IT 300 Computer Security Overview

Instructor: Prof. Sung-Hyuk Cha Email: scha@pace.edu Tel: (914) 773-3891 Office: Goldstein Academic Building, Rm. 318 at Pleasantville M 1:00~2:00 PM & W 3:00~5:00 PM. Graduate Center, Rm. 404 at White Plains T 3:00~5:00PM. CRN: 71781 Course URL: http://www.csis.pace.edu/~scha/IT300 Meeting: Time: W 6:00 pm - 8:45 pm., Fall 2006 Place: Goldstein Center G315 Textbook: Michael Whitman, Herbert Mattord, Principles of Information Security, Second Edition ISBN: 0-619-21625-5 © 2005 ISBN-13: 978-0-619-21625-2 Publish date: November 23, 2004 Hands-On Information Security Lab Manual, Second Edition (0-619-21631-X) Course Goals: Each successful student will demonstrate foundation knowledge and application of information security concepts as they to apply the management of information security in a large organizational environment. Students will describe and identify policy frameworks, legal and moral implications, and best practices in information security management. Course Description: This course gives a broad overview of Information Assurance. The course has two parts: Lecture/discussion related to information security basics and a laboratory component in which students learn technology-related security. Course materials include topics such as types of attacks, hacker techniques, legal and privacy issues, security policy, information security best practices and so on. Students also learn security technologies related to three areas: operating systems, Networks and Web, and e-commerce. The course has a strong laboratory component in which students experiment with various practical computer security tools. Prerequisites: CS232 Computer Organization II and CS242 Data Structures and Algorithms II Lecture Notes: can be accessed using the http://blackboard.pace.edu. Blackboard Login Procedures for Registered Students are available here Schedule: Week Topic 1 (9/6) Ch 1 Introduction to Information Security 2 (9/13) Ch 2 The Need for Security 3 (9/20) Ch 3 Legal, Ethical and Professinal Issues in Information Security 4 (9/27) Ch 4 Risk Management 5 (10/4) Ch 5 Planning for Security 6 (10/11) Ch 6 Technology: Firewalls & VPNs 7 (10/18) Midterm 8 (10/25) Ch 7 Technology: IDS and Access Control 9 (11/1) Ch 8 Cryptography 10 (11/8) Biometric 11 (11/15) Ch 9 Physical Security 12 (11/22) Thanks giving 13 (11/29) Ch 10 Implementing Security 14 (12/6) Ch 11 Security and Personnel 15 (12/13) Final     Evaluation: Lab Assignment (30%): Midterm Exam (30%): Final Exam (30%): Attendance (10%):