CIS 3550: Sample Course Syllabus

Title Cybersecurity
Description This course aims to provide a managerial perspective of contemporary issues in computer and network security, including an assessment of state-of-the-art approaches used to address security problems and their integration with organizational/informational systems audit, computer information systems, and management practices. Upon completing the course, students should have a practical understanding of how to design, implement, and maintain a network security plan that successfully defends a network from malicious or accidental intrusion. 3 Hours,
Prerequisites CIS 2200
Learning Goals Oral communication skills:

  • Students will be able to orally articulate the basic concepts in information security, including security policies, security models, and security mechanisms.

o     Written communication skills:

  • Students will be able to prepare written reports that describe threats to networks, and explain techniques for ensuring network security, including encryption, authentication, firewalls, and intrusion detection.

o     Technological skills:

  • Students will be able to draw from appropriate sources that are relevant to examining the importance of cybersecurity in business, and use the information drawn from such sources suitably in developing their analyses.
  • Students will be able to articulate the risks, threats, and vulnerabilities of computer networks,
  • Students will be able to articulate the managerial challenges in and solutions for implementing a security plan for computer networks.

o     Ethical decision-making:

  • Students will be able to analyze the role of ethics in securing computer networks.

o     Global awareness:

  • Students will be able to articulate the global role of computer networks in shaping businesses.

 

Grades
Mid-term exam * 20%
Final exam * 30%
Case Report (2@20%) ** 40%
Participation * 10%
TOTAL 100%
Textbooks
  • Kim, D., and Solomon, M.G. (2014) Fundamentals of Information Systems Security. Jones & Bartlett Learning, Burlington (MA). ISBN-13: 978-1-284-03162-1.
  • Mowbray, T.J. (2014) Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions. John Wiley & Sons, Indianapolis (IN). ISBN-13: 978-1-118-69711-5.
  • Shoemaker, D., and Conklin, W.A. (2012) Cybersecurity: The Essential Body of Knowledge. Course Technology, Boston (MA). ISBN-13: 978-1-4354-8169-5.
Topics

 An Overview of Cybersecurity.

Risks; threats; vulnerabilities.

A TCP/IP Primer.

The TCP/IP Model; IP addressing; ICMP.

Threats.

Viruses; worms; rootkits.

Exploitation.

DOS; shellcode; SQL injection; man-in-the-middle.

Fraud.

Click fraud; phishing; pharming; spyware/malware.

Frameworks and Standards.

NIST Cybersecurity Framework; Zachmann; ISO27001/2; COBIT.

Lab-I: Types of Attack. UDP floods; network scanning; password crackers.

Lab-II: Forensics-I. Intrusion detection; packet sniffing.

Lab-III: Forensics-II. Advanced packet sniffing.

Lab-IV: Security Fundamentals. Firewalls; security policies; authentication.

Security Plan-I: Assessing Threats. Understanding the organizations primary risks.

Security Plan-II: Devising Solutions. Implementing policies.

Security Plan-III: Penetration Testing. Assessing the veracity of the security plan.

 

 

css.php