Course Syllabus

College of Information Systems & Technology CMGT/441 Introduction to Information Systems Security Management
Copyright 2010, 2009 by University of Phoenix. All rights reserved.

Course Description This course introduces security principles and management issues that IT professionals must consider. The course surveys current and emerging security practices and processes as they relate to; information system, systems development, operating systems and programming, database development and management, networking and telecommunications, and the Internet. Policies Faculty and students/learners will be held responsible for understanding and adhering to all policies contained within the following two documents: University policies: You must be logged into the student website to view this document. Instructor policies: This document is posted in the Course Materials forum.

University policies are subject to change. Be sure to read the policies at the beginning of each class. Policies may be slightly different depending on the modality in which you attend class. If you have recently changed modalities, read the policies governing your current class modality. Course Materials Stallings, W., & Brown, L. (2008). Computer security principles and practice. Pearson Education, Inc. Article References Ainsworth, M. (2009). The business continuity planning process. Faulkner Information Services, 1-15. Barr, J. G. (2010). Business continuity for web sites. Faulkner Information Services, 1-9. Green, J. (2010). Identity management market trends. Faulkner Information Services, 1-10. Shaw, R. (2009). Intrusion prevention systems market trends. Faulkner Information Services, 1-8. Spring, K. (2008). IBM tivoli security event management. Faulkner Information Services, 1-9. Barr, J. G. (2009). Managing RFID data. Faulkner Information Services, 1-9. Walli, B. (2009). Common criteria overview. Faulkner Information Services, 1-10. Barr, J. G. (2010). Risk management software market trends. Faulkner Information Services, 1-9. Barr, J. G. (2011). Biometrics market trends. Faulkner Information Services, 1-7. All electronic materials are available on the student website.

Week One: IT Security Overview

Details
Objectives 1.1 Recognize the importance of IT security implementation. 1.2 Identify major security issues associated with physical and operating system security. 1.3 Describe basic advantages and disadvantages among the various security implementations. Read the course description and objectives. Review the Learning Team Toolkit. NOTE: TestOut LabSims are available for this course. See Week One, Course Materials Page. Read Ch. 1, Overview, of Computer Security Principles and Practice. Read Ch. 2, Cryptographic Tools, of Computer Security Principles and Practice. Read Ch. 3, User Authentication, of Computer Security Principles and Practice. Read Ch. 4, Access Control, of Computer Security Principles and Practice. Read Ch. 5, Database Security, of Computer Security Principles and Practice. Read the Week One Read Me First. Read this weeks Electronic Reserve Readings. Participate in class discussion. Respond to weekly discussion questions. Complete the Learning Team Charter. The Learning Team project for this course, due in Week Five, is in the form of a Service Request from Riordan Manufacturing. It will be necessary for the Learning Team to access Service Request: SRrm-013, Information Systems Security Review.

Due

Points

Course Preparation

Readings

Participation Discussion Questions Learning Team Instructions

2 3

Week Two: Computer and Network Security Issues and Considerations

Details
Objectives 2.1 Recognize major elements of network and workstation security. 2.2 Recall methods of securing networks and workstations. 2.3 Give examples of various security methodologies. Read Ch. 6, Intrusion Detection, of Computer Security Principles and Practice. Read Ch. 7, Malicious Software, of Computer Security Principles and Practice. Read Ch. 8, Denial of Service, of Computer Security Principles and Practice.

Due

Points

Readings

Read Ch. 9, Firewalls and Intrusion Prevention Systems, of Computer Security Principles and Practice. Read Ch. 10, Trusted Computing and Multilevel Security, of Computer Security Principles and Practice. Read the Week Two Read Me First. Read this weeks Electronic Reserve Readings. Participation Discussion Questions Learning Team Instructions Individual Participate in class discussion. Respond to weekly discussion questions. Draft a 2-3 page description of the physical and network security issues and concerns at each Riordan plant. Using various Internet sources, find an article or website on an information security topic that is of interest to you. Prepare a 1-2 page paper evaluating the article or website. 7/18/11 7/18/11 2 3 5 15

Week Three: Data Security Issues and Considerations

Details
Objectives 3.1 Identify components of data security. 3.2 Distinguish the differences among the various data security methodologies. 3.3 Begin to apply data security methodologies in situational cases. Read Ch. 11, Buffer Overflow, of Computer Security Principles and Practice. Read Ch. 12, Software Security, of Computer Security Principles and Practice. Read Ch. 19, Symmetric Encryption and Message Confidentiality, of Computer Security Principles and Practice. Read Ch. 20, Public-key Cryptography and Message Authentication, of Computer Security Principles and Practice. Read the Week Three Read Me First. Read this weeks Electronic Reserve Readings. Participate in class discussion. Respond to weekly discussion questions. Draft a 2-3 page description on the data security issues and concerns present at each Riordan plant. Using various Internet sources, find an article or website on attack prevention. Prepare a 2-3 page paper evaluating the article and information provided. 7/25/11 7/25/11 2 3 5 15

Due

Points

Readings

Participation Discussion Questions Learning Team Instructions Individual

Week Four: Web Security Issues and Concerns

Details
Objectives 4.1 Identify components of web security. 4.2 Distinguish the differences among the various web security methodologies. 4.3 Begin to apply web security methodologies in situational cases. Read Ch. 21, Internet Security Protocols and Standards, of Computer Security Principles and Practice. Read Ch. 22, Internet Authentication Applications, of Computer Security Principles and Practice. Read Ch. 23, Operating System Security, of Computer Security Principles and Practice. Read Ch. 24, Windows and Windows Vista Security, of Computer Security Principles and Practice. Read the Week Four Read Me First. Read this weeks Electronic Reserve Readings. Participate in class discussion. Respond to weekly discussion questions. Draft a 2-3 page description on the web security issues and concerns present at each Riordan plant. Create and submit a 2-3 page security policy for McBride Financial Services, located in the Virtual Organizations. Develop a policy based on perceived needs associated within the loan department and issues in implementing online loan applications. 8/1/11 8/1/11 2 3 5 15

Due

Points

Readings

Participation Discussion Questions Learning Team Instructions Individual

Week Five: Organization Security Issues and Concerns

Details
Objectives 5.1 Comprehend organizational security issues and concerns. 5.2 Comprehend needs for risk management and corporate planning and analysis. 5.3 Apply data security methodologies in situational cases. 5.4 Solve data security issues with proper application of the various methodologies. Read Ch. 13, Physical and Infrastructure Security, of Computer Security Principles and Practice. Read Ch. 14, Human Factors, of Computer Security Principles and Practice. Read Ch. 15, Security Auditing, of Computer Security Principles and Practice. Read Ch. 16, IT Security Management and Risk Assessment, of

Due

Points

Readings

Computer Security Principles and Practice. Read Ch. 17, IT Security Controls, Plans and Procedures, of Computer Security Principles and Practice. Read Ch. 18, Legal and Ethical Aspects, of Computer Security Principles and Practice. Read the Week Five Read Me First. Read this weeks Electronic Reserve Readings. Participation Discussion Questions Learning Team SR-rm-013 Project Learning Team SR-rm-013 Presentation Participate in class discussion. Respond to weekly discussion questions. Finalize and submit an 8-10 page Learning Team paper. Prepare a Microsoft PowerPoint presentation. 8/8/11 8/8/11 2 3 10 5