IT&C 366
Information Assurance and Security
Electrical and Computer Engineering
Ira A. Fulton College of Engineering
Course Description
Computer security principles, models, terminology. Risk management and incident prevention. Firewalls, intrusion detection systems, and encryption. Information assurance dimensions of availability, integrity, authentication, confidentiality and non-repudiations to ensure transmission, storage, and processing of information. Communication for technical and non-technical audiences.
When Taught
Winter
Grade Rule
Grade Rule 8: A, B, C, D, E, I (Standard grade rule)
Min
3
Fixed
3
Fixed
2
Fixed
3
Title
Risk Management
Learning Outcome
Use risk assessment methods to create a security plan that uses both technical and non-technical countermeasures for a management audience.
Title
Penetration Testing
Learning Outcome
Explain how the processes of certification, accreditation and maintenance can mitigate risks, and be able to support these by performing a penetration test using basic hacking techniques.
Title
Practicum
Learning Outcome
Install and configure various countermeasures such as firewalls, intrusion detection systems, virtual private networks, and encryption systems; and explain the benefits, limitations and usability impact these may have within an organization.
Title
Incident Response
Learning Outcome
Develop as a team, incident response, disaster recovery and business continuity plans with an awareness of laws, regulatory standards and best practices.
Title
History and Context
Learning Outcome
Explain information assurance and security models, and relate these to historical and current security problems in the context of standards, best practices, policy, planning, usability and continuous education.
Title
Security for technical and non-technical personnel
Learning Outcome
Instruct technical and non-technical audiences about the key elements of a good security implementation.
