Information Technology 345

ITEC 345: Introduction to Information Security.

Prerequisite: ITEC 120 (Grade of “C” or better)

Credit Hours: (3)

Covers the fundamentals of information security. Lectures focus on providing a broad overview of principles, policies and procedures in security. ITEC 345 cannot be counted toward technical electives or BS requirements in any concentration. Students cannot earn credit for both ITEC 245 and ITEC 345.

Detailed Description of Content of Course

Topics include:
1. Security Goals and Fundamentals.
2. Personnel and physical security.
3. Administering security.
4. Cryptography fundamentals.
5. Fundamentals of Application security.
6. Fundamentals of Network security.
7. Privacy and legal issues.
8. Ethics.
9. Introduction to Digital Forensics.

Detailed Description of Conduct of Course

Students may be given programming projects and problems which will allow them to analyze vulnerabilities and determine policies and principles to prevent the exploitation of those vulnerabilities. Homework problems that require surveying existing network and OS security threats may also be given.  Assessment may include at least two exams.

Goals and Objectives of the Course

Students who complete the course will be able to:
1. Describe the common goals of security (confidentiality, integrity, availability, authentication and non-repudiation).
2. Enumerate the different types of vulnerabilities, threats and exploits to computing and networking infrastructure.
3. Describe some common administrative, physical and technological security controls.
4. Develop security plans, policies and procedures similar to those used in government and corporations.
5. Define risk management and explain aspects of risk management.
6. Describe privacy and ethical issues.
7. Describe the various laws that protect computer based systems and digital objects.

Assessment Measures

Instructor may give written assignments that assess conceptual knowledge or lab-based assignments that require students to configure secure services and/or apply secure design and programming principles to analyze software applications and network installations. Students will be required to either write a report or give a presentation on a security-related topic of their choice approved by the instructor. Assessment will include at least two exams.

Other Course Information

Review and Approval

2011            New Course        Arthur Carter, Chair

Revised: June 1, 2012