MORGAN STATE UNIVERSITY DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING COURSE SYLLABUS FALL, 2015

Similar documents
MORGANSTATEUNIVERSITY DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING. EEGR410 Introduction to Networks. Credits: 3 COURSE SYLLABUS

MORGANSTATEUNIVERSITY DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING. EEGR510 Communications Networks Credits: 3 COURSE SYLLABUS

Standard Course Outline IS 656 Information Systems Security and Assurance

CUNY John Jay College of Criminal Justice MATH AND COMPUTER SCIENCE

COURSE OUTLINE. Last Amendment Edition Procedure No. Lecturer /blog Room No. Phone No. / Name.

City University of Hong Kong. Course Syllabus. offered by Department of Information Systems with effect from Semester A 2017 / 2018

Oklahoma State University Institute of Technology Face-to-Face Common Syllabus Fall 2017

Instructor: Eric Rettke Phone: (every few days)

ISM 324: Information Systems Security Spring 2014

COURSE OUTLINE. Course code: SCSR 4473 Academic Session/Semester: /2. Course name: Security Management Pre/co requisite (course name

Network Security

Syllabus for CIT 442 Information System Security 3 Credit Hours Spring 2015

COMPUTER FORENSICS (CFRS)

Computer Information Systems (CIS) CIS 105 Current Operating Systems/Security CIS 101 Introduction to Computers

Oklahoma State University Spears School of Business Department of Management Information Systems

Syllabus CSCI 405 Operating Systems Fall 2018

HOLY ANGEL UNIVERSITY COLLEGE OF INFORMATION AND COMMUNICATIONS TECHNOLOGY CYBER SECURITY COURSE SYLLABUS

FORM I: SUMMARY PAGE FOR PROPOSAL # CSCI

The University of Jordan. Accreditation & Quality Assurance Center. COURSE Syllabus

Bachelor of Information Technology (Network Security)

ITSY 2330 Intrusion Detection Course Syllabus

Computer Information Systems (CIS) CIS 105 Current Operating Systems/Security CIS 101 Introduction to Computers

San José State University Department of Computer Science CS049J, Programming in Java, Section 2, Fall, 2016

ITSY Information Technology Security Course Syllabus Spring 2018

Compulsory course in Computer Science

San José State University Department of Computer Science CS166, Information Security, Section 1, Fall, 2018

CompTIA Cybersecurity Analyst+

San José State University School/Department Computer Science 265: Cryptography and Computer Security, Fall 2017

I. PREREQUISITE For information regarding prerequisites for this course, please refer to the Academic Course Catalog.

San José State University Computer Science Department CS49J, Section 3, Programming in Java, Fall 2015

ESET 369 Embedded Systems Software, Fall 2017

Audit and Assurance Overview

San José State University Department of Computer Science CS 166 / SE 166, Information Security, Section 4, spring, 2017

Department of Computer & Information Sciences. CSCI-342: Introduction to Information Security Syllabus

San José State University Department of Computer Science CS158B, Computer Network Management, Section 1, Fall 2016

Philadelphia University Faculty of Information Technology Department of Computer Science --- Semester, 2007/2008. Course Syllabus

Information Systems and Tech (IST)

Faculty of Science & Information Technology

USF Sarasota-Manatee - New Undergraduate Course Proposal Form

City University of Hong Kong. Course Syllabus. offered by Department of Computer Science with effect from Semester B 2016/17

Justification: IT/COMP 421 is now IT421. Adjustments made so both CS and IT majors have equivalent prereqs. Corrects error in course justification.

