IT 4823 — Information Security Concepts and Administration
Course Syllabus — Spring, 2018
| Instructor: | Dawn Tatum |
(470) 578-3797 (404) 444-3748 (cell) |
Office hours: (J-358) Mondays, 1 – 5 PM; also by appointment. I will respond to discussion postings and email within 24 hours during the work week.
| Course calendar: | |||
| Date | Topic | Reading | Due Today |
| Module 1: Cryptography | |||
| Jan 8-14 | Introduction and Overview | Chapter 1 | |
| Jan 15-21 | Cryptography I | 2.1-2.2 | |
| Cryptography II | 2.3-2.8 | Assignment Zero Quiz 1 |
|
| Cryptography III | |||
| Module 2: Identification, Authentication, and Access Control | |||
| Jan 22-28 | Identification and Authentication | Chapter 3 | Assignment 1 |
| Storing and Using Passwords | Quiz 2 | ||
|
Jan 29- Feb 4 |
Access Control | Chapter 4 | Assignment 2 |
| Module 3: Database Security, Traffic Analysis, Intelligence and Counterintelligence |
|||
| Feb 5-11 | Database Security and Cloud Security | Chapter 5 | Quiz 3 |
| Traffic Analysis | |||
| Intelligence and Counterintelligence | Assignment 3 | ||
| Module 4: Attacks and Network Defenses |
|||
| Feb 12-18 | Malicious Software | Chapter 6 | Quiz 4 |
| Denial of Service Attacks | Chapter 7 | ||
| Feb 19-25 | Examination 1 | ||
| Intrusion Detection | Chapter 8 | ||
|
Feb 26- Mar 4 |
Firewalls and Intrusion Prevention Network Configuration and Buffer Size Attacks |
Chapter 9 Chapter 10 |
Assignment 4 |
| Module 5: Software and O.S. Security, Trusted Computing | |||
| Mar 5-11 | Software Security | Chapter 11 | |
| Operating System Security | Chapter 12 | Assignment 5 | |
| Mar 12-18 | Trusted Computing and Multilevel Security | Chapter 13 | Quiz 5 |
| Module 6: Security Controls | |||
| Mar 12-18 | Security Management, Risk Assessment, Controls | Chapter 14-15 | Quiz 6 |
| Mar 19-25 | Physical and Infrastructure Security | Chapter 16 | Assignment 6 |
| Power Management | |||
| Examination 2 | |||
|
Mar 26- Apr 1 |
Human Resources Security Security Auditing |
Chapter 17 Chapter 18 |
Quiz 7 |
| Apr 2-8 | Spring Break |
||
| Module 7: Concluding Topics | |||
| Apr 9-15 | Legal and Ethical Aspects | Chapter 19 | Assignment 7 |
| Internet Security Protocols and Standards | Chapter 22-23 | ||
| Apr 16-22 | Linux, Windows, and Wireless Security | Chapter 24 | Assignment 8 |
| Business Continuity Planning | Quiz 8 | ||
| Apr 23-29 | Review for Final | ||
| Apr 30 | Final Exam: Proctor U | ||
Required Textbook: Stallings, William and Lawrie Brown Computer Security Principles and Practice, Third Edition. Pearson / Prentice Hall, 2015; ISBN-13: 9780133773927. The third edition has been revised substantially. Only the third edition will do for this course.
Course Modality and Meeting Times: The course will be conducted entirely on line with discussion, reading assignments, homework or labs, quizzes, and examinations.
Catalog Description: IT 4823 - Information Security Administration & Privacy
3 Class Hours 0 Laboratory Hours 3 Credit Hours
Prerequisite: (IT 3123 or CS 3224) and (MATH 2345 or CSE 2300) and CSE 3153
The student develops knowledge of the principles of information assurance at the policy, procedural, and technical levels to prepare the student for a role as a business decision-maker. Real-world examples from the text and current events will be used to demonstrate the applicability of the techniques of information assurance.
Course outcomes: Students who complete this course successfully will be able to:
- Describe the importance of information security and how it affects our changing world.
- Describe the threats to and vulnerabilities of personal, organizational, and national security information systems.
- Demonstrate a working knowledge of principles and practices in information security, including application of encryption.
- Design, execute, and evaluate personal or organizational security policies, procedures and practices.
- Analyze critically situations of computer use, identifying the security issues, consequences and viewpoints.
