VIEWS: 33 PAGES: 5 POSTED ON: 3/22/2010
COMPUTER SECURITY & INFORMATION ASSURANCE PROGRAM Course-IA500:Foundations The first course provides an introduction to information assurance. The topics covered include cyberspace law, computer forensics, computer crime, information warfare, penetrating computer systems and networks, malicious code, denial-of-service attacks, E-commerce vulnerabilities, and physical threats to the information infrastructure. 1. Introduction to Information Systems Security Assurance 2. Computer Crime Classification & Surveys 3. Information Warfare 4. The Psychology of Computer Criminals 5. Penetrating Computer Systems & Networks 6. Malicious Code, Mobile Code & Denial-Of-Service Attacks 7. Cyberspace Law & Computer Forensics 8. Protecting Intellectual Property Law 9. Fundamentals of Cryptography 10. Public Key Infrastructure 11. Preparation of Student Reports Course-IA520:Prevention-Technical-Defenses The second course examines the range and effectiveness of the technical tools used to protect the information infrastructure. These tools include cryptography systems, identification and authentication, operating system security, e- commerce safeguards, firewalls and proxy servers, anti-malware and anti-spy ware technology, software development and quality assurance, and anti-piracy techniques. 1. Physical threats to the information infrastructure 2. Protecting the information infrastructure, monitoring, controls and honey pots 3. Identification and authentication 4. Operating system fundamentals and security 5. Network management LAN security, and wireless networks 6. Firewalls, proxy servers and intrusion detection systems 7. Anti-malware and anti-spam measures 8. E-commerce security 9. Software development and quality assurance - anti-piracy techniques 10. Security standards for products 11. Preparation of student reports Advance Computer Security & Information Assurance Training Program 1 Course–IA530:Prevention-Human-Factors This course looks at the human factors contributing to information security. These factors include security policy guidelines, security awareness, ethical decision-making in the context of technology, employment practices and policies, operations security and production controls, e-mail and Internet use policies, working with law enforcement, use of social psychology to implement security policies, and auditing. 1. Security policy guidelines 2. Security awareness 3. Ethical decision-making and high technology 4. Employment practices and policies 5. Operations security and production controls 6. E-mail and Internet use policies 7. Working with law enforcement 8. Using social psychology to implement security policies 9. Auditing and assessing computer systems 1 10. Auditing and assessing computer systems 2 11. Preparation of student reports Course–IA540:Detection,Responseand Hot Topics The fourth course covers the tools and techniques for detecting and responding to intrusions. The topics in this seminar include vulnerability assessment, and intrusion detection systems, computer emergency/incident response teams, censorship, privacy and anonymity, standards and laws, and the future of information assurance. 1. Threat and vulnerability analysis 2. Risk assessment and risk management 3. Business continuity planning, backups 4. Disaster recovery planning 5. Computer emergency quick-response teams 6. Digital investigations and incident post-mortem 7. Censorship, privacy and anonymity 8. Standards and laws: ISO17799, GLB, SOX and HIPAA 9. The future of information assurance 10. Professional development in IA 11. Preparation of student reports Advance Computer Security & Information Assurance Training Program 2 The following courses are elective courses (IA-551, IA-552, IA-553, AND IA-554). Choose one. Each course is 11 weeks long. IA-551 Emergency Management Course IA551 - Elective The Emergency Management seminar prepares you to enter the emergency management field in either the private or public realm. You will learn the principles of emergency management and you will gain the real-world experience of developing an emergency management plan for your organization. The Emergency Management course will take you through the emergency management planning life cycle. You will examine planning and preparedness methodologies, risk assessment at organization-wide or community-wide levels, and vulnerability assessments, which identify the specific functions that could be disrupted by a disaster. The course then explores the mitigation strategies to reduce exposure to disasters. The final topics are response to, and recovery from,disasters. IA-552 Business Continuity Planning Course IA552 - Elective Business continuity planning is similar to emergency management in its focus on prevention of and recovery from disruptions in an organization's processes. The difference lies in BCP's focus on organizational survival: developing strategies that allow critical business processes to continue despite the crisis until normal business functions can be resumed. Business continuity planners must also account for threats beyond traditional disasters such as fire, storm, or terrorism to include technology-based threats such as virus attacks, data loss, and corporate espionage. The goal is to develop methods to continue operations in the face of both localized and large-scale incidents. These methods must also address issues specific to organizations, such as public relations during an incident, working with authorities on an investigation, and replacing workers. Business continuity planning