Required Reading: Conference Activity #1

Size: px

Start display at page:

Download "Required Reading: Conference Activity #1"

Richard Tobias Ball
6 years ago
Views:

1 1 Sept 27 - Oct 3 The Vulnerabilities of Information Systems Assess the vulnerabilities of an organization s hardware and software systems, transmission media, local area networks, wide area networks, enterprise networks, Intranets, and its use of the Internet to cyber intrusions. Jessup, L., & Valacich, J. (2008). Information systems today: Managing in the digital world. Chapter 1: Managing the Digital World Jessup, L., & Valacich, J. (2008). Information systems today: Managing in the digital world. Technology Briefing 1: Information Systems Hardware Jessup, L., & Valacich, J. (2008). Information systems today: Managing in the digital world. Technology Briefing 2: Information Systems Software Course Content Module for Week 1 (located under Course Content in the WebTycho classroom) Additional Readings/Materials (available in the Week 1 Conference in WebTycho): Valuing diverse perspectives Deloitte LLP. (2010, February 4). Straight talk on cyber: An introduction to the series. Retrieved March 15, 2010 from: %20security&gclid=CPK4_sP3s6ACFdk55Qodkg9WVQ UMUC. (2009). Open systems interconnection reference model. Retrieved from: Conference Activity #1 The class assesses the uses and functionalities of an organization s hardware and software using an information system framework to determine the vulnerabilities of such systems to cyber intrusions. Complete instructions are posted in the Week 1: The Vulnerabilities of Information Systems conference.

2 2 Oct 4 - Oct 10 The Vulnerabilities of Organizational Networks and the Internet Assess the vulnerabilities of an organization s hardware and software systems, transmission media, local area networks, wide area networks, enterprise networks, Intranets, and its use of the Internet to cyber intrusions. Critical thinking Bidgoli, H. (2006). Internet basics. In H. Bidgoli (Ed.), Handbook of information security, volume 1. New York, NY: John Wiley & Sons, Inc. Jessup, L., & Valacich, J. (2008). Information systems today: Managing in the digital world. Technology Briefing 4: Networking Mateti, P. (2006). TCP/IP suite. In H. Bidgoli (Ed.), Handbook of information security, volume 1. New York, NY: John Wiley & Sons, Inc. Course Content Module for Week 2 (located under Course Content in the WebTycho classroom) Additional Readings/Materials (available in the Week 2 Conference in WebTycho): TCP / IP - An animated discussion. (2007, March 11). Retrieved on March 15, 2010 from: TCP / IP - An animated discussion pt. 2. (2007, March 11). Retrieved on March 15, 2010 from: Conference Activity #2 The class assesses the uses and functionalities of networks to determine the vulnerabilities of such systems to cyber intrusions. Complete instructions are posted in the Week 2: The Vulnerabilities of Organizational Networks and the Internet conference.

3 3 Oct 11 - Oct 17 Information Systems Infrastructure Develop the appropriate technology-based and human-based controls to protect an systems from potential cyber intrusions. Technology fluency Critical thinking Jessup, L., & Valacich, J. (2008). Information systems today: Managing in the digital world. Chapter 4: Managing the Information Systems Infrastructure Course Content Module for Week 3 (located under Course Content in the WebTycho classroom) Additional Readings/Materials (available in the Week 3 Conference in WebTycho): Password Cracking Using Cain & Abel (n.d.) Retrieved March 15, 2010 from: Lab Assignment #1 Introduction to Password Cracking For this lab assignment each student completes an exercise that will cover the fundamentals of password storing, encrypting, and cracking. Each student will gain experience in password cracking and recovery. Complete instructions are posted in the Week 3: Information Systems Infrastructure conference.

4 4 Oct 18 - Oct 24 Secure Information Systems Assess the primary cyber threats to an systems. Competencies: Communication Information literacy/research Jessup, L., & Valacich, J. (2008). Information systems today: Managing in the digital world. Chapter 6: Securing Information Systems Course Content Module for Week 4 (located under Course Content in the WebTycho classroom) Individual Assignment #1 Each student writes a paper on how the information systems infrastructure of the air transportation industry may be secured against cyber attacks. The paper should include at a minimum a description of your proposal, its advantages and disadvantages, and a discussion as to how it could be implemented. Complete instructions are posted in the Week 4: Secure Information Systems conference.