Academic conduct: Collaboration with your classmates in studying and understanding the material is part of the collegiate experience, and is strongly encouraged. Collaboration on written assignments is permitted and encouraged, but each student must turn in work written in his or her own words. Copying another's work will be considered cheating; all students involved will receive a grade of zero, a reduction in the course grade, and possibly other penalties including failure of the course and dismissal from the University. Unless you are specifically advised otherwise by the instructor, any work submitted for credit must be completely the work of the individual student.
Collaboration or cheating on examinations will result in a grade of zero, a reduction in the course grade, and possibly other penalties including failure of the course and dismissal from the University. Plagiarism, fabrication, or other academic misconduct will result in a grade of zero, a reduction in the course grade, and possibly other penalties, including failure of the course and dismissal from the University.
Every KSU student is responsible for upholding the provisions of the Student Code of Conduct, as published in the Undergraduate and Graduate Catalogs. Section 5c of the Student Code of Conduct addresses the university's policy on academic honesty, including provisions regarding plagiarism and cheating, unauthorized access to university materials, misrepresentation/falsification of university records or academic work, malicious removal, retention, or destruction of library materials, malicious/intentional misuse of computer facilities and/or services, and misuse of student identification cards. Incidents of alleged academic misconduct will be handled through the established procedures of the Department of Student Conduct and Academic Integrity (SCAI), which includes either an "informal" resolution by a faculty member, resulting in a grade adjustment, or a formal hearing procedure, which may subject a student to the Code of Conduct's minimum one semester suspension requirement. See also https://web.kennesaw.edu/scai/content/ksu-student-code-conduct.
It is very important that you understand the concepts of academic integrity. If any of the above is not clear, or if you are not certain what some of the terms mean, please ask me. A misunderstanding in this area could end your academic career.
Use of Course Materials: Some lecture slides, notes, or exercises used in this course may be the property of the textbook publisher or other third parties. All other course material, including but not limited to slides developed by the instructor(s), the syllabus, assignments, course notes, course recordings (whether audio or video) and examinations or quizzes are the property of the University or of the individual instructor who developed them. Students are free to use this material for study and learning, and for discussion with others, including those who may not be in this class, unless the instructor imposes more stringent requirements. Republishing or redistributing this material, including uploading it to web sites or linking to it through services like iTunes, violates the rights of the copyright holder and is prohibited. There are civil and criminal penalties for copyright violation. Publishing or redistributing this material in a way that might give others an unfair advantage in this or future courses may subject you to penalties for academic misconduct.
KSU policy states, "No person shall make public any electronically recorded class discussion without the written permission of the instructor."
| Grading plan: | 30% | Assignments |
| 30% | Exams (Two @15% each) | |
| 15% | Quizzes | |
| 25% | Final Exam |
In general, I will use the following scale to assign course letter grades. However, I reserve the right to make adjustments (either up or down) for borderline cases.
Grading Scale: 90 and above: A. 80-89.9: B. 70-79.9: C. 60-69.9: D. Below 60: F.
Extra Credit: Projects or exercises for additional credit are sometimes made available to all students in the course. If these opportunities arise, you will be notified via the News/Announcements Tool.
Grades prior to the midpoint of the term: You will receive at least one examination grade and one homework or quiz grade prior to the midpoint of the term, which is the last date to withdraw with a grade of W. If, at any time, you are concerned about your progress in the course, please talk to me.
Class participation policy: Participation in class is expected. You participate by engaging meaningfully in the on line class discussions. Asking relevant questions and, most especially, answering the questions of others when you are sure of the answer, raises your participation grade. "Filler" comments like, "I agree" do not contribute to learning and may lower your participation grade.
You should be aware that information not in the book will be presented in the discussions and you will be held responsible for it on examinations. You are responsible for announcements, assignments, and syllabus revisions made during the term.
Historically, students with good participation records have done significantly better in my classes than students with poor records.
Preparation: You will be expected to have read this syllabus and the Standards of Academic Conduct handout prior to the due date for Assignment Zero. You should complete the reading assignments according to the course calendar and syllabus. I recommend that you read each chapter before it is discussed and jot down questions about anything that is not clear. Ask your questions in the discussion area. Then re-read each chapter, jotting down important points. Use these notes to study for the examinations.