Database Security MET CS 674 On-Campus/Blended

AE Computer Programming for Aerospace Engineers

CEHC 242: Cybersecurity

Part A: Course Outline

RYERSON UNIVERSITY Ted Rogers School of Information Technology Management And G. Raymond Chang School of Continuing Education

TCOM 663/CFRS Intrusion Detection and Forensics Department of Electrical and Computer Engineering George Mason University Fall, 2010

CCNA Cybersecurity Operations 1.1 Scope and Sequence

Computer Science Department

CCNA Cybersecurity Operations. Program Overview

ISO Lead Auditor Program Risk Management System (RMS) Training Program

Oklahoma State University Institute of Technology Face-to-Face Common Syllabus Fall 2017

ITE 205 Software Design and Programming I

Syllabus CS 430 Introduction to Computer Security Winter 2016

South Portland, Maine Computer Information Security

ESET 369 Embedded Systems Software, Spring 2018

M.S. IN INFORMATION ASSURANCE MAJOR: CYBERSECURITY. Graduate Program

Syllabus: AIT Information Systems Infrastructure Lifecycle Management

SOA - Advanced Operating Systems

CS/SE 153 Concepts of Compiler Design

CMPE 152 Compiler Design

CASPER COLLEGE COURSE SYLLABUS MSFT 1600 Managing Microsoft Exchange Server 2003 Semester/Year: Fall 2007

Course Syllabus Internal Control And Auditing ACNT 2331

ISO LEAD AUDITOR TRAINING

OVERVIEW OF SUBJECT REQUIREMENTS

Computer Science Technology Department

Required Textbook and Materials. Course Objectives. Course Outline

ITT Technical Institute. CS420 Application Security Onsite Course SYLLABUS

The GenCyber Program. By Chris Ralph

SULTAN QABOOS UNIVERSITY COURSE OUTLINE PROGRAM: B.Sc. in Computer Science. Laboratory (Practical) Field or Work Placement

ESET 349 Microcontroller Architecture, Fall 2018

ITCC112. Course Summary. Description. Objectives

Undergraduate Course Syllabus

ITCC111. Course Summary. Description. Objectives. Outline

PELLISSIPPI STATE TECHNICAL COMMUNITY COLLEGE MASTER SYLLABUS HPC INTERNETWORKING & GRID TECHNOLOGY HPC 1020

Cloud Security. Copyright Ramesh Nagappan. All rights reserved.

For information regarding prerequisites for this course, please refer to the Academic Course Catalog.

PELLISSIPPI STATE COMMUNITY COLLEGE MASTER SYLLABUS LINUX SYSTEM ADMINISTRATION CSIT 2411

Advisory: Students should have already taken MICROCOMPUTER APPLICATIONS II - 431

CSci 4211: Data Communications and Computer Networks. Time: Monday and Wednesday 1 pm to 2:15 pm Location: Vincent Hall 16 Spring 2016, 3 Credits

Syllabus:))AIT)671)0)Information)Systems)Infrastructure)Lifecycle) Management)

This course includes 14 lessons and 5 Course Activities. Each lesson contains one or more Lesson Activities. The lessons cover the following topics:

PELLISSIPPI STATE TECHNICAL COMMUNITY COLLEGE MASTER SYLLABUS HPC INTERNETWORKING & GRID TECHNOLOGY HPC 1020

CSC6290: Data Communication and Computer Networks. Hongwei Zhang

PELLISSIPPI STATE COMMUNITY COLLEGE MASTER SYLLABUS ADVANCED DATABASE MANAGEMENT SYSTEMS CSIT 2550

Academic Course Description

EC-Council - EC-Council Certified Security Analyst (ECSA) v8

Murach's HTML and CSS3 3 rd Edition By Boehm, Anne Fresno, Calif Publisher: Mike Murach & Associates, 2015 ISBN-13:

CS 241 Data Organization using C

Course Curriculum for Master Degree in Network Engineering and Security

Master of Cyber Security, Strategy and Risk Management. CECS PG Information Session April 17, 2018

ITT Technical Institute. IT360 Networking Security I Onsite Course SYLLABUS

IS305 Managing Risk in Information Systems [Onsite and Online]

EEL DATA NETWORKS, SYSTEMS, AND SECURITY Fall 2016

Auditing and assurance

Monfort College of Business Semester Course Syllabus ( ) COURSE PREFIX/TITLE: BACS 382 TCP/IP Network Security Sem. Hrs. 3 Ed.