5 5 Oct 25 - Oct 31 Cybersecurity Essentials for IT Managers Assess the primary cyber threats to an systems. Competencies: Critical thinking Communication Caballero, A. (2009). Information security essentials for IT Managers, protecting mission critical systems. In Vacca, J. R. (Ed.), Computer and information security handbook. Boston, MA: Morgan Kaufmann Publishers. Course Content Module for Week 5 (located under Course Content in the WebTycho classroom) Individual Assignment #2 Each student writes a paper that develops an argument for the single most important cybersecurity threat facing IT managers today. The paper should include at a minimum a complete description of the threat, the reasons why it is most important, the impact of this threat on organizations and how organizations can best address its potential impacts. Complete instructions are posted in the Week 5: Cybersecurity Essentials for IT Managers conference.

6 6 Nov 1 - Nov 7 Building a Secure Organization Assess the primary cyber threats to an systems. Competencies: Teambuilding Systems thinking Mallery, J. (2009). Building a secure organization. In Vacca, J. R. (Ed.), Computer and information security handbook. Boston, MA: Morgan Kaufmann Publishers. Pfleeger, C.P., & Pfleeger, S.L. (2007). Security in computing (4th ed.). Chapter 1: Is There a Security Problem in Computing? Course Content Module for Week 6 (located under Course Content in the WebTycho classroom) Additional Readings/Materials (available in the Week 6 Conference in WebTycho): Deloitte LLP (1020, March 01). Cyber crime: A clear & present danger. Retrieved on March 15, 2010 from: %20security&gclid=CPK4_sP3s6ACFdk55Qodkg9WVQ#p/u/6/jSpvmMrCkAo Team Assignment #1 This is the first part of an interactive case study assignment focusing on the Jacket-X Corporation. For this first assignment, each team prepares a written report that assesses the vulnerability of the enterprise network for the Jacket-X Corporation. Complete instructions are posted in the Week 6: Building a Secure Network conference.

7 7 Nov 8 - Nov 14 Preventing Systems Intrusions Develop the appropriate technology-based and human-based controls to protect an systems from potential cyber intrusions. Competencies: Technology fluency Communication West, M. (2009). Preventing system intrusions. In Vacca, J. R. (Ed.), Computer and information security handbook. Boston, MA: Morgan Kaufmann Publishers. Course Content Module for Week 7 (located under Course Content in the WebTycho classroom) Lab Assignment #2 Use of Microsoft Baseline Security Analyzer For this lab assignment, each student uses MSBSA on a desktop set up in the virtual lab. Complete instructions are posted in the Week 7: Presenting Systems Intrusions conference.

8 8 Nov 15 - Nov 21 Guarding Against Network Intrusions Develop the appropriate technology-based and human-based controls to protect an systems from potential cyber intrusions. Problem solving Chen, T., & Walsh, P.J. (2009). Guarding against Network Intrusions. In Vacca, J. R. (Ed.), Computer and information security handbook. Boston, MA: Morgan Kaufmann Publishers. Course Content Module for Week 8 (located under Course Content in the WebTycho classroom) Additional Readings/Materials (available in the Week 8 Conference in WebTycho): MSNetwork Hacking and Security - Understanding IDS (Intrusion Detection System) for Scan. (2009, July 5). Retrieved on March 15, 2010 from: Conference Activity #3 The class discusses the technology-based and human-based measures that can be used to protect an organization s networks from cyber intrusions. The discussion of each measure should include a summary of the advantages and disadvantages of each measure, how each measure could be implemented in organizations, and the security management issues associated with each measure. The class then ranks the different measures from most effective to least effective. Complete instructions are posted in the Week 8: Guarding Against Network Intrusions conference.

