Instructor(s): Dr. Wayne
Summers
Office:
CCT455 Office
phone: (706) 568-3057
Department phone: (706) 568-2410 Department
FAX: (706) 565-3529
Office Hours: 11-11:50 a.m.
MWF (in online chat); 2-2:50 p.m. TR (in online chat); via e-mail, net-meetings
and by appointment
e-mail address: summers_wayne@ColumbusState.edu
homepage:http://csc.ColumbusState.edu/summers
Catalog Description of Course: (Prerequisite
CPSC 6126 Information Systems Assurance). This course provides the student
with the skill or ability to design, execute, and evaluate information security
procedures and practices. This level of understanding will ensure that students
are able to apply security concepts while performing their tasks. Topics
include encryption algorithms, developing a security policy, attack monitoring,
attack response, and disaster planning and recovery. The student will be
presented with practical approaches to security and the use of security tools (3 credits).
Required Textbook(s):
- Introduction to Computer Security by Matt Bishop, Addison
Wesley Professional, 2005, ISBN: 0-321-24744-2.
- The Art of Deception: Controlling the Human Element of
Security, by
Kevin D. Mitnick and William L. Simon, John
Wiley & Sons, 2002, ISBN: 0471237124.
Supplementary
Books and Materials
Software and
manuals found in the lab and on the Internet
Course Objectives
1.
Students will understand the major issues in network
and computer system security, focusing mainly on threats from malicious
software.
2.
Students will have an understanding of common attacks
on computer networks and methods to detect and remediate such attacks.
3.
Students will have an understanding of the guiding
principles of computer system security.
4.
Students will be able to evaluate information
security procedures and practices.
5.
Students will be able to design and implement information
security procedures and practices.
Major Topics
1.
Foundations of computer and network security.
2.
Threats and vulnerabilities
3.
Technical defenses: authentication, operating system
security, firewalls, etc.
4.
Network vulnerability assessment and intrusion
detection.
5.
Remediation methods, including backup and repair
strategies.
6.
Encryption and methods for its usage.
7.
Business continuity planning and disaster recovery
planning
8.
Issues in physical security.
Instructional Methods and Techniques
- The
class will be taught online. Learning sessions will usually be conducted
via threaded discussion and will include recorded lectures on the
instructor's web site. See http://cs.ColumbusState.edu/Academics/Online/OnlineInfo.asp
for information on taking an online course.
- Students
will be expected to participate in asynchronous threaded discussions.
- All
students must have access to networked computers for doing assignments.
- Students
will have an opportunity to use a variety of security tools to reinforce
their learning of the concepts.
- Discussion
may also be available through live chat.
How to Access
the Course
This course
is being offered through WebCT. You can access WebCT at: http://webct.ColumbusState.edu/
At this page, click on the "Log on to" link
to activate the WebCT logon dialog box, which will
ask for your WebCT username and password. Your WebCT username and password are:
Username: lastname_firstname
Password: ssnXXXX
where "XXXX" is the last four
digits of your social security number.
If you try the above and WebCT will not let you
in, please use the "Comments/Problems" link at the bottom of the WebCT home page to request help. If you are still having
problems gaining access a day or so after the class begins, please e-mail me.
Once you've entered WebCT, you will see a list
of courses you have access to. The CPSC 6136 course is listed as "Advanced Systems Security." Below
this, you should see my name as the instructor. You may also see new discussion
postings, new calendar postings, and new mail messages. Clicking on the name of
the course will take you to the course's home page. If you don't see the "Advanced
Systems Security" course in the list, please e-mail me immediately.
Once you have
clicked on the course's name and accessed the particular course itself, you
will find a home page with links to other sections and tools, and a menu on the
left-hand side. The first thing you should do is “Take the Guided
tour”. This information will give you a feel for what's available in the
particular WebCT classroom environment. Once you've
read this information, please feel free to explore the other areas.