Submission of work for this course: All work for this course will be submitted using Desire2Learn. Only work submitted through the Desire2Learn "Dropbox" tool will be accepted. No email. No paper. No excuses! You are responsible for allowing enough time to check your upload. "Technical difficulties" will not be accepted as an excuse for missing work.
Be sure you complete the D2L upload process; you will get an auto-generated confirming email. "It didn't work" will not be accepted as an excuse. Be careful what you upload. "I uploaded the wrong document" will not be accepted as an excuse.
You must prepare your work in a form that can be opened with Microsoft Word 2010 or later. One way of doing that is with Libre Office, which is a free and open-source software product. (If you have access to MS Word, just use it; you don't have to download and learn Libre Office.)
Every submission must have your name and the assignment number on the first page. At least in some cases I'm going to be downloading these assignments. If you haven't told me who you are, I can't record your grade!
If you are struggling with the written part of assignments, the KSU Writing Center helps students in all majors improve their writing. Writing assistants help with topic development, revision, research, documentation, grammar, and more. For more information or to make an appointment, visit writingcenter.kennesaw.edu or stop by English Building, Room 242 (Kennesaw campus) or Room A-184 (Marietta campus).
Handwritten work: In a few cases, such as diagrams or "long" arithmetic, where typing your work would be a burden, I will accept handwritten work. Each assignment will indicate if handwritten work is acceptable, and for what parts. If you choose to hand-write a part of your work, you must scan the handwritten part and paste it into your electronic document at the proper place. (Scanners are available in the CSE lab.) Do not submit multiple documents for one assignment, nor submit assignments with the parts out of order. Those won't be graded.
Due dates: Assignments are due at 11:59 PM on the date shown in the syllabus or course calendar. Late assignments will not be graded and will be recorded as zeros. As university students, I expect you will manage your time well enough to be able to complete your assignments on time in spite of both usual and unanticipated events.
Assignment Grades: Assignments are graded on a 100 point scale. If you have questions about any part of an assignment, ask me well before the due date. "I didn't understand," will not be accepted for missing or incomplete work.
Assignment Peer Review: Some assignments may be reviewed by your peers as part of the grading process. I reserve the right to determine which assignments will be peer reviewed and to assign reviewers.
Examinations will be based in part on the contents of the assignments.
Turnitin Similarity Detection: Students agree that by taking this course all required papers may be subject to submission for textual similarity review to Turnitin.com for the detection of plagiarism. All submitted papers will be included as source documents in the Turnitin.com reference database solely for the purpose of detecting plagiarism of such papers. Use of the Turnitin.com service is subject to the Terms and Conditions of Use posted on the Turnitin.com site.
Quizzes: Quizzes for this course will be administered using Desire2Learn and will be available approximately three days before the due date. They are open-book and open-notes, but not "open Internet." Why not? Well, there's a lot of misinformation and incomplete information on the web, and I don't want to put any into your heads through the quizzes. In any case, quizzes are timed, so you will not have much research time available.
Each quiz is worth only 1-4 points on your final grade, so if you have trouble with one of them do not despair. The main value of the quizzes is to help you assess whether you're ready for the examinations.
Examinations: Examinations will consist mainly of short-answer questions. You must take the exams on the dates in the syllabus unless you have made arrangements with me well in advance of the exam. Makeup examinations will not be given unless you make prior arrangements with me. In general, makeup examinations will only be allowed in cases of genuine emergency or exigent circumstances, such as serious illness. Requests for makeup exams for the convenience of the student will generally not be allowed. You must take the final exam on the date set by the Registrar; no exceptions will be permitted unless a licensed medical practitioner certifies that you are unable to take the examination or you qualify for consideration under the University's exam conflict policy. The final examination will be comprehensive.
Students with disabilities: Kennesaw State University provides program accessibility and reasonable accommodations for persons defined as disabled under Section 504 of the Rehabilitation Act of 1973 and the Americans with Disabilities Act of 1990. Kennesaw State University does not deny admission or subject to discrimination in admission any qualified disabled student.
A number of services are available to help students with disabilities with their academic work. In order to make arrangements for special services, students must visit the Office for Student Disability Services and make an appointment to arrange an individual assistance plan. In most cases, certification of disability is required.
Special services are based on
- medical and/or psychological certification of disability,
- eligibility for services by outside agencies, and
- ability to complete tasks required in courses.
