Course Length:

20 hours over 10 weeks (1 two-hour meeting per week)

Course Description:

Techniques and technologies of information and data security. Types of attacks and what needs protection. Managerial aspects of computer security and risk management. Security services. Legal and ethical issues. Security process and best practices. Accreditation, procurement, security policy and plan development and enforcement, contingency, continuity and disaster recovery planning, and incident handling and response. Internet and e-commerce management issues. Preparation for design and administration of a complete, consistent, correct, and adequate security program.

Course Learning Objective:

Awareness of information security management, including threats, vulnerabilities, countermeasures, ethical and legal issues, and system life cycle management. Understanding of risk management, physical security, personnel security practices and procedures, software security, administrative security procedural controls, auditing, monitoring, and key management.

Major Topics:

Model of information systems security, planning, and management. Vulnerabilities in and threats to information security. Understanding of principles and practices of information security management, including technical, ethical, and legal aspects. Physical security measures. Personnel security practices and procedures. Audit, control, and monitoring of systems.

Method of Instruction:

Lecture, assignments, projects, presentations

Evaluation Methods:

Tests, assignments, projects, presentations