Apr 24, 2024  
2021-2022 College Catalog 
    
Catalog Navigation
  Catalog Home
  Degrees and Certificates
  Academic Departments
  All Programs
  Course Descriptions
  Message from the Chancellor
  Academic Calendar
  The College
  Admissions, Registration and Records
  Costs and Payments
  Financial Assistance
  Student Services and Student Life
  Educational Options
  Earning a Degree or Certificate
  Center for Training and Development Clock Hour Modules
  Selected Policies, Governance and Faculty
  General Education Courses
HELP
2021-2022 College Catalog [ARCHIVED CATALOG]

CIS 229 - Protecting Your PC and Network: Countermeasures to Network

3 Credits, 3 Contact Hours
3 lecture periods 0 lab periods

Management of security for networking security professionals. Includes an overview of risk assessment and risk management principles, the CIS (confidentiality, integrity and availability) Triad, security management and policies, access controls, software development security, business continuity, and disaster recovery planning. Also includes an introduction to cryptology, legal aspects of computer crime, telecommunications, and network security.

Recommendation: Completion of CIS 119  or CIS 170 , and CIS 228  before enrolling in this course. If any recommended course is taken, see a financial aid or Veteran’s Affairs advisor to determine funding eligibility as appropriate.
Information: This course corresponds to the CISSP Certification (Certified Information Security Specialist Profession), but is not intended as a complete preparation for the CISSP Exam.
 

Course Learning Outcomes
  1. Discuss risk assessment and management techniques in IT security.
  2. Categorize types of threats or malware in software security.
  3. Explain countermeasures to malware within the area of software security.
  4. Discuss the use of Internet Protocols, (TCP/IP and TCP/UDP) Ports and their use in malware attacks.
  5. Explain the trade-offs of the Security Triad as they relate to securing information.
  6. Discuss fraud and cybercrime topics of importance.
  7. Discuss public and private key encryption techniques used in securing information.
Outline:
  1. Risk Assessment and Risk Management within Information Security
    1. Risk avoidance
    2. Risk mitigation
    3. Risk acceptance
  2. Methods of Controlling Access to Information
    1. Possession-based authentication
    2. Biometric authentication
    3. Multi-factor authentication
  3. Ensuring Security through Software Development
    1. Operating system security
    2. Application development security
    3. Object-oriented programming and security
  4. Identification of Threats and Malware within Information Security
    1. Buffer overflow attacks
    2. Types of malicious software
      1. Viruses
      2. Trojan horses
      3. Rootkits
      4. Bots
  5. Employing Countermeasures to Threats and Malware within Information Security
  1. Anti-virus software
  2. Anti-rootkit software
  3. Firewalls
  4. White-listing software
  1. Introduction to Internet Protocols and TCP/UDP (Transmission Control Protocol/User Datagram Protocol) Ports
  1. IPv4 Addressing and Network Computation
  2. TCP (Transmission Control Protocol) Introduction
  3. Security flaws in TCP/IPv4
  1. Guaranteeing Business Continuity and Disaster Recovery Planning
  1. Classifying disasters
  2. The business continuity (BC) and disaster recovery lifecycle (DRL)
  3. Developing BC and DRL plans
  1. Exploring the legal aspects and regulations in investigations
  1. The roles of computers in crime
  2. Categories of computer crimes
  1. Espionage and cyber warfare
  2. Theft and fraud
  3. Harassment
  4. Cyber fraud
  1. Security Operations Employed in Protecting Information
    1. Security operations concepts
  1. Need-to-know
  2. Least privilege
  3. Separation of duties
  4. Job rotation

B.   Backups

  1. Data restoration
  2. Protection of backup media
  3. Offsite storage of backup media
  1. Introduction to Physical and Environmental Security Telecommunications and Network Security
  1. Site access security
  2. Equipment protection
  3. Environmental controls
  1. The 10 domains of Knowledge for the CISSP (Certified Information Security Specialist Profession)
  2. Public and Private Key Encryption Methods
    1. Overview of public vs private key encryption
    2. Public key infrastructure
    3. Popular encryption algorithms
  3. Security Architecture and Design
    1. Security models
      1. Mandatory access control
      2. Discretionary access control
      3. Role-based access control
      4. Rule-based access control

B. Computer hardware architecture

  1. Central processor unit
  2. Storage
  3. Bus

Effective Term:
Fall 2021