Syllabus - ISEC610

ISEC610 - Information Assurance

Description:
This course covers the fundamentals of security in the enterprise environment. Included are coverage of risks and vulnerabilities, threat modeling, policy formation, controls and protection methods, encryption and authentication technologies, network security, cryptography, personnel and physical security issues, as well as ethical and legal issues. This foundational course serves as an introduction to many of the subsequent topics discussed in depth in later security courses.

Outcomes:

  • Preserve confidentiality and integrity of information through appropriate cryptographic controls
  • Propose user authentication methods for information systems
  • Recommend access control schemas for systems and software
  • Critique cloud and databased security measures
  • Classify malware according to propagation and payload
  • Prescribe defenses against intrusion and denial of service attacks
  • Explain the causes of and remediation for software flaws that lead to security vulnerabilities
  • Plan and evaluate operating system hardening processes
  • Compare and contrast the formal models for trusted computing
  • Create, maintain, and promote suitable security policies
  • Perform quantitative and qualitative risk assessments

Required Text(s):

Rhodes-Ousley, M. (2013). Information Security: The Complete Reference (2nd ed.). New York, USA: McGraw Hill. ISBN: 9780071784351.