How This
Course Will Work
This course
will consist of readings, discussion questions, webliography
assignments, “lab” assignments, a final project and two exams. On a
weekly basis, you will need to:
- review
the week's lesson;
- complete
the readings from the two
texts;
- read and
if possible, listen to the lectures;
- complete
the “lab” assignments;
- submit
responses to weekly discussion questions based on the readings;
- submit webliography URLs’; and
- comment on other students' responses to the discussion
questions.
In addition
to the weekly requirements, you will need to:
decide on and complete a final project.
Online Discussions
To maximize
your learning, you are expected to participate actively in the weekly
discussions. To receive maximum credit for participating, you must post a
response to EACH discussion question of at least 150 words and comment on ONE
of the other students' responses for EACH discussion assignment. There is, of
course, no upper limit on the amount of discussion in which you can be involved
in.
The responses
to other students' postings should add to the substance of the posting, request
clarification, provide a different perspective, or challenge the assertions
made by providing real or hypothetical scenarios that the original posting does
not adequately address. Remember, the purpose of course discussions is to
stimulate academic debate. Critical thinking is highly desirable!
I will read
every response and every comment, but I will not necessarily respond to
every response or to every comment. I will, however, interject
comments where necessary for clarification.
Discussion
Etiquette
CSU is
committed to open, frank, and insightful dialogue in all of its courses.
Diversity has many manifestations, including diversity of thought, opinion, and
values. Students are encouraged to be respectful of that diversity and to
refrain from inappropriate commentary. Should such inappropriate comments
occur, I will intervene as I monitor the dialogue in the discussions. I will
request that inappropriate content be removed from the discussion and will
recommend university disciplinary action if deemed appropriate. Students as
well as faculty should be guided by common sense and basic etiquette. The
following are good guidelines to follow:
Never post
content that is harmful, abusive; racially, ethnically, or religiously
offensive; vulgar; sexually explicit; or otherwise potentially offensive.
Student
Responsibilities
As a student
in this course, you are responsible to:
“I
didn’t know” is not an acceptable excuse for failing to meet the
course requirements. If you fail to meet your responsibilities, you do so at
your own risk.
Instructor
Responsibilities
As your instructor in this course, I
am responsible to:
- post weekly lessons outlining
the assignments for the week,
- post weekly discussion
questions,
- read all responses to discussion
questions and comments to responses,
- actively participate in weekly
discussions when necessary,
- decide on and coordinate a final
project with you,
- grade discussion questions,
comments, assignments, and the final project, and post scores within one
week of the end of the week in which they are submitted, and
- read any e-mail sent by the you and
respond accordingly within 48 hours.
Although I will read every posted
discussion question and response, I will not necessarily respond to every
post.
Student Web Server
Space
There may be times when you will want
to use an actual Web server in response to discussion questions or for
projects. All currently enrolled CSU students (including online students) can
request free Web server space on the CSU student Web server. Simply go to http://students.ColumbusState.edu and click on
the "Free Web Pages" icon. Then click on the link to request the
account. Under normal circumstances, the account and space will be created in a
matter of seconds. This server is also .NET capable.
Assignments for Course
Course
Evaluation (tentative):
Grades may be determined according to
this scale:
General Policies
You are responsible for all class
work missed, regardless of the reason for the absence(s). Late assignments will
not be accepted. No makeup exams or quizzes will be given, so please make sure
you are present for all exams/quizzes. Refer to the CSU Catalog (http://aa.ColumbusState.edu/advising/a.htm#Attendance%20Policy)
for more information on class attendance and withdrawal.
Academic
dishonesty
Academic dishonesty includes, but is not limited to, activities such as
cheating and plagiarism (http://aa.ColumbusState.edu/advising/a.htm#Academic%20Dishonesty/Academic%20Misconduct).
