Document Sample
COMPUTER SECURITY _ Powered By Docstoc
					          COMPUTER SECURITY &
The first course provides an introduction to information assurance. The topics
covered include cyberspace law, computer forensics, computer crime,
information warfare, penetrating computer systems and networks, malicious
code, denial-of-service attacks, E-commerce vulnerabilities, and physical threats
to the information infrastructure.
    1. Introduction to Information Systems Security Assurance
    2. Computer Crime Classification & Surveys
    3. Information Warfare
    4. The Psychology of Computer Criminals
    5. Penetrating Computer Systems & Networks
    6. Malicious Code, Mobile Code & Denial-Of-Service Attacks
    7. Cyberspace Law & Computer Forensics
    8. Protecting Intellectual Property Law
    9. Fundamentals of Cryptography
    10. Public Key Infrastructure
    11. Preparation of Student Reports

The second course examines the range and effectiveness of the technical tools
used to protect the information infrastructure. These tools include cryptography
systems, identification and authentication, operating system security, e-
commerce safeguards, firewalls and proxy servers, anti-malware and anti-spy
ware technology, software development and quality assurance, and anti-piracy
   1. Physical threats to the information infrastructure
   2. Protecting the information infrastructure, monitoring, controls and honey
   3. Identification and authentication
   4. Operating system fundamentals and security
   5. Network management LAN security, and wireless networks
   6. Firewalls, proxy servers and intrusion detection systems
   7. Anti-malware and anti-spam measures
   8. E-commerce security
   9. Software development and quality assurance - anti-piracy techniques
   10. Security standards for products
   11. Preparation of student reports

Advance Computer Security & Information Assurance Training Program                 1
This course looks at the human factors contributing to information security.
These factors include security policy guidelines, security awareness, ethical
decision-making in the context of technology, employment practices and policies,
operations security and production controls, e-mail and Internet use policies,
working with law enforcement, use of social psychology to implement security
policies, and auditing.
    1. Security policy guidelines
    2. Security awareness
    3. Ethical decision-making and high technology
    4. Employment practices and policies
    5. Operations security and production controls
    6. E-mail and Internet use policies
    7. Working with law enforcement
    8. Using social psychology to implement security policies
    9. Auditing and assessing computer systems 1
    10. Auditing and assessing computer systems 2
    11. Preparation of student reports

Course–IA540:Detection,Responseand Hot Topics
The fourth course covers the tools and techniques for detecting and responding
to intrusions. The topics in this seminar include vulnerability assessment, and
intrusion detection systems, computer emergency/incident response teams,
censorship, privacy and anonymity, standards and laws, and the future of
information assurance.
    1. Threat and vulnerability analysis
    2. Risk assessment and risk management
    3. Business continuity planning, backups
    4. Disaster recovery planning
    5. Computer emergency quick-response teams
    6. Digital investigations and incident post-mortem
    7. Censorship, privacy and anonymity
    8. Standards and laws: ISO17799, GLB, SOX and HIPAA
    9. The future of information assurance
    10. Professional development in IA
    11. Preparation of student reports

Advance Computer Security & Information Assurance Training Program                2
The following courses are elective courses (IA-551, IA-552, IA-553, AND IA-554).
Choose one. Each course is 11 weeks long.

IA-551 Emergency Management
Course IA551 - Elective
The Emergency Management seminar prepares you to enter the emergency
management field in either the private or public realm. You will learn the
principles of emergency management and you will gain the real-world experience
of developing an emergency management plan for your organization.
The Emergency Management course will take you through the emergency
management planning life cycle. You will examine planning and preparedness
methodologies, risk assessment at organization-wide or community-wide levels,
and vulnerability assessments, which identify the specific functions that could be
disrupted by a disaster. The course then explores the mitigation strategies to
reduce exposure to disasters. The final topics are response to, and recovery

IA-552 Business Continuity Planning
Course IA552 - Elective
Business continuity planning is similar to emergency management in its focus on
prevention of and recovery from disruptions in an organization's processes. The
difference lies in BCP's focus on organizational survival: developing strategies
that allow critical business processes to continue despite the crisis until normal
business functions can be resumed.
Business continuity planners must also account for threats beyond traditional
disasters such as fire, storm, or terrorism to include technology-based threats
such as virus attacks, data loss, and corporate espionage. The goal is to develop
methods to continue operations in the face of both localized and large-scale
incidents. These methods must also address issues specific to organizations,
such as public relations during an incident, working with authorities on an
investigation, and replacing workers.

