Syllabus
IS 651 – Special Topics: Computer Security

 

Fall, 2003

Mondays 4:00 – 6:20 PM

Lecture Classroom is Forensic Sciences Building

 

Course Description:

An introduction to the various technical and administrative aspects of Information Security and Assurance.  This course provides the foundation for understanding the key issues associated with protecting information assets, determining the levels of protection and response to security incidents, and designing a consistent, reasonable information security system, with appropriate intrusion detection and reporting features.

The purpose of the course is to provide the student with an overview of the field of Information Security and Assurance.  Students will be exposed to the spectrum of security activities, methods, tools, and procedures.  Coverage will include inspection and protection of information assets, detection of and reaction to threats to information assets, and examination of pre- and post-incident procedures, technical and managerial responses and an overview of the Information Security Planning and Staffing functions.

Prerequisites:

·         None

Textbook and Resources:

·         M. Whitman and H. Mattord. Principles of Information Security,

       (Course Technology, 2003).

·         Software used in lab: Provided by Instructor.

Instructor:

Patricia Logan, Ph.D.

Office:

South Charleston campus room 338

Email Address:

loganp@marshall.edu

Phone:

304-746-1951

Office Hours:

T 5:00 PM to 6:30 PM

MTh  11 am -2 pm

On-line each morning at 9 am

Course Objectives:

After completing the course, students will be able to:

q       Identify and prioritize information assets.

q       Identify and prioritize threats to information assets.

q       Define an information security strategy and architecture.

q       Plan for and respond to intruders accessing computing resources.

q       Describe legal and public relations implications of security and privacy issues.

q       Present a disaster recovery plan for recovery of information assets after an incident.

q       Perform a basic computer security review

q       Develop a report of findings for a simple forensic examination.

q       Use forensic tools to discover evidence.

q       Define current issues in computer security.

q       Apply the legal issues to the search and seizure of evidence.

q       Possess an ethical framework to implement investigation procedures.

COURSE Policies

Attendance:

The Instructor expects your attendance at each and every class; however, actual attendance is up to the student. Grade performance is a demonstrated function of attendance, preparation and participation. You can get behind very easily by skipping classes, resulting in a poor understanding of the material, which will show up as a poor grade for the class. Any class sessions missed by the student are the student's responsibility to make up, not the instructor's. Business meetings that require substantial loss of class time should be discussed with the instructor.  Late arrival that causes disruption, early departure that causes disruption, excessive conversation among students (a disruption in its own right), inappropriate use of electronic devices that cause disruptions, and other actions that disrupt the classroom are unacceptable.

Assessment:

 

 

Class discussion

15

 

Exams

40

 

Exercises

Lab Assignments

10

10

 

Project

25

 

 

100 points total

 

 

 

 

Grade Evaluation:

 

 

A

90% - 100%

 

B

89% - 80%

 

C

79% - 70%

 

D

69% - 60%

 

F

59% or below

 

Evaluation criteria explained:

  • Students are expected to be active participants in each class meeting. Full credit for participation will be extended to students who provide case study summaries, lead group discussion, regularly ask questions, share observations, and contribute relevant personal experiences. Points are awarded at the end of each class session.
  • There are two exams for the course.  The first exam will be taken at the testing center.  Exams cover the lecture material and assigned readings.
  • The lab assignments will consist of a number of individual and homework tasks.  Students will be given specific guidance on the amount of collaboration permitted for each assignment. Unless otherwise specified, all assignments are individual assignments, and thus must be completely the original work of the student submitting them and include proper citations to the published work of others.

Guidelines for submitting work:

Assignments are to be submitted to the instructor at the beginning of a class session.  An email submission must be received prior to the stated deadline.  The following format must be used when submitting assignments via email.  Subject: IS651 yourname LAB#     Late assignments will be accepted at the discretion of the instructor and may result in a point penalty.

 

 

 

Electronic Devices:

In order to minimize the level of distraction, all watches, beepers and cellular phones must be on quiet mode during class meeting times. Students who wish to use a computer/PDA for note taking need prior approval of the instructor since key clicks and other noises can distract other students. Recording of lectures by any method requires prior approval of the instructor.

 

 

Email Messages:

Remember to put the course name in the subject field of every e-mail message that you send me.

 

Class Participation:  Students will be asked to provide case study analysis and lead the discussion of questions.  Case studies are included at the beginning of each chapter and occasionally, from outside sources.  Case studies represent sample situations and students are encouraged to offer contrary and/or opposing views.

 

 

Semester Project:

A group project will be performed with delivery during the last two class sessions. Details of this group project assignment will be made available.

 

Labs:

There will be several lab “sweat days” where forensic investigations will be performed, including practice using forensic software tools.  These sessions are tentatively scheduled for Saturday mornings. Alternate assignments will be provided for students that cannot make these sessions.  Please let the instructor know if you cannot be there.  The instructor provides donuts!

 

 

Disability Statement:

Any student with a documented disability needing academic adjustments is requested to notify the instructor as early in the semester as possible, and must do so before the mid-term exam. Verification from MU disabled Student Support Services is required. All discussions will remain confidential.

 

 

 

 

 

Weekly Schedule

Tentative Course Schedule - Subject To Change With Notice

 

Week

Date

Textbook Assignment

Other Assignments, What’s Due and Notes

 

 

 

 

1

 

 

8/25

Chapter 1

Introduction to the course

 

 

 

 

 

 

3

9/6

Chapter 1

Questions 1,2,12, 15, 19, 20

 

Exercises:2 & 3

Cases 1 & 2

http://hermes.circ.gwu.edu/archives/cybercrime.html

http://www.cybercrime.gov/williams_turnerSent.htm

 

4

9/15

Chapter 2

Questions:  1,2,7,8, 10, 22, 23, 24

 

Exercise 2, 3, 5

 

Blaster, Slammer & Sobig

Computer crime survey www.gosci.com/press/20020407.htm

 

www.sans.org/newlook/resources/glossary.html

www.sans.org/top20.html

 

Bitten by a Bug Case Study

 

5

9/22

Chapter 3

Questions: 1, 10, 17

Exercises: 4 & 5

Case Exercise #1

www4.law.cornell.edu/uscode/47/222.html

www.hipaadvisory.com/regs/HIPAAprimer1.htm

www.issa.org/codeofethics.html

www.cio.com/archive/110101/court.html

 

6

9/29

Chapter 4

Questions: 5,6,7,11

Exercises: 1,2,4,5

Case II

 

Chapter 5

TBD

7

10/6

Mid Term Exam

Testing Center

 

 

 

8

10/13

Chapter 6

TBD

 

 

 

9

10/20

Chapter 7

TBD

 

 

Tentative date for Lab 2

10

10/27

Chapter 8

TBD

 

 

 

11

11/3

Chapter 9

TBD

 

 

 

12

11/10

Chapter 10

TBD

 

 

 

13

11/17

Chapter 11

Tentative date for Lab 3

 

 

 

14

11/24

Chapter 12

TBD

 

 

 

15

12/1

Project Presentations

 

 

 

 

16

12/8

Project Presentations