M&IS 34045 Spring 2008 DeHondt
M&IS 34045 Small Systems
Spring 2008
|
INSTRUCTOR:
|
Gerald DeHondt II, MBA
|
|||
|
CONTACT:
|
(330) 672-1153
gdehondt@gmail.com (best contact method)
|
|||
|
OFFICE HOURS:
(A417 BSA)
|
Tuesday / Thursday 9:30AM – 11:00AM
Or
By Appointment
|
|||
|
CLASS TIME/PLACE:
|
Tuesday, 7:20PM – 10:00PM
324 BSA
|
|||
|
TEXT:
|
Principles of Information Security, Second Edition Michael Whitman and Herbert Mattord, 2004
ISBN: 0-619-21625-5
|
|||
|
SUPPLEMENTARY
MATERIAL:
|
Handouts and Exercises available at
http://www.personal.kent.edu/~gdehondt
|
|||
|
COURSE
DESCRIPTION:
|
The purpose of the course is to provide the student with an overview of the field of Information Security and Assurance. Students will be exposed to the spectrum of Security activities, methods, methodologies, and procedures. Coverage will include inspection and protection of information assets, detection of and reaction to threats to information assets, and examination of pre- and post-incident procedures, technical and managerial responses and an overview of the Information Security Planning and Staffing functions.
The course will also provide an introduction to the hardware, software, and firmware that is becoming necessary for IS personnel to understand in order to make more informed decisions about information security program requirements.
(Prerequisites: M&IS 24060 and 24070. Students attending the course who do not have the proper prerequisite, risk being deregistered from the class.)
|
|||
|
METHODS:
|
The course involves lecture-discussion, classroom exercises, small-group teamwork, electronic communication, individual exams, and task assignments.
|
|||
|
ASSIGNMENTS:
|
Use your Kent State University e-mail account to submit assignments. In the Subject Line identify the Assignment ( Exercise 1, Exercise 2, etc. ).
As the Answer Key will be posted at the conclusion of the assignment, no late assignments can be accepted.
Grades will be posted in Vista. If a grade is not received for a submitted assignment, it is your responsibility to verify the Homework Assignment was received by the instructor.
|
|||
|
GRADING:
|
Three Exams (20% a piece)
Exercise Assignments (4% a piece)
|
60 %
40 %
|
||
|
GRADE CONVERSION:
|
A
A-
B+
B
B-
|
92 %
90 %
86 %
82 %
80 %
|
C+
C
C-
D+
D
F
|
76 %
72 %
70 %
65 %
60 %
> 60%
|
|
ENROLLMENT:
|
Students have responsibility to ensure they are properly enrolled in classes. You are advised to review your official class schedule (using Student Tools / Flashfast) during the first two weeks of the semester to ensure you are properly enrolled in this class and section. Should you find an error in your class schedule, you have until Friday, January 25, 2008 to correct the error with your advising office. If registration errors are not corrected by this date and you continue to attend and participate in classes for which you are not officially enrolled, you are advised now that you will not receive a grade at the conclusion of the semester for any class in which you are not properly registered.
|
|||
|
STUDENTS WITH DISABILITIES:
|
University policy 3342-3-18 requires that students with disabilities be provided reasonable accommodations to ensure their equal access to course content. If you have a documented disability and require accommodations, please contact the instructor at the beginning of the semester to make arrangements for necessary classroom adjustments. Please note, you must first verify your eligibility for these through the Student Accessibility Services (contact 330-672-3391 or visit www.kent.edu/sas for more information on registration procedures).
|
|||
KENT STATE UNIVERSITY
M & IS 34045
SMALL SYSTEMS TECHNOLOGY
SPRING 2008 SYLLABUS
|
ACADEMIC CONDUCT:
|
Cheating means to misrepresent the source, nature, or other conditions of your academic work (e.g., tests, papers, projects, assignments) so as to get undeserved credit. In addition, it is considered cheating when one cooperates with someone else in any such misrepresentation. The use of the intellectual property of others without giving them appropriate credit is a serious academic offense. It is the University's policy that cheating or plagiarism result in receiving a failing grade for the work or course. Repeat offenses result in dismissal from the University.
|
|
PROFESSIONAL
CONDUCT:
|
Student communications to and with the instructor shall at all times be conducted in a professional and courteous manner.
|
This Syllabus is tentative and subject to change
Recording of any lecture or other instructional activity occurring as part of the course is prohibited.
