Course Descriptions
Information Security Tools for Code & Data Analysis
IAS211
Introduction to the concepts and tools used to perform analysis of code and data in the support of managing the security of information systems. Focus on common programming/scripting language to automate data collection and analysis in support of an audit or similar evaluation as well as common tools used to evaluate the content of code and memory segments in support of activities like incident response, forensic investigation, and system compromise. Overview of tools and skills necessary to collect and analyze data to support an information systems security program. Spring Only.
3 Credits: 3 Lecture
Prerequisites:
CIT230 and CIT240 and CIT260
Ethical Hacking & Penetration Testing
IAS311
Introduction to the process of securing an information system against attack. Study includes application of concepts learned in prerequisite classes to both defend and compromise a system. Various tools for managing and compromising systems are explored as well as safeguarding ancillary systems to prevent collateral damage during testing procedures. Legal and ethical issues associated with penetration testing are explored as well. A grade of a “C” or higher is required in all prerequisite courses. Spring Only.
3 Credits: 3 Lecture
Prerequisites:
CIT230 and CIT240 and MTH161
Network Defense
IAS312
Study and application of concepts of network defense including, but not limited to, intrusion detection/prevention systems, firewalls, VPN's, honeypots and honeynets. DMZs and Proxy servers, password management and network access control. Study includes defense in depth; minimizing attack surface; networking monitoring, traffic analysis, and hardening. Study also addresses mission assurance, network policy development, and enforcement and network operational procedures. Fall Only.
3 Credits: 3 Lecture
Prerequisites:
CIT230 and CIT240 and EET247
Information Security Policy
IAS411
Introduction to the methodologies used to develop an organizational security policy. Study includes the legal and privacy issues that arise from establishing organizational security policies as well as evaluation tools and practices currently used in developing organizational security policies. Course work includes developing a comprehensive security policy and establishing the procedures necessary to enforce such policy. (Writing Enriched )
3 Credits: 3 Lecture
Prerequisites:
CIT230 and CIT246
IAS Awareness, Training & Education
IAS412
Introduction to the techniques involved in developing and disseminating information security training. Skills learned include determining the appropriate level of training needed for a given situation and identifying those who should be trained.
3 Credits: 3 Lecture
Prerequisites:
CIT230 and CIT246
Contingency Planning
IAS413
Introduction to the methodologies used to develop organizational contingency plans. Study includes the analysis, planning, writing and testing of various contingency plans for organizations IT and IAS systems. Various tools and methodologies to assess the specific events that drive contingency planning efforts. Course work includes developing a comprehensive contingency plan for a given scenario, procedures for testing the plan, and criteria for evaluating the effectiveness of the plan.
3 Credits: 3 Lecture
Prerequisites:
IAS411
Secure System Accreditation & Certification
IAS461
Introduction to the process of certifying that an information system meets required security standards. Study includes the process for preparing a system for a formal security audit, conducting the audit, collecting the audit data, interpreting the data, identifying required remediation, and preparing a report of the results.
3 Credits: 3 Lecture
Prerequisites:
IAS411
Risk Analyst Capstone
IAS466
Study and application of risk analysis and risk management as they pertain to organizational information systems. Study includes the methodologies used to develop an organizational security plan. Capstone work includes development of a comprehensive risk management plan and the processes necessary to implement the plan.
3 Credits: 3 Lecture
Prerequisites:
IAS412 and IAS461
Advanced Topics in Information Assurance & Security
IAS490
Research and discussion of emerging issues in information assurance and security, drawing upon repositories of information that document developing issues in information assurance and security. Spring Only.
3 Credits: 3 Lecture
Prerequisites:
IAS461; or
IAS413
IAS Seminar I
IAS492A
Forum for discussing and exploring issues related to information assurance and security. The context is interdisciplinary and will focus in part on issues external to IAS that affect how an organization can effectively implement and manage IAS. Fall Only.
1 Credit: 1 Lecture
Prerequisites:
IAS411
IAS Seminar II
IAS492B
Forum for discussing and exploring issues related to information assurance and security. The context is interdisciplinary and will focus in part on issues external to IAS that affect how an organization can effectively implement and manage IAS. Spring Only.
1 Credit: 1 Lecture
Prerequisites:
IAS411
