ITSY 1342 - Information Technology Security Course Syllabus Spring 2018 Instructor Course Reference Number (CRN) Course Description: Name: Fidelis Ngang Tel: 713-718-5552 Office: Spring Branch, Room 900L Email: fidelis.ngang@hccs.edu Website: https://learning.hccs.edu/faculty/fidelis.ngang 40185 Course Level Beginning This course offers a comprehensive guide for anyone wishing to take the CompTIA Security+ SY0-401 Certification Exam. It provides an introduction to the fundamentals of network security, including compliance and operational security; threats and vulnerabilities; application, data, and host security; access control and identity management; and cryptography. The course covers new topics in network security as well, including psychological approaches to social engineering attacks, Web application attacks, penetration testing, data loss prevention, cloud computing security, and application programming development security. Students will also engage in activities that link to NSA s Knowledge units and learning outcomes for CAE2Y institutions. Course Prerequisite(s) Must be at college-level skills in reading, writing, and mathematics. Completion of ITNW 1425 - Networking Fundamentals & ITMT 1370 - Microsoft Windows Client Operating System courses preferred. Course Semester Credit Hours (SCH) (Lecture, Lab) Credit Hours 3.0 (Lecture 2, Lab 4) Course Location/Times Spring Branch Rm 117 Tuesday, 6:00-9:50 PM Total Course Contact Hours 96 Computer Science Technology Department Page 1 of 6
Instructional Materials (Textbook) CompTIA Security+ Guide to Network Security Fundamentals (with CertBlaster Printed Access Card), 5th Edition Mark Ciampa ISBN-10: 1-305-09391-7 ISBN-13: 978-1-305-09391-1 Instructional Methods (select one) Face to Face Type of Instruction (Lecture, Lecture/Lab, COOP, Practicum Lecture/Lab, Course Length (number of weeks) 16 Weeks Important Notices: 1. Any student who faces challenges securing their food or housing and believes this may affect their performance in the course is urged to contact the Dean of Students for support. Furthermore, please notify the professor if you are comfortable in doing so. 2. At HCC the safety of our students, staff, and faculty is our first priority. As of August 1, 2017, Houston Community College is subject to the Campus Carry Law (SB11 2015). For more information, visit the HCC Campus Carry web page at http://www.hccs.edu/district/departments/police/campus-carry/. Course Requirement, Policy, and Course Calendar Instructor's Requirements Attendance: Attendance will be taken at the beginning of the class period. If you are late for a class, it is your responsibility to advise me at the end of the class that you were present. Failure to do so on the day in question will result in you being marked absent for that class. Tardiness: Class will start on time, i.e. at 6:00pm every day. It will be greatly appreciated if students arrive in the classroom at least 5 minutes before class start time. It is the student s responsibility to arrive on time for lecture and all examinations. A student who arrives late for an exam will not be allowed additional time to complete the exam. Two tardies or leave-earlies will be counted as an absence. Five absences MAY be cause for dropping a student from the class. Tardy is defined as arriving after I start the class. Please do not disrupt class by coming in late. Important Note: In the Standard Department Syllabus Section, under the Attendance and Withdrawal subsection, it is clearly stated that You may be dropped after missing 12.5% of a class. 12.5% of 96 hours is equal to 12 hours. Three absences (3 x 4 = 12) is equal to 12 missed hours, therefore a student with three absences has Computer Science Technology Department Page 2 of 6
already missed up to 12.5% of this class. Make-up Policy: You are expected to take each of the four exams on the scheduled days. Make-up exams are not guaranteed, but are granted at my discretion. If make-up exams are allowed, it is necessary to make arrangements with me prior to exam date. EXAMS (except Midterm and Final Exams) may be made up only with prior approval of instructor and an acceptable, documented excuse. Late Assignments Policy: Homework assignments will be turned in at the beginning of class on the day that the homework assignment is due. Late assignments will be accepted only with prior approval of instructor and an acceptable, documented excuse. Class rules: We will as a class, be expected to abide by the following rules: Please: 1) Turn OFF your cell phones or, at a minimum, put them on silent mode! 2) Do not use the Internet during lectures or lab times unless specifically requested to locate some information. 3) Do not play games (computer or otherwise) during lecture or lab times. 4) Students may not do their class work or homework while I am lecturing. 5) Note: violations of the above rules may result in student being invited to leave and not be allowed to return without a note from the course s chair-person, saying that no further infractions will occur. 6) All work turned in is to be computer printed with appropriate headings (name, course info, assignment number and date). Course Requirements and Expectations: All students are required to have the prescribed textbooks and lab manuals for this course by the first day of class. Please see Catalog Description and Textbook link below. I expect all students to do well in this class, and we all know that success is achieved through hard work, dedication and commitment. My expectations are high for every student. Other Information: As an encouragement for students to go attempt the industry certification exam, a student who passes the CompTIA certification examination (Security+) during the course of the semester, will automatically earn a score of 100 on the final exam, and will also automatically make an A on the course itself. Instructor Grading Criteria Final Grade Determination Class attendance and Discussions 20% Chapter Quizzes 20% Labs 20% Midterm Examination 20% Final examination 20% Total 100% Course Calendar Date January 16 January 23 January 30 February 6 February 13 February 20 February 27 Learning Module (Lesson) Introduction to the Course Chapter 1: Introduction to Security Chapter 1: Introduction to Security (cont d) Chapter 2: Malware and Social Engineering Attacks Chapter 3: Application and Networking-Based Attacks Chapter 4: Host, Application, and Data Security Chapter 5: Basic Cryptography Chapter 6: Advanced Cryptography Computer Science Technology Department Page 3 of 6
