Internet and how they are performed. Projects include demonstrations of network software used to gain information about a network, perform attacks, and/or prevent attacks. | |
Course Goals/Objectives:
Upon successful completion of this course, the student should understand and be able to apply knowledge concerning:
§ the various security threats to computer networks
§ the methods used to counter these threats
§ the tools and techniques of intrusion detection
§ the tools and techniques of incident response
§ the tools and techniques of computer forensics | |
Course Introduction:
| The considerable publicity given to viruses, worms, trojan horses, identify theft, phishing, pharming, “zombie” computers and attacks out of the internet, not to speak of cyberterorrism, have made everyone aware of the importance of the security of information. This course examines the specific threats to information security in computer networks, the counter measures undertaken, and the procedures to follow in the case of the breach of information security: intrusion detection, incident response, and computer forensics. The orientation is not toward the home user but professional information security as practiced in large businesses and organizations. The coverage of these topics will not at all remain at the level of generalities, but include a detailed and technical study with numerous examples and demonstrations. | |
Grading Information and Criteria:
Final grades will be calculated as follows:
Midterm examination: 35%
Final examination: 35%
Case Studies: 30%
Grading Scale:
A = excellent (90-100)
B = good (80-89)
C = passing (70-79)
D = unsatisfactory (60-69)
F = failure (less than 70) | |
Other Information:
|
The grade of Incomplete is only given in the case of serious personal problems very close to the end of the term or official TDY orders or other documentation of official duties. The University of Maryland University College regulations are strict about the assignment of an Incomplete. Please consult the Undergraduate Catalog for further information on Grading policies.
Late Policy: Assignments must be submitted on time. A penalty of 5% of the total assignment points per day will be imposed for unexcused late delivery.
Writing and Research: Effective writing is critical to the intellectual life of university students and graduates within the workplace. Effective managers are usually effective communicators. Your work in this course must demonstrate your ability to master and effectively communicate course content. Efficient writing:
*Meets the needs of the reader
*Adequately covers the subject
*Uses expected conventions of the format and organizations
*Demonstrates use of credible reasoning and evidence
*Satisfies standards of style and grammatical correctness
*Requires 100% compliance with UMUC's zero-tolerance policy regarding plagiarism. | |
Project Descriptions:
| Project Descriptions go here.... | |
Academic Policies:
| Cases of plagiarism are handled consistent with current UMUC guidelines. See the UMUC policies at the following URL: http://www.umuc.edu/policy/ | |
Course Schedule:
|
CNS = Computer Network Security
RDF = Real Digital Forensics
<B>Session 1: 20 Jan</B>
Network Security, Vulnerabilities, and Cyber Crimes
CNS Chapters 2-6
<B>Session 2: 21 Jan</B>
Access Control, Authentication, Cryptography
CNS Chapters 7-10
<B>Session 3: 3 Feb</B>
Intrusion Detection and Introduction to Forensics
CNS Chapters 11-13
<B>Session 4: 4 Feb</B>
Content Filtering, Security protocols, Wireless Security
CNS Chapters 14-17
<B>Session 5: 17 Feb</B>
Midterm Exam
Digital Forensics: Live Response</B>
RDF Chapters 1-2
<B>Session 6: 18 Feb</B>
Digital Forensics: Network Based Forensics
RDF Chapters 3-5
<B>Session 7: 3 Mar</B>
Forensic Duplications
RDF Chapters 6-9
<B>Session 8: 4 Mar</B>
Forensic Analysis Techniques
RDF Chapters 10-12
Final Exam | |
Search
MyUMUC
WebTycho