INFORMATION SYSTEMS SECURITY

Class Lab Credit INFORMATION SYSTEMS SECURITY Effective Term - Spring 2006 [2006*01] - CRC 06/13/05 SEC 110 Security Concepts Prerequisites: None Corequisites: None 3 0 3 This course introduces the concepts and issues related to securing information systems and the development of policies to implement information security controls. Topics include the historical view of networking and security, security issues, trends, security resources, and the role of policy, people, and processes in information security. Upon completion, students should be able to identify information security risks, create an information security policy, and identify processes to implement and enforce policy. Effective Term - Spring 2006 [2006*01] - CRC 06/13/05 SEC 150 Secure Communications Prerequisites: SEC 110 and NET 110 or NET 125 Corequisites: None 2 2 3 This course provides an overview of current technologies used to provide secure transport of information across networks. Topics include data integrity through encryption, Virtual Private Networks, SSL, SSH, and IPSec. Upon completion, students should be able to implement secure data transmission technologies. Effective Term - Spring 2006 [2006*01] - CRC 06/13/05 SEC 160 Secure Admin I Prerequisites: SEC 110 and NET 110 or NET 125 Corequisites: None 2 2 3 This course provides an overview of security administration and fundamentals of designing security architectures. Topics include networking technologies, TCP/IP concepts, protocols, network traffic analysis, monitoring, and security best practices. Upon completion, students should be able to identify normal network traffic using network analysis tools and design basic security defenses. Effective Term - Spring 2006 [2006*01] - CRC 06/13/05 SEC 170 SOHO Security Prerequisites: SEC 110 Corequisites: None 2 2 3 This course introduces security principles and topics related to the small office/home office networking environment. Topics include network topologies, network protocols, security issues, and best practices for SOHO environments. Upon completion, students should be able to design, setup, secure, and manage a small office/home office network. This course is restricted to the Information Systems Security/Operating Systems curriculum. Common Course Library SEC - 1 September 28, 2005 Class Lab Credit Effective Term - Spring 2006 [2006*01] - CRC 06/13/05 SEC 210 Intrusion Detection Prerequisites: SEC 160 Corequisites: None 2 2 3 This course introduces the student to intrusion detection methods in use today. Topics include the types of intrusion detection products, traffic analysis, and planning and placement of intrusion detection solutions. Upon completion, students should be able to plan and implement intrusion detection solution for networks and host based systems. Effective Term - Spring 2006 [2006*01] - CRC 06/13/05 SEC 220 Defense-In-Depth Prerequisites: None Corequisites: SEC 160 2 2 3 This course introduces students to the concepts of defense in-depth, a security industry best practice. Topics include firewalls, backup systems, redundant systems, disaster recovery, and incident handling. Upon completion, students should be able to plan effective information security defenses, backup systems, and disaster recovery procedures. This course is restricted to the Information Systems Security, the Information Systems Security/Operating Systems, and the Information Systems Security/Security Hardware curriculums. Effective Term - Spring 2006 [2006*01] - CRC 09/28/05 SEC 230 Attack Methodology Prerequisites: SEC 220 Corequisites: None 3 2 4 This course provides the student with an in-depth look at common Internet, network, and host-based attack methodologies. Topics include attack methods such as social engineering, spoofing, denial of service, man-in-the-middle, session hijacking, password cracking, malicious code and web hacking techniques. Upon completion, students should be able to generate anomalous network traffic, identify common network attack patterns, and perform penetration testing. This course is restricted to the Information Systems Security/Operating Systems curriculum. Effective Term - Spring 2006 [2006*01] - CRC 06/13/05 SEC 230 Attack Methodology Prerequisites: SEC 220 Corequisites: None 2 3 3 This course provides the student with an in-depth look at common Internet, network, and host-based attack methodologies. Topics include attack methods such as social engineering, spoofing, denial of service, man-in-the-middle, session hijacking, password cracking, malicious code and web hacking techniques. Upon completion, students should be able to generate anomalous network traffic, identify common network attack patterns, and perform penetration testing. This course is restricted to the Information Systems Security/Operating Systems curriculum. Common Course Library SEC - 2 September 28, 2005 Class Lab Credit Effective Term - Spring 2006 [2006*01] - CRC 06/13/05 SEC 240 Wireless Security Prerequisites: SEC 110 and NET 175 Corequisites: None 2 2 3 This course introduces security principles and topics related to the wireless networking environment. Topics include network topologies, network protocols, security issues, and best practices for wireless environments. Upon completion, students should be able to design, setup, manage, and secure a wireless network. Effective Term - Spring 2006 [2006*01] - CRC 06/13/05 SEC 260 Secure Admin II Prerequisites: SEC 160 Corequisites: None 2 2 3 This course provides the skills necessary to design and implement information security controls. Topics include advanced networking and TCP/IP concepts, network vulnerability analysis, and monitoring. Upon completion, students should be able to distinguish between normal and anomalous network traffic, identify common network attack patterns, and implement security solutions. This course is restricted to the Information Systems Security/Operating Systems curriculum. Effective Term - Spring 2006 [2006*01] - CRC 06/13/05 SEC 270 Secure Routing/Firewalls Prerequisites: NET 226 and SEC 110 Corequisites: None 1 4 3 This course introduces the principles of securing networks using routers and firewalls. Topics include networking protocols, threat mitigation, firewall configuration, authentication, authorization, intrusion detection, encryption, IPSec, VPNs, and remote access technologies. Upon completion, students should be able to secure internal networks using router and firewall technologies. This course is restricted to the Information Systems Security/Security Hardware curriculum. Effective Term - Spring 2006 [2006*01] - CRC 09/28/05 SEC 275 Advanced Firewalls Prerequisites: SEC 270 Corequisites: None 3 2 4 This course covers advanced topics in securing networks using firewalls. Topics include networking protocols, firewall status and configuration, syslog configuration, security levels, NAP/PAT, Access Control Lists, Authentication, Authorization and Accounting, VPN, and Remote Access. Upon completion, students should be able to describe, configure, verify, and manage firewall technologies. This course is restricted to the Information Systems Security/Security Hardware curriculum. Common Course Library SEC - 3 September 28, 2005 Class Lab Credit Effective Term - Spring 2006 [2006*01] - CRC 06/13/05 SEC 275 Advanced Firewalls Prerequisites: SEC 270 Corequisites: None 1 4 3 This course covers advanced topics in securing networks using firewalls. Topics include networking protocols, firewall status and configuration, syslog configuration, security levels, NAP/PAT, Access Control Lists, Authentication, Authorization and Accounting, VPN, and Remote Access. Upon completion, students should be able to describe, configure, verify, and manage firewall technologies. This course is restricted to the Information Systems Security/Security Hardware curriculum. Effective Term - Spring 2006 [2006*01] - CRC 06/13/05 SEC 289 Security Capstone Project Prerequisites: SEC 220 Corequisites: None 1 4 3 This course provides the student the opportunity to put into practice all the skills learned to this point. Emphasis is placed on security policy, process planning, procedure definition, business continuity, and systems security architecture. Upon completion, students should be able to design and implement comprehensive information security architecture from the planning and design phase through implementation. This course is restricted to the Information Systems Security, the Information Systems Security/Operating Systems, and the Information Systems Security/Security Hardware curriculums. See the SEL and SEM prefixes for generic Selected Topics and Seminar course description. Common Course Library SEC - 4 September 28, 2005