Course website : http://blogs.cofc.edu/olmsteda
Email: Please use firstname.lastname@example.org with Subject = CSCI490
Office: Harbor Walk East 315
Class place and time
Classroom: Online Only
CSCI 490 Information Security Principles
This course will describe the basic principles of information systems security, including cryptography,
identifications and authentications, access control models and mechanisms, multilevel database security,
steganography, Internet security, and planning and administering security. The students will gain an
understanding of the threats to information resources and learn about counter measurements and their
Module 1 – Introduction
This module introduces the students to the challenges of protecting electronic information and using the LabSim simulator.
Module 2 – Access Control and Identity Management
In this module students will learn concepts about controlling access to system resources. They will learn the access control models, terminology, best practices, tools, and remote and network considerations to controlling access.
Module 3 – Cryptography
This module teaches the students about cryptographic attacks and the tools to ensure data integrity. They will learn about hashing, symmetric and asymmetric encryption, and certificates. Methods of implementing cryptography are also presented.
Module 4 – Policies, Procedures, and Awareness
This module discusses security policies, procedures and security awareness. Students will learn security classification levels, documents, business continuity plans, risk management considerations, incident response, trusted computing, software development concerns, and management of employees.
Module 5 – Physical Security
This module examines the fundamentals of physically securing access to facilities and computer systems, protecting a computer system with proper environmental conditions and fire-suppression systems, and securing mobile devices and telephony transmissions.
Module 6 – Perimeter Defenses
In this module students will learn concepts about perimeter defenses to increase network security. Topics covered will include types of perimeter attacks, security zones and devices, configuring a DMZ, firewalls, NAT router, VPNs, protections against web threats, Network Access Protection (NAP) and security for wireless networks.
Module 7 – Network Defenses
This module discusses network device vulnerabilities and defenses, providing security for a router and switch, and implementing intrusion monitoring and prevention.
Module 8 – Host Defenses
In this module students will learn about the types of malware and how to protect against them, protecting against password attacks, recommendations for hardening a Windows system, configuring GPOs to enforce security, managing file system security, and procedures to increase network security of a Linux system.
Module 9 – Application Defenses
This module discusses basic concepts of securing web applications from attacks, fortifying the internet browser, securing e-mail from e-mail attacks, concerns about networking software, and security considerations when using a virtual machine.
Module 10 – Data Defenses
This module discusses the elements of securing data, such as, implementing redundancy through RAID, proper management of backups and restores, file encryption, implementing secure protocols, and cloud computing.
Module 11 – Assessments and Audits
This module examines tools that can be used to test and monitor the vulnerability of systems and logs that provide a system manager to track and audit a variety of events on a system.
We will use an electronic book by www.testout.com. http://www.testout.com/home/it-certification-training/labsim-certification-training/security-pro. I will give you a voucher in Oaks that allows you to buy this software for $89.
100-92 (A); 91-89 (A-); 88-86 (B+); 85-82 (B); 81-79 (B-); 78-76 (C+); 75-72 (C); 71-69 (C-); 68-62 (D); else (F)
40% Quizzes and Simulation Labs
40% Final Exam
20% Programming Problems
There will be many short (5-10 minute) video lectures followed up by a short reading and a simulation lab. You are able to take the simulation multiple times and your last score will be the score for the grade book.
Each unit will have a exam or a set of exam. You are able to take the quizzes multiple times and your last score will be the score for the grade book.
The final exam will be around 70 questions and the due date will be posted to Oaks. There will be no late submissions accepted. Since the content is streamed to your personal computer you should plan to complete all the work by the deadline.
Over the semester the student will build several attacks/defenses using iMacros or PHP. The dropbox in Oaks has a specific due date for each weeks work. Late submissions will not be accepted.
Each unit and topic of the course will have an Oaks discussion groups. Please do not post quiz and test answers to the discussion groups.
If you have a documented disability and are approved to receive accommodations through
SNAP Services, please contact me.
Student Honor Code
I expect you to abide by the Honor Code and the Student Handbook: A Guide to Civil and
Honorable Conduct. If you have a question about how to interpret the Honor Code, ask before
acting! I encourage collaboration, but you must document it. Thus, each student will submit
their own homework and, when collaborating, provide a reference to those people and