9 9 Nov 22 - Nov 28 Operating System Security Develop the appropriate technology-based and human-based controls to protect an systems from potential cyber intrusions. Valuing diverse perspectives Pfleeger, C.P., & Pfleeger, S.L. (2007). Security in computing (4th ed.). Chapter 5: Designing Trusted Operating Systems. Schultz, E.E. (2006). Windows 2000 security. In H. Bidgoli (Ed.), Handbook of information security, volume 2. New York, NY: John Wiley & Sons, Inc. Stallings, W. (2006). Operating system security. In H. Bidgoli (Ed.), Handbook of information security, volume 2. New York, NY: John Wiley & Sons, Inc. Course Content Module for Week 9 (located under Course Content in the WebTycho classroom) Conference Activity #4 This assignment is the second part of the Jacket-X Corporation case study. For this assignment the class discusses enterprise-wide security management policies and procedures for the Jacket-X Corporation. Complete instructions are posted in the Week 9: Operating Systems Security conference.

10 10 Nov 29 - Dec 5 Local Area Network Security Develop the appropriate technology-based and human-based controls to protect an systems from potential cyber intrusions. Problem solving Pandya, P. (2009). Local area network security. In Vacca, J. R. (Ed.), Computer and information security handbook. Boston, MA: Morgan Kaufmann Publishers. Course Content Module for Week 10 (located under Course Content in the WebTycho classroom) Conference Activity #5 The class discusses the technology-based and human-based countermeasures that can be used to protect an organization s local area network. The discussion of each measure should include a summary of the advantages and disadvantages of each countermeasure, how each countermeasure could be implemented in organizations, and the security management issues associated with each measure. The class then ranks the different measures from most effective to least effective. Complete instructions are posted in the Week 10: Local Area Network Security conference.

11 11 Dec 6 - Dec 12 Internet and Intranet Security Develop the appropriate technology-based and human-based controls to protect an systems from potential cyber intrusions. Problem solving Mansoor, B. (2009). Intranet security. In Vacca, J. R. (Ed.), Computer and information security handbook. Boston, MA: Morgan Kaufmann Publishers. Walker, J. (2009). Internet security. In Vacca, J. R. (Ed.), Computer and information security handbook. Boston, MA: Morgan Kaufmann Publishers. Course Content Module for Week 11 (located under Course Content in the WebTycho classroom) Conference Activity #6 The class discusses the technology-based and human-based measures that can be used to protect an organization s intranets and its access to the Internet. The discussion of each safeguard should include a summary of the advantages and disadvantages of each safeguard, how each safeguard should be implemented in organizations, and the security management issues associated with safeguard. The class then ranks the different safeguards from the most effective to the least effective. Complete instructions are posted in the Week 11: Internet and Intranet Security conference.

12 12 Dec 13 - Dec 18 Identity Management and Homeland Security Formulate strategies to protect an organization s mission-critical information systems from potential cyber intrusions. Competencies: Decision making Teambuilding Bhaskar, R., & Kapoor, B. (2009). Homeland security. In Vacca, J. R. (Ed.), Computer and information security handbook. Boston, MA: Morgan Kaufmann Publishers. Seigneur, J-M., & Malika, T.E. (2009). Identity management. In Vacca, J. R. (Ed.), Computer and information security handbook. Boston, MA: Morgan Kaufmann Publishers. Course Content Module for Week 12 (located under Course Content in the WebTycho classroom) Additional Readings/Materials (available in the Week 12 Conference in WebTycho): Polycn, S., & Garcia, D. (n.d.). Identity theft for criminals. Retrieved on March 15, 2010 from: Team Assignment #2 This assignment is the third part of the Jacket-X Corporation case study. For this assignment each team prepares a presentation that presents the team s recommendations for enterprise-wide security management policies and procedures for the Jacket-X Corporation. Complete instructions are posted in the Week 12: Identity Management and Homeland Security conference.

Improving SCADA System Security

Improving SCADA System Security NPCC 2004 General Meeting Robert W. Hoffman Manager, Cyber Security Research Department Infrastructure Assurance and Defense Systems National Security Division, INEEL September