IT&C 366

Information Assurance and Security

Electrical and Computer Engineering Ira A. Fulton College of Engineering

Course Description

Computer security principles, models, terminology. Risk management and incident prevention. Firewalls, intrusion detection systems, and encryption. Information assurance dimensions of availability, integrity, authentication, confidentiality and non-repudiations to ensure transmission, storage, and processing of information. Communication for technical and non-technical audiences.

When Taught

Winter

Min

3

Fixed

3

Fixed

2

Fixed

3

Title

Risk Management

Learning Outcome

Use risk assessment methods to create a security plan that uses both technical and non-technical countermeasures for a management audience.

Title

Penetration Testing

Learning Outcome

Explain how the processes of certification, accreditation and maintenance can mitigate risks, and be able to support these by performing a penetration test using basic hacking techniques.

Title

Practicum

Learning Outcome

Install and configure various countermeasures such as firewalls, intrusion detection systems, virtual private networks, and encryption systems; and explain the benefits, limitations and usability impact these may have within an organization.

Title

Incident Response

Learning Outcome

Develop as a team, incident response, disaster recovery and business continuity plans with an awareness of laws, regulatory standards and best practices.

Title

History and Context

Learning Outcome

Explain information assurance and security models, and relate these to historical and current security problems in the context of standards, best practices, policy, planning, usability and continuous education.

Title

Security for technical and non-technical personnel

Learning Outcome

Instruct technical and non-technical audiences about the key elements of a good security implementation.