begins with a risk assessment and mitigation plan. Threats are examined in terms of impact on an organization's bottom line. Prioritizing threats and allocating mitigation resources will only be effective if the financial consequences of threat and mitigation are understood. Business continuity planning includes data backup and recovery techniques, employee training, and how to orchestrate shifting operations to offsite facilities. The overarching goal is to develop cost-effective systems which limit operational disruptions and quickly return an organization to normal functioning in a cost- effective manner. Advance Computer Security & Information Assurance Training Program 3 IA-553 Computer Security Incident Response Teams Course IA553 - Elective this course summarizes the key points in creating and managing a computer incident response team (CSIRT), also sometimes known as a computer emergency response team(CERT). Time spent evaluating and planning emergency response so that it is shortened by a few seconds may save a life or prevent a business disaster. Organizing people to respond to computer security incidents is worth the effort not only when an incident occurs but also because the analysis and interactions leading to establishment of the CSIRT bring benefits even without an emergency. This seminar will explore the following topics: Creating the CSIRT: functions, service levels, policies, staffing Responding to computer emergencies: triage, expertise, tracking, hotlines Managing the CSIRT: triage, expertise, tracking, hotlines Continuous process improvement: the post-mortem, sharing knowledge within the organization, sharing knowledge in the security community IA-554 Computer Forensics Investigations Course IA554 - Elective The Computer Forensics Investigation course is an eleven-week survey of the investigation of digital incidents such as electronic fraud, cyber crime and cyber terror. Survey topics include types and characteristics of digital incidents, management of digital evidence, investigative techniques, the difference between digital and traditional investigation, investigative and forensic tools and techniques, computer, network and software forensics, human factors in digital crime, and presenting conclusions. The seminar applies the framework suggested by the Digital Forensics Research Workshop comprising Identification, Preservation, Collection, Examination, Analysis, and Presentation. Course – IA560: Management Tools The sixth course examines the central concepts and techniques of management with an eye to supporting information assurance, including basic principles, working with vendors, balancing the need for protection of information with the need for information sharing, methods of accounting for expenditures and budgeting for projects, techniques for measuring results, leadership skills and problem-solving methods. 1. Security program and project management 2. Security leadership and organization 3. Security business case and financial concepts Advance Computer Security & Information Assurance Training Program 4 4. Security process, metrics and investment 5. Security frameworks 6. Compliance 7. Vendor relations, outsourcing and negotiations 8. Maturing a security program 9. Problem management 10. Security principles 11. Preparation of student reports Student Consultancy Project Meld theory with practice through our student case project is our unique program. In each course you will analyze the impact of security requirements and practices on your organization, and provide an extensive report on your organization's security environment including recommendations for improvements and increased security effectiveness. These six reports will provide invaluable analysis and recommendations to your organization's management, build important relationships, and establish yourself as a security leader. Confidentiality As security professionals, the developers and directors of the CSIAC have been concerned about the confidentiality of our students' employers' information. Only the Program Director, the Associate Program Director, and an Assistant Director have access to information about a student's employer during the admissions process. University staff members in the offices of the Registrar may also have access to employer information because of student financial arrangements. As a CSIAC student, you need never reveal where you work to students and faculty in the program: You may use a non-employer e-mail address You may refer to your employer as "my employer" or "the organization" or some other neutral term in all discussions and term papers You need not indicate in which city, area of the country where you live You have no obligation to reveal which businesses, or branch of the government, or military you work for You are under no pressure whatsoever to compromise the confidentiality of your employer's information The only people who must read your term papers are your Instructors; if you wish to share your papers with other students as part of a peer-review process, that's entirely up to you. Other members of the CSIAC staff may read papers as part of their quality-control duties. In cases of suspected academic dishonesty, the CSIAC on Academic Integrity will also read specific papers. As a matter of professionalism, propriety, privacy and academic integrity no part of any student work or discussion should ever be quoted, circulated or republished without explicit permission from the writer. Advance Computer Security & Information Assurance Training Program 5
"COMPUTER SECURITY _"