Docstoc

Curriculum

Document Sample
Curriculum Powered By Docstoc
					                                         IT SECURITY A-Z
                                            Curriculum


SESSION I - 1 Hour
4/29/08 ~ 10:30-11:30 AM ~ Garren Auditorium, Biomedical Sciences Building
60 min       GENERAL OVERVIEW
                 Health Sciences Overview
                       - Missions
                       - The IT Professional's Role
                 Curriculum Overview
                       - Health Sciences IT Security Plan
                       - Meeting minimum network security standards
                       - Preparation for Upcoming Sessions

SESSION II - 4 Hours
5/7/08 ~ 12:30-4:30 PM ~ Garren Auditorium, Biomedical Sciences Building
15 min       EQUIPMENT STANDARDS
                 Purchasing Equipment
                 Budgeting for Equipment Compliance
                 Addressing Scientific Equipment Issues
                 Equipment Inventory
                 Maintenance
                 Registering Devices
45 min       SOFTWARE PATCHING/UPDATES
                 Available Security Patches
                 Updating Various Operating Systems
60 min       ANTI-VIRUS SOFTWARE
                 Free Software
                 Various Software Utilized
                 Update Mechanisms
                 Websites
                 Malware Attachment
                 Key Logging
60 min       PASSWORDS
                 Complex Passwords
                 Strong Authentication Standards for Passwords
                 Encrypted Access In Terms of Authentication/Communication
                 Physical Security
60 min       HOST-BASED FIREWALL SOFTWARE
                 Unneccesary Services


SESSION III - 4 Hours
5/14/08 ~ 12:30-4:30 PM ~ Garren Auditorium, Biomedical Sciences Building
90 min       SECURING SENSITIVE DATA
                 Data Storage/Encryption
                 Department Firewalls
                      - Device Logging
                 Private/Department VLAN
                 Access Control Lists (ACL)
                 Scanning for Sensitive Data
                 Unauthenticated E-mail Relays/Proxy Access
30 min       ACQUIRING RESOURCES
                 Medical Center, Campus, Third Party
                 Websites and Contacts
120 min      UCSD/GOVERNMENT POLICIES & REGULATIONS (Kevie Naughton, Gabe Lawrence, TBD)
                 Policies
                      - HIPAA
                      - AB 1298
                      - SB 1386
                      - PCI
                 Compliance
                      - Non-Compliance Penalties and Consequences



                                                 Page 1                               Updated 7/17/2010

				
DOCUMENT INFO