Technical Support
Information on technical support can be found in the Student Resources sub-module of the Start Here module. You can also find information here: http://learnonline.kennesaw.edu/how-it-works/online_student_resource_guide.php
Student Support Services
Kennesaw State University wants you to succeed, and provides support services to help you do so.
You will find more information here http://kennesaw.edu/currentstudents.php and here: http://sss.kennesaw.edu/
ADA Position Statement
Kennesaw State University, a member of the University System of Georgia, does not discriminate on the basis of race, color, religion, age, sex, national origin or disability in employment or provision of services. Kennesaw State University does not discriminate on the basis of disability in the admission or access to, or treatment or employment in, its programs or activities.
The Americans with Disabilities Act (ADA), Public Law 101-336, gives civil rights protections to individuals with disabilities. This statute guarantees equal opportunity for this protected group in the areas of public accommodations, employment, transportation, state and local government services and telecommunications.
The following individuals have been designated by the President of the University to provide assistance and ensure compliance with the ADA. Should you require assistance or have further questions about the ADA, please contact:
- ADA Compliance Officer for Students
470-578-6443 - ADA Compliance Officer for Facilities
470-578-6224 - ADA Compliance Officer for Employees
470-578-6030
For more information, go to: http://www.kennesaw.edu/stu_dev/dsss
Information about accessibility of the KSU technologies required for the course can be found here: https://softchalkcloud.com/lesson/serve/jV10GKPfztZwQn/html
Assignments for this course recommend the Kleopatra interface for GNU Privacy Guard and suggest the ZenMap interface for NMAP. Students with accessibility concerns may use GNU Privacy Guard and NMAP directly. Both are text-base programs adaptable to the use of screen readers.
Privacy Policies
The privacy policy for Desire2Learn Brightspace can be found here: http://www.brightspace.com/legal/privacy/
The privacy policy for the Learning Styles Index is here: https://www.webtools.ncsu.edu/learningstyles/ and states: "Your response data and your learning style profile are not stored or sent to anyone other than you and cannot be recovered once you have received the profile."The privacy policy for the hash computation tool used in assignment one is here: http://www.fileformat.info/about/privacy.htm
The privacy policy for GNU Privacy Guard is here: https://www.gnupg.org/privacy-policy.html
The privacy policy for the NMAP network mapping tool is here: http://insecure.org/privacy.html
How to Succeed in this Class: Here are five things you can do that will greatly improve your chances of making a satisfactory grade in this class:
- Read the syllabus: It is a lot of trouble to prepare so detailed a syllabus. You should assume I had a reason for it. You should read every word in the syllabus before the second class. I will not be sympathetic to complaints that you didn't understand something about the course if it's written down in the syllabus.
- Read the textbook: You will get a lot more out of this class, and so be able to give back more on the assignments and examinations, if you read the assigned parts of the textbook before class. In my experience, students who don't complete the reading before class either never complete it or try to cram it all in just before the exams. That doesn't work.
- Come to class and participate: Participation forms a part of your course grade. When you participate in the discussions, you learn and also help others learn. The printable slides are an integral part of the course. If you ignore them, you will learn less and probably earn a lower grade.
- Do the homework: You cannot pass the course without doing at least most of the homework. The homework assignments build upon one another. If you get behind, you will find it very difficult to catch up.
- Allow enough time: More unsatisfactory grades are due to procrastination than any other cause. Do not assume that you can complete the homework and reading assignments in the thirty minutes before the due date and time; you cannot. The most successful students complete this work the weekend before it is due.
What I expect of You
- You will prepare for each session by having done the assigned reading.
- You will do your own work. There are severe penalties for cheating.
- You will complete your work on time.
What You May Expect of Me
- Your work will be graded and returned promptly; generally within one week.
- I will listen respectfully to your opinions.
- I will answer your questions promptly and carefully; if I do not know an answer, I'll find out.
- I will help you succeed.
Administrivia: Contact information: If I need to communicate with you by email during the term, I will use Desire2Learn Course Mail. It is your responsibility to check mail frequently.
Adherence to Policies: This course will be conducted in accordance with the University System of Georgia and KSU policies concerning accessibility and reasonable accommodation, respect for copyright holders, rights pertaining to student records and compliance with FERPA, sexual misconduct policy, and respect for religious, cultural, and gender differences.
Social Networks: Please do not ask me to join your social network on Google+, Facebook, LinkedIn, etc. until after you have graduated, and then only if you earned grades of B or better in each of my classes.