CS 4230 Java Application Development Syllabus

CS 4230 Java Application Development Syllabus

ESSEX COUNTY COLLEGE Business Division CIS 152 Internet Concepts Course Outline

Descriptions for CIS Classes (Fall 2017)

Transcription:

MORGAN STATE UNIVERSITY DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING COURSE SYLLABUS FALL, 2015 CATALOG DESCRIPTION ONLINE EEGR.483 INTRODUCTION TO SECURITY MANAGEMENT CREDITS: 3 THIS COURSE IS A SENIOR ELECTIVE IN THE ECE DEPARTMENT. INSTRUCTOR: THIERRY WANDJI EMAIL: KETCHIOZO.WANDJI@MORGAN.EDU This course will provide a background in the many aspects of security management associated with today s modern communications and networks. It includes the fundamentals of Risk Analysis, Risk Management, Security Policy, Security Operations, Legal issues, Business issues and Secure Systems Development. Prerequisite: EEGR 317 COURSE OBJECTIVES This course provides students with knowledge and skills in the fundamental theories and practices of Security Management Upon completion of the course a student is expected to: CO1: Understand the role of Security Management in information technology systems CO2: Quantify the properties of Information Security CO3: Develop project plans for secure complex systems with knowledge of SANS 20 critical controls CO4: Demonstrate understanding of the role of firewalls, guards, proxy servers and intrusion detection in networks on a Linux OS with traffic analysis CO5: Evaluate the residual risk of a protected network CO6: Provide forensics and other security management solutions in compliance with the policies and practices currently accepted in the industry as incident response. CO7: Apply legal and ethical standards in the Information Security context. COURSE CONTENT AND KNOWLEDGE BASES This course will cover theory and application of: security management, security design,.network vulnerabilities, application of cryptography, risk analysis, and legal and ethical behavior. The knowledge base is multidisciplinary and draws from which the course content is drawn is Business Management, Computer Engineering, System Management, and Sociology. 1

COURSE REQUIREMENTS This course is an elective course for all engineering graduate students, especially those with the computer engineering, communications concentration, or cyber security interest. This course relates heavily to the EEGR410/480/481/482. In conjunction with the other courses, this course will help the student develop a breadth of understanding in security applications. Students are expected to prepare and participate in the lectures. Lectures will selectively cover material in the text and will draw from other reference sources. Homework assignments and quizzes will consist of selected problems from the text and/or other sources. As this topic has a large applied element, class projects will be an important element of the learning experience for this topic. These projects will be accomplished using MATLAB and C programming languages or other Linux based platforms. Projects will represent a significant portion of the grade. One examination will be given during the course. A comprehensive final project will be assigned in lieu of final exam. Depending on the scope of the project, working in a group is possible, given that the tasks of individuals are well defined in the project proposal. Course Schedule/Session Format Content Date Topic Module 1 Introduction (CO1) Brief introduction to security management and to the different cyber security courses taught at Morgan State. The topics in this module include cyber risks, basic computer security and network security concepts. Module 2 Threats, Risks and SANS 20 Critical Controls Overview (CO1, 3) Describes SANS 20 critical control for security management as well as the following key cyber security concepts: Threats, Vulnerabilities. Also, in this module SANS 20 critical controls for security management will be identified, basic vulnerabilities and threats will be presented, key terms in will be defined. Module 3 Risk modeling and IT risk framework.(co2) In this module, a novel risk framework is introduced. Numerical risk computation is explained. Quantification of risk and costs associated with attacks are explained and determined this will help student to compare the advantages and disadvantages of various risk assessment methodologies. This module also explain how to balance the defense and control to minimize cost associated with successful breach. In this module the student will learn how to program the risk framework in MATLAB and simulate attacks. Simulate and illustrate Monte Carlo average of the cost based on different balancing strategies. Module 4 Risk decisions and IT risk framework analysis. (CO2, 4, 5) In this module we continue analyzing the IT risk framework from the previous module but this time with a clear focus on MATLAB simulation of the risk and decision making. This module will teach students how to make reasonable decisions to minimize the cost of a cyber-attack based on simulation of the risk. Students will also be able to evaluate and categorize risk. 2

