An intermediate-level course that provides a comprehensive understanding of Information Assurance and Security as defined in the National Training Standard for Information Systems Security Professionals. Emphasizes Information Assurance Skills that are necessary to address government and industry security needs.
Goals, Topics, and Objectives
- Information Security
- Need for Security
- Legal, Ethical, and Professional Issues in Information Security
- Risk Management
- Planning for Security
- Security Technology: Firewalls and VPNs
- Intrusion Detection and Prevention Systems and other security tools
- Physical Security
- Implementing Information Security
- Security and Personnel
- Information Security Maintenance
- Demonstrate foundation knowledge of information security/assurance within the organization
- Demonstrate knowledge of the profession, its organizations, goals and leadership roles, literature/publications, issues and research foundations.
- Demonstrate knowledge of the foundations of information security including legal, regulatory and policy issues, understanding general threats against information systems including denial of service, spoofing and hijacking.*
- Identify, analyze and manage viruses, worms, Trojan horses, Rootkits, Botnets, Spyware, Adware, logic bombs and Advanced Persistent Threats (APT)*
- Demonstrate knowledge of security objectives and policy development.*
- Demonstrate knowledge of cryptography and public key infrastructure (PKI)*
- Assess and demonstrate knowledge of target hardening of network devices, operating systems and applications.*
Assessment and Requirements
Assessment of student performance will be determined by written tests, research papers, PowerPoint presentations, and hands-on lab activities.