It is a basis for disciplinary action. Any work turned in for individual
credit must be entirely the work of the student submitting the work. All work
must be your own. [For
group projects, the work must be done only by members of the group.] You may share ideas but submitting identical assignments (for example)
will be considered cheating. You may discuss the material in the course and help
one another with debugging; however, any work you hand in for a grade must be
your own. A simple way to avoid inadvertent plagiarism is to talk about the
assignments, but don't read each other's work or write solutions together unless
otherwise directed by your instructor. For your own protection, keep scratch
paper and old versions of assignments to establish ownership, until after the
assignment has been graded and returned to you. If you have any
questions about this, please see your instructor immediately. For assignments, access to notes, the course textbooks, books and other
publications is allowed. All work that is not your own, MUST be properly
cited. This includes any material found on the Internet. Stealing or giving
or receiving any code, diagrams, drawings, text or designs from another
person (CSU or non-CSU, including the Internet) is not allowed. Having access
to another person’s work on the computer system or giving access to
your work to another person is not allowed. It is your responsibility to
prevent others from having unauthorized access to your work.
No cheating
in any form will be tolerated. Penalties for academic dishonesty may include
a zero grade on the assignment or exam/quiz, a failing grade for the course,
suspension from the Computer Science program, and dismissal from the program.
All instances of cheating will be documented in writing with a copy placed in
the Department’s files. Students will be expected to discuss the
academic misconduct with the faculty member and the chairperson. For more
details see the Faculty Handbook: http://aa.ColumbusState.edu/faculty/FacHandbook0203/sec100.htm#109.14
and the Student Handbook: http://sa.ColumbusState.edu/handbook/handbook2003.pdf
|
Getting help
You can always contact me during my posted office hours, by e-mail, or by
appointment.
CSU ADA statement
If you have a documented disability as described by the Rehabilitation Act of
1973 (P.L. 933-112 Section 504) and Americans with Disabilities Act (ADA) and
would like to request academic and/or physical accommodations please contact
Joy Norman at the Office of Disability Services in the Center for Academic
Support and Student Retention, Tucker Hall (706) 568-2330, as soon as possible.
Course requirements will not be waived but reasonable accommodations may be
provided as appropriate.
SUGGESTED WEEKLY SCHEDULE FOR COMPUTER
SECURITY (tentative)
|
Lecture Topic
|
Homework
|
Week 1:
Aug 22-6
|
CS –
chapters 1, 2
|
See Website
http://csc.ColumbusState.edu/summers/NOTES/6136/labs-6136.htm
and WebCT calendar
|
Week 2:
Aug 29-Sept.23
|
CS -
chapters 3, 4
|
Lab 1
|
Week 3:
Sept. 5-9
|
CS –
chapters 5, 6, 7
|
Lab 2
|
Week 4:
Sept. 12-16
|
CS –
chapters 8, 9
|
Lab 3
|
Week 5:
Sept. 19-23
|
CS –
chapters 10, 11
|
Lab 4
|
Week 6:
Sept. 26-30
|
CS –
chapters 12, 13
|
Lab 5
|
Week 7:
Oct. 3- 7
|
CS –
chapters 14
REVIEW
|
Lab 6
|
Week 8:
Oct. 10-15
|
FALL BREAK
MIDTERM
EXAM (chapters 1-14)
|
Lab 7
|
Oct. 17
|
MIDPOINT;
GRADUATE CANDIDANCY
|
|
Week 9:
Oct. 17-21
|
CS –
chapters 15, 16
|
Lab 8
|
Week 10:
Oct. 24-28
|
CS –
chapters 17, 18
|
Lab 9
|
Week 11:
Oct. 31
– Nov. 4
|
CS –
chapters 19, 20
|
Lab 10
|
Week 12:
Nov. 7-11
|
CS –
chapters 21, 22
|
Lab 11
|
Week 13:
Nov. 14-18
|
CS –
chapters 23
Art of
Deception
|
Lab 12
|
Week 14:
Nov. 21-22
|
CS –
chapters 24
Art of
Deception
THANKSGIVING
|
Lab 13
|
Week 15:
Nov. 28-
Dec. 2
|
CS –
chapters 25
Art of
Deception
|
Lab 14
|
Week 16:
Dec. 5-9
|
CS –
chapters 26
Art of
Deception
|
Lab 15
|
Week 17:
Dec. 12-19
|
FINAL EXAM
|
|