Module 5 Module 6 Module 7 Module 8 Module 9 Module 10 Module 11 Module 12 Module 13 Risk management.(co5, 6) In this module, we will analyze NIST 800-30 and 800-39 documents. We will also learn how to assess security risks and costs based on NIST 800-30/39 document and discuss risk assessment from NIST POV. Lastly, students will learn various risk analysis methodologies and how to Make decisions on risk management issues based on the NIST guidelines and Program a risk assessment model to understand the relation between risk and system security policy. Forensic and incident response. (CO6) In this module, we will start the discussion on monitoring, forensics and incident response. Identify key terms in security monitoring, identify key concepts in forensic analysis, and make recommendation on incident response given any scenario. More on Incident response. (CO6) In this module, we will have a closer look of the NIST SP800-61 document and we will identify SP800-61 key goals. Also, incident response mechanisms will be explained as well as how to select the best response possible in any given situation. Forensic and Exam review. (CO6) In this module, we will have a closer look of the NIST SP800-86 document. Students will be able to describe the methodologies used in network forensics. Cyber forensics will be studied in details as well as how to select the best forensic analysis in any given situation. Midterm Exam Forensic (CO6) In this module, we will continue the analysis of the SP800-86 document. After completion of this module students will successfully be able to identify key steps to handle an incident, integrate forensic techniques into incident response, and use data from data files for forensic analysis, use data from operating systems for forensic analysis. Lastly, detect and prevent intrusion. Linux Operating System. (CO4) In this module, we will analyze NIST SP800-69 document in details as well as different forensic topics and will identify core components of OS. As a hands-on activity, student will download and use LINUX OS to perform different forensic analyses and capture packet for analysis which will enable students to analyze and decipher network traffic, identify anomalous or malicious activity and provide a summary of the effects on the system. Supply Chain Risk Management Practices. (CO6) In this module, we will review NIST SP800-161 (Supply Chain Risk Management Practices for Federal Information Systems and Organizations). After completion of this module students will be able to identify core components ICT SCRM controls, integrate ICT SCRM into organization wide risk management, and identify ICT supply chain threat events. Policy, legal and ethical implications of the security management. (CO7) In this module, we will look into data security and its importance. Also, we will look into Legal, Ethical and compliance issues regarding data security and identity theft. After completion of this module students will be able to identify the risk of identity theft, distinguish different data handling policies, and explain different federal and statewide policies related to cyber security and acts addressing issues of data security such as HIPAA/FERPA. 3

Module 14 Module 15 LEGAL AND ETHICAL ISSUES IN COMPUTER SECURITY.(CO7) In this module we will continue evaluating legal, ethical and compliance issues regarding computer security. Also, we will review the materials summary of all the modules presented throughout the semester in order to get ready for the final exam. After completion of this module students will define the key legal terms in computer security such as Patents, copyrights, and IP in Information Concept. Identify different computer crimes, examine a computer fraud case for ethical issues, and comply by the rules of the ethics as dealing with cybercrimes. Review of the course and Final project discussions FORMAT Online GRADING Projects and assignments 20% Midterm Exam 20% Quizzes 20% Discussion board 20% Final Project 20% NOTE: Any material submitted that is substantially copied from other students without citation or from the Internet will receive a zero grade. EXPECTATIONS AND REQUIREMENTS Students are expected to log on to at least Bb 3 times a week. Students are expected to be actively engaged on the discussion board conversations. Homework and other assignments are due by midnight of the given due date. 5% Late penalty will be deducted for late submission. Academic misconduct or cheating during an exam will result in an F grade for the course. RELATIONSHIP TO CURRICULUM SEQUENCE This course is part of a Cyber Security series of courses EEGR480, 481, 482, 483 BIBLIOGRAPHY Required: Whitman, M Management of Information Security, Thompson, 4

Recommended: Pfleeger, C.P., Security in Computing, Prentice Hall, Copyright 2010 ISBN 0-13- 239077-9 Schneier, Bruce. Applied Cryptography, Second Edition, John Wiley & Sons, 1996. ISBN 0-471- 11709-9 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback