Undergraduate Certificate in Information Security Planning

This course is a study of the discipline of Information Assurance that focuses on protecting information assets by ensuring availability, confidentiality, integrity, authenticity, and non-repudiation. This course delves into the deliberate engineering, planning and implementation of the five major areas in any enterprise: hardware, software, networks, people, and policies. This course meets the topical requirements of the IAW 8570.1M Technical III, Management II and Management III categories.

This course examines the techniques and technologies for penetration of networks, detection of attacks, and prevention of attacks. This course addresses the techniques, the technologies, and the methodologies used by cyber intruders (hackers) to select a target and launch an attack. An understanding into the mind and psyche of the hacker is essential to anticipating the moves of the hacker and to design effective countermeasures. This course focuses on techniques and technologies to detect such attacks even while the attack is in progress; early detection enables the administrator to track the movements of the hacker and to discover the intent and goals of the hacker. This course assesses the various countermeasures to keep the system out of the “sights” of the hacker and to keep the hacker out of the perimeter of the target network. This course also explores the laws and the legal considerations in prosecuting computer crime.

This course allows students to examine a broad range of computer security issues and provides the student with technical knowledge not normally addressed in traditional training. It explores the protection of proprietary information and security planning with an emphasis on networked computer vulnerabilities. It also focuses on detection (e.g. viruses, hackers, types of computer crime, computer forensic examination, etc.), as well as disaster recovery and technology law. A primary focus is put on security of systems and computer crime prevention. Also addressed is the maturing criminal population with increased computer literacy, whose tendency is to move from violent actions to more profitable computer crime. Finally, issues of privacy and freedom of information are examined. This course meets the topical requirements of the IAW 8570.1M Technical II and Management I categories.

Security is one of the most important concerns in the world of Information Technology. This course examines the technical issues and the administrative practices to implement and manage security; in particular, this course focuses on the principles of security auditing. This course explores the various technologies and tools to assist with discovery and auditing in the world of security management. This course also assesses the audit practices, audit processes, audit plans, discovery process, discovery software, penetration strategies, identification of potential attacks, log analysis, user baseline analysis, activity analysis, risk assessment, roles and responsibilities, and the roles and responsibilities of security auditing professionals.

This course examines the principles of security planning and policy. It focuses on a variety of security guidelines, policies and plans (security requirements, internal users, external users, operational costs, geography, capacity plan, growth plan, business organization, business scenarios, business factors, business processes, business functions, business products, product lifecycle, technical factors, roles and responsibilities, and organizational authority). This course addresses physical security, authentication, network security, encryption, software development, email, Internet, acceptable use, acceptable speech, and viruses/worms. It also covers the need for actionable and maintainable policies and the need for periodic audits of policies and configurations.

This course examines how laws have had to change to account for the expanded realm of crimes in the digital age. Despite legislation intended to combat the problem of identity theft, it continues to be one of the most common crimes associated with the Internet. Sexual harassment complaints can now be triggered simply by an employee forwarding questionable email to fellow employees. Some regard intellectual property rights violations to be innocent flattery, while others consider them to be violations that must be stamped out by force of law. Plagiarism by students who pull content from the Internet is a growing problem. Stalkers can log into their victims lives and gain access to highly confidential medical and financial information, and even sabotage their victim's reputations. This course examines current literature on such topics.