MASTER COURSE SYLLABUS
Date:January 2000
Course Number:MIS 660
Course Title:Information Security Management
Instructor(s):Reid
Typical Textbook:Gollman, Computer Security, John Wiley & Sons, Inc., 1999
Catalog Description: Examines management issues associated with the control and audit of information systems. Specific emphasis is on IT controls and their evaluation, computer-based auditing techniques, encryption, and security policies. Recent developments in IT, such as client-server systems and the Internet, and their impact on auditing, control, and security, are also considered.
Prerequisites:MIS 634 or the equivalent
Goals and Objectives:Computing security is increasingly important. This is due in part to the low cost, improved performance and availability of microcomputer hardware and software, low cost networking, and the growth of the Internet. This course is designed to provide students with an understanding of security hardware and software.
The course is divided into multiple phases. The first phase will provide the students with a background on encryption and PKI (Public Key Infrastructure) components that are available and the managerial implications that are associated with local area and wide area networks will be presented.
The final phase will introduce security policies and how the programs are implemented. Legal and ethical issues associated with security will also be presented.
MASTER COURSE SYLLABUS
MIS 660
January 2000
Subject Matter Based on 14 160 minute sessions
1) Background 1 session
a) Is there a security problem?
b) Who is involved in security?
c) Business security requirements
2) Encryption3 sessions
a) Basic encryption/decryption
b) Secure encryption systems
c) Using encryption
3) Malicious Code1 session
a) Viruses, Trojan Horses, Worms and other types of malicious code
b) Protection software
4) Operating Systems2 sessions
a) Protection in Operating Systems
b) Designing Trusted Operating Systems
5) Database Security1 session
6) Network Security2 sessions
a) Lan security
b) VPN (Virtual Private Networks)
c) WAN
d) Internet
7) Administering Security2 sessions
a) Risk analysis
b) Security Policies
8) Legal & Ethical Issues2 sessions
Global Issues:Security and encryption in a global business environment
Technology:Pervasive throughout the course
Examinations:Mid-term and final
Cases:1 applications project
Projects:1 individual project expanding coverage of a specific security element
Final:Final examination
Computer Usage:Demonstration of components, no direct lab assignments
Diversity:Not applicable
Ethics Coverage:Privacy issues