ITE 145: Fundamentals of Information Systems Security

Course Description

This course will focus on an overview of security challenges and strategies of countermeasure in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. (3 credits)

Prerequisite

  • ITE 101: Management Information Systems or ITE 102: Introduction to Computer Science

Student Learning Outcomes (SLOs)

Upon completion of the course, the students will be able to:

  1. Explain information systems security and its effect on people and businesses.
  2. Describe the principles of risk management, risk assessments, and issues related to threats and vulnerabilities in an IT infrastructure.
  3. Describe networking principles and security mechanisms.
  4. Explain the role of access controls in an IT infrastructure.
  5. Explain how businesses apply cryptography in maintaining information security.
  6. Describe the impact of malware on an organization’s systems and how to prevent and detect attacks.
  7. Explain the role of security operations, security policies, security audits, testing, and monitoring in an IT infrastructure.
  8. Explain the role of contingency planning, the basics of incident handling, and the tools and techniques that digital forensic specialists use to carry out a forensic investigation.
  9. Apply information security standards, professional certifications, and compliance laws to real-world applications in both the private and public sector.

Course Activities and Grading

AssignmentsWeight

Discussions (Weeks 1-8)

15%

Labs (Weeks 1-7)

20%

Lab Quizzes (Weeks 1-7)

10%

Written Assignments (Weeks 2, 3, 4 & 7)

20%

Projects (Weeks 2, 3, 5, 6 & 8)

20%

Final Exam (Week 8)

15%

Total

100%

Required Textbooks

Available through Charter Oak State College's Book Bundle

  • Kim, David, and Michael G. Solomon. Fundamentals of Information Systems Security - with Access Code. 4th ed. Sudbury, MA: Jones & Bartlett, 2023. ISBN-13: 978-1-284-22073-5

Note: This is a bundle which includes the textbook and an access code required for this course. Student must purchase these materials “New” from the Charter Oak State College bookstore. Used materials or materials from any other source are not acceptable.

Additional Resources

  • Links and readings will be provided in the Course Documents and Webliography sections on Blackboard.

Technical Requirements

  • See below for additional requirements

Course Schedule

WeekSLOsReadings and ExercisesAssignments

1

1

Topic: Information Systems Security Fundamentals

  • Readings:
    • Chapter 1: Information Systems Security
    • Chapter 2: Emerging Technologies Are Changing How We Live
  • Read assigned chapters
  • Review the Lecture material
  • Participate in the Discussions
  • Review Course Materials
  • Submit Lab 1 - Exploring the Seven Domains of a Typical IT Infrastructure
  • Submit Quiz – Lab 1
  • Begin working on Project Part 1 due Week 2

2

2

Topic: Risks, Threats, And Vulnerabilities

  • