Docstoc

Security and Risk Analysis

Document Sample
Security and Risk Analysis Powered By Docstoc
					                             Security and Risk Analysis
                    INFORMATION AND CYBER SECURITY OPTION (ICS)

This option includes a set of courses that provides an understanding of the theories, skills, and
technologies associated with network security, cyber threat defense, information warfare, and critical
infrastructure protection across multiple venues.

1. What is the focuses of this option in terms of specific knowledge and skills?

    Knowledge Focus: Interdisciplinary security and risk analysis knowledge with a focus on
                     System and network security methods and technologies.

    Skills Focus:       A balanced focus on both people skills and technical skills
                         People skills include such skills such as management, coordination,
                            leadership, and communication.
                         Technical skills include such skills such as penetration testing skills (referring
                            to methods of evaluating the security of a computer system or network),
                            red teaming skills*, security consulting and evaluation skills, computer
                            forensics skills, and statistical analysis skills, and model-based decision
                            making skills

2. a. How do the courses in this option integrate with each other?
      Overview: SRA 111 gives a comprehensive introduction to everything students will encounter
         throughout the major. Basic concepts of computer and network security are covered along
         with some legal and social context to understand the importance of network, system and data
         security.
      People skills: Courses which help students develop strong interpersonal skills include SRA 211,
         and SRA 231, IST 402, IST 301, and IST 442. These skills are important because security
         professionals will always be working in teams and will need to understand how to make
         management understand security needs.
      Technical skills: Courses which help students develop strong technical skills include IST 210, IST
         220, IST 454, IST 451 and IST 456. These courses provide a technical basis in networking and
         database systems, then examine specific techniques, methods and technologies for computer
         forensics, network security and security management.

    b. What other Penn State courses would you recommend to supplement this option?
       Other courses which a student may choose to supplement the ICS option depend on the
       particular interests of the student. However, here are some general suggestions:
        To gain advanced statistical analysis skills, students can take more STAT courses
        To gain more model-based decision making skills, students can take more business
           management-related courses
        To gain more security methods and technology skills, students could consider taking
           additional IST courses in networking and computer security
        To gain more security methods and technology skills, students could consider taking IST
           programming and systems design courses
        To gain more understanding of security issues, students could consider taking additional IST
           courses in security and privacy law.
3. Realizing that students majoring in SRA will be prepared to work in many different areas, what
   are specific examples of the activities /work assignments that best llustrate this option?
        Conduct penetration testing (referring to methods of evaluating the security of a computer
           system or network)
        Provide red teaming services* to a customer organization
        Provide comprehensive security consulting services to a customer
        Coordinate forensics analysis after a security accident occurs within a customer organization
        Deploy enterprise protection measures
        Assist with emergency response after a severe security accident happens
        Do intrusion detection monitoring in a control room
        Manage access authentication of thousands of employees in a big organization
        Do security trouble shooting for various technologies within an organization

4. What related or additional information should students focus on outside of classes?
      Information relating to the following:
          o The security industry
          o Newest trends in security threats
          o Newest trends in security-related law
          o Security business administration
          o Security practices in the military, government, and finance sectors

5. Recommended Web sites to supplement the ICS option and the IST major:
       US-CERT: United States Computer Emergency Readiness Team
            http://www.us-cert.gov/
       SANS Institute – Network, Security, Computer, Audit Information & Training
            http://www.sans.org/
       National Vulnerability Database http://nvd.nist.gov/

*“In military simulations the opposing force in a simulated military conflict is known as the Red Team,
and is used to reveal weaknesses in current military readiness. More generally, Red Teaming can refer to
an independent peer review of existing practices, or future proposals.”

Wikipedia http://en.wikipedia.org/wiki/Red_Team
                   Security and Risk Analysis – typical job descriptions

Application Security Specialist: The Application Security Specialist is responsible for supervising security
measures at all levels of application development from design and specification through testing and
management. They ensure that known design/programming vulnerabilities are closed and that
application security is properly documented and certified. In addition, they may participate in
application patching and change management as systems evolve and are interconnected with other
systems. They may participate in security audits of application systems and in ensuring that application
systems adhere to laws such as FERPA, HIIPA and SOX. Duties may include testing application code,
validating software changes and patches, developing documentation and reports for management and
for auditing and credentialing agencies.

Network Security Specialist: The Network Security Specialist is responsible for ensuring that
communication and data networks are secure from unauthorized access and intrusion. They assist in
network design, and especially in the placement and programming of media, routers, switches and
firewalls to enforce an organizations security policy. Duties may include managing authentication
methods, access rights and services, placing and managing intrusion-detection technologies (IDS,
honeypots, etc.) and examining logs produced by these technologies, examining router and firewall logs
to obtain information on the nature, origin and scope of a network intrusion, assisting in application of
security policies and writing reports for management and auditing/certifying agencies.

Computer Forensics Specialist: The Computer Forensics Specialist is responsible for acquiring data from
computer systems that may be used as evidence in court cases or instances where organizational policy
is violated. Duties include data acquisition and reconstruction from storage devices, data acquisition
from server, router and firewall logs, data acquisition from mobile devices, decryption of encrypted,
encoded or hidden data. Because of its use as evidence the Computer Forensics Specialist must also
have an understanding of the rules of evidence and law as pertains to digital evidence.

Computer Systems Auditor: The Computer Systems Auditor is responsible for ensuring that networks
and applications adhere to Federal and State laws and guidelines related to the security of the data they
contain and the processes they manage. Duties include examination of an organizations security
policies and methods, systems documentation, incident handling and reporting, training and
development. They will credential systems and networks as adhering to the appropriate standards
(such as ISO-27000 series) and laws (such as FERPA, HIIPA, SOX, etc.)

Intelligence Analyst: The Intelligence Analyst is primarily responsible for supervising, coordinating and
participating in the analysis, processing and distribution of strategic and tactical intelligence. Some of
your duties as an Intelligence Analyst may include: preparing all-source intelligence products to support
the combat commander; assisting in establishing and maintaining systematic, cross-referenced
intelligence records and files; receiving and processing incoming reports and messages; assisting in
determining the significance and reliability of incoming information; assisting in the analysis and
evaluation of intelligence holdings to determine changes in enemy capabilities, vulnerabilities and
probable courses of action; assembling and proofreading intelligence reports and assisting in
consolidating them into Army intelligence; storing and retrieve intelligence data using computers
Intelligence Specialists: Intelligence specialists analyze intelligence data. They break down information
to determine its usefulness in military planning. From this intelligence data, they prepare materials that
describe in detail the features of strategic and tactical areas all over the world. Duties performed by ISs
include: analyzing intelligence information; identifying and producing intelligence from raw information;
assembling and analyzing multi-source operational intelligence; preparing and presenting intelligence
briefings; preparing planning materials for photographic reconnaissance missions; analyzing the results,
preparing reports. preparing graphics, overlays and photo/map composites; plotting imagery data using
maps and charts; providing input to and receive data from computerized intelligence systems ashore
and afloat; maintaining intelligence databases, libraries and files.

Cyber Intelligence Analyst: These positions require intelligence analysis and production tasks related to
counterintelligence and/or computer investigations and operations. Experience in counterterrorism
and/or counterintelligence analysis is essential. Excellent communication skills, both verbal and written,
are critical. Experience in providing analytical support for cyber investigations, working with link analysis
tools, analyzing network logs, and interacting with databases is highly desirable. A basic knowledge of
computer and network security principles is important. A Top Secret security clearance and Bachelors
Degree are required. Locations are worldwide.




*Please be advised that this is simply a brief list containing some of the career positions a graduate from this option
may encounter. It is not intended to serve as a comprehensive career guide, but rather to give students a sense of
the general pathways to which this option may lead. Graduates from IST successfully apply their broad-based
technology background in myriad professional settings. Some IST graduates also choose to continue their studies in
graduate or professional schools.



                                                                                                               1/2012

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:3
posted:10/9/2012
language:English
pages:4