Business continuity planning begins with a risk assessment and mitigation plan.
Threats are examined in terms of impact on an organization's bottom line.
Prioritizing threats and allocating mitigation resources will only be effective if the
financial consequences of threat and mitigation are understood. Business
continuity planning includes data backup and recovery techniques, employee
training, and how to orchestrate shifting operations to offsite facilities. The
overarching goal is to develop cost-effective systems which limit operational
disruptions and quickly return an organization to normal functioning in a cost-
effective manner.

Advance Computer Security & Information Assurance Training Program                       3
IA-553 Computer Security Incident Response Teams
Course IA553 - Elective
this course summarizes the key points in creating and managing a computer
incident response team (CSIRT), also sometimes known as a computer
emergency response team(CERT). Time spent evaluating and planning
emergency response so that it is shortened by a few seconds may save a life or
prevent a business disaster. Organizing people to respond to computer security
incidents is worth the effort not only when an incident occurs but also because
the analysis and interactions leading to establishment of the CSIRT bring
benefits even without an emergency. This seminar will explore the following

      Creating the CSIRT:
       functions, service levels, policies, staffing
      Responding to computer emergencies:
       triage, expertise, tracking, hotlines
      Managing the CSIRT:
       triage, expertise, tracking, hotlines
      Continuous process improvement:
       the post-mortem, sharing knowledge within the organization, sharing
       knowledge in the security community

IA-554 Computer Forensics Investigations
Course IA554 - Elective
The Computer Forensics Investigation course is an eleven-week survey of the
investigation of digital incidents such as electronic fraud, cyber crime and cyber
terror. Survey topics include types and characteristics of digital incidents,
management of digital evidence, investigative techniques, the difference between
digital and traditional investigation, investigative and forensic tools and
techniques, computer, network and software forensics, human factors in digital
crime, and presenting conclusions. The seminar applies the framework
suggested by the Digital Forensics Research Workshop comprising Identification,
Preservation, Collection, Examination, Analysis, and Presentation.

Course – IA560: Management Tools
The sixth course examines the central concepts and techniques of management
with an eye to supporting information assurance, including basic principles,
working with vendors, balancing the need for protection of information with the
need for information sharing, methods of accounting for expenditures and
budgeting for projects, techniques for measuring results, leadership skills and
problem-solving methods.

   1. Security program and project management
   2. Security leadership and organization
   3. Security business case and financial concepts

Advance Computer Security & Information Assurance Training Program                4
   4. Security process, metrics and investment
   5. Security frameworks
   6. Compliance
   7. Vendor relations, outsourcing and negotiations
   8. Maturing a security program
   9. Problem management
   10. Security principles
   11. Preparation of student reports

Student Consultancy Project
Meld theory with practice through our student case project is our unique program.
In each course you will analyze the impact of security requirements and practices
on your organization, and provide an extensive report on your organization's
security environment including recommendations for improvements and
increased security effectiveness. These six reports will provide invaluable
analysis and recommendations to your organization's management, build
important relationships, and establish yourself as a security leader.

As security professionals, the developers and directors of the CSIAC have been
concerned about the confidentiality of our students' employers' information. Only
the Program Director, the Associate Program Director, and an Assistant Director
have access to information about a student's employer during the admissions
process. University staff members in the offices of the Registrar may also have
access to employer information because of student financial arrangements.
As a CSIAC student, you need never reveal where you work to students and
faculty in the program:

      You may use a non-employer e-mail address
      You may refer to your employer as "my employer" or "the organization" or
       some other neutral term in all discussions and term papers
      You need not indicate in which city, area of the country where you live
      You have no obligation to reveal which businesses, or branch of the
       government, or military you work for
      You are under no pressure whatsoever to compromise the confidentiality
       of your employer's information

The only people who must read your term papers are your Instructors; if you wish
to share your papers with other students as part of a peer-review process, that's
entirely up to you. Other members of the CSIAC staff may read papers as part of
their quality-control duties. In cases of suspected academic dishonesty, the
CSIAC on Academic Integrity will also read specific papers.

As a matter of professionalism, propriety, privacy and academic integrity no part
of any student work or discussion should ever be quoted, circulated or
republished without explicit permission from the writer.

Advance Computer Security & Information Assurance Training Program                  5