March 6 Chapter 7: Network Security Fundamentals March 13 Midterm Exam (1-7) March 11 March 17 SPRING BREAK March 20 Chapter 8: Administering a Secure Network March 27 Chapter 9: Wireless Network Security April 3 Chapter 10: Mobile Device Security April 10 Chapter 11: Access Control Fundamentals April 17 Chapter 12: Authentication and Account Management April 24 Chapter 13: Business Continuity May 1 Chapter 14: Risk Mitigation May 8 Final Exam (8-15) Chapter 15: Vulnerability Assessment Learning Objective, Students Learning Outcome, and Program Spec Note: This section of the syllabus provides the general course learning objectives, the expected students learning outcome, the course scope in terms of the department program, and the instrument used to evaluate the course. If you have any question, contact the instructor or the department. HCC Grading Scale Grade GPA Points A = 100-90 4 points per semester hour B = 89-80: 3 points per semester hour C = 79-70: 2 points per semester hour D = 69-60: 1 points per semester hour 59 and below = F IP (In Progress) W(Withdrawn) I (Incomplete) AUD (Audit) IP (In Progress) is given only in certain developmental courses. The student must re-enroll to receive credit. COM (Completed) is given in non-credit and continuing education courses. To compute grade point average (GPA), divide the total grade points by the total number of semester hours attempted. The grades "IP," "COM" and "I" do not affect GPA. Course Student Learning Outcomes (SLOs): Introduction to Security, Malware and Social Engineering Attacks Application and Networking-Based Attacks, Host, Application, and Data Security Basic Cryptography, Advanced Cryptography, Network Security Fundamentals Administering a Secure Network, Wireless Network Security, Mobile Device Security Access Control Fundamentals, Authentication and Account Management, Business Continuity, Risk Mitigation, Vulnerability Assessment Computer Science Technology Department Page 4 of 6
Learning Objectives Student Assignments After completing this course, students will be acquainted to and familiar with: List the first principles of security Describe why each principle is important to security and how it enables the development of security mechanisms that can implement desired security policies. Analyze common security failures and identify specific design principles that have been violated. Identify the needed design principle when given a specific scenario. Describe why good human machine interfaces are important to system use. Understand the interaction between security and system usability and the importance for minimizing the effects of security mechanisms. Describe potential system attacks and the actors that might perform them. Describe cyber defense tools, methods and components. Apply cyber defense methods to prepare a system to repel attacks. Describe appropriate measures to be taken should a system compromise occur List the fundamental concepts of the Information Assurance / Cyber Defense discipline Describe how the fundamental concepts of cyber defense can be used to provide system Security. Examine the architecture of a typical, complex system and identify significant vulnerabilities, risks, and points at which specific security technologies/methods should be employed. Students will be able to identify the bad actors in cyberspace and compare and contrast their resources, capabilities/techniques, motivations, aversion to risk. Students will be able to describe different types of attacks and their characteristics. Refer to the course calendar Student Assessment(s) Program/Discipline Requirements: Instructors will use standard syllabus that will satisfy CurricuUNET requirements and improve ongoing assessment of student-centered learning and teaching. Academic Discipline/CTE Program Student Learning Outcomes (PSLOs) Install, configure, upgrade, and troubleshoot personal computer operating systems Install, configure and troubleshoot networking hardware, protocols and services Manage and Maintain a Microsoft Windows Server 2012 Environment/Network Infrastructure Demonstrate knowledge in General Security Concepts, Communication Security, Infrastructure Security, and Unified Communications SCANS and/or Core Curriculum Competencies: If applicable Secretary s Commission on Achieving Necessary Skills (SCANS) C1: Allocates Time C16: Monitors and Corrects Performance Students monitor and correct performance of Windows 2012 server in this course. Students correct performance and predict impact of specific actions while working with lab partners. Students identify trends and gather information by monitoring system performance. C17: Improves and Designs Systems Students have to plan and design the installation of a Windows Operating System and then complete the installation (file system layout, file system space, security, etc ). Changes are then made to improve the design and performance of the system. HCC Policy Statement Computer Science Technology Department Page 5 of 6
Access Student Services Policies on their Web site: http://hccs.edu/student-rights Distance Education and/or Continuing Education Policies Access DE Policies on their Web site: Access CE Policies on their Web site for non-credit classes: http://de.hccs.edu/de/de-student-handbook http://hccs.edu/ce-student-guidelines Competencies: If applicable Computer Science Technology Department Page 6 of 6