The last day to withdraw from this class is Sunday, March 30, 2008.
Withdrawal before the deadline results in a "W" on the official transcript.
After the deadline a grade must be calculated and reported.
M & IS 34045 – COURSE SCHEDULE AND ACTIVITIES
Date |
Topics |
Reading
Preparation
|
Assignments Due This Session
|
|
1/15
|
Course Introduction • Course Requirements
• Tools used in the course
• Student Expectations
• Instructor Expectations
Introduction to Information Security • History of InfoSec (Information Security)
• Critical Characteristics of Information
• Components of an Information System
• Balancing Information Security and Access
• Security Systems Development LifeCycle and Implementation
• Security Professionals
|
Principles of Information Security,
Chapter 1
|
|
|
1/22
|
The Need for Security • Business Needs
• Threats
• Attacks
|
Principles of Information Security,
Chapter 2
|
Exercise Assignment 2
|
|
1/29
|
Legal, Ethical, and Professional Issues in Information Security • U.S. Laws
• International Laws
• Ethics
|
Principles of Information Security,
Chapter 3
|
Exercise Assignment 3
|
|
2/5
|
Risk Management • Risk Identification
• Risk Assessment
• Risk Control Strategies and Selection
• Best Practices
|
Principles of Information Security,
Chapter 4
|
Exercise Assignment 4
|
|
2/12
|
EXAM 1 (Chapters 1 – 4) |
|
|
Date |
Topics |
ReadingPreparation |
Assignments Due This Session |
|
2/19
|
Planning for Security • Information Security, Policy, Standards, and Practices
• Information Security Blueprint
• Security Education, Training, and Awareness Programs
• Business Continuity Strategies
|
Principles of Information Security,
Chapter 5
|
Exercise Assignment 5
|
|
2/26
|
Security Technology: Firewalls and VPNs • Physical Design
• Firewalls
• OSI Model
|
Principles of Information Security,
Chapter 6
|
|
|
3/4
|
Security Technology: Firewalls and VPNs • TCP/IP Protocol
• Protecting Remote Connections
|
Principles of Information Security,
Chapter 6
|
Exercise Assignment 6 |
|
3/11
|
Security Technology: Intrusion Detection, Access Control, and Other Security Tools • Intrusion Detection Systems (IDS)
• Honey Pots
• Scanning and Analysis Tools
• Access Control Devices
|
Principles of Information Security,
Chapter 7
|
Exercise Assignment 7
|
|
3/25
|
Cryptography • Principles
• Tools
• Protocols
• Attacks
|
Principles of Information Security,
Chapter 8
|
Exercise Assignment 8
|
|
4/1
|
EXAM 2 (Chapters 5 – 8) |
|
|
|
4/8
|
Physical Security • Access Controls
• Fire Security and Safety
• Failure of Public Utilities
• Mobile and Portable Systems
|
Principles of Information Security,
Chapter 9
|
Exercise Assignment 9
|
Date |
Topics |
ReadingPreparation |
Assignments Due This Session |
|
4/15
|
Implementing Information Security • Project Management for Information Security
• Technical Topics of Implementation
• Nontechnical Aspects of Implementation
|
Principles of Information Security,
Chapter 10
|
Exercise Assignment 10
|
|
4/22
|
Security and Personnel • Positioning and Staffing the Security Function
• Credentials
• Employment Policies and Practices
• Security Considerations for Nonemployees
• Separation of Duties
|
Principles of Information Security,
Chapter 11
|
Exercise Assignment 11
|
|
4/29
|
Information Security Maintenance • Security Management Models
• The Maintenance Model
|
Principles of Information Security,
Chapter 12
|
Exercise Assignment 12
|
|
5/6
|
Final Exam – 8:15 pm – 10:30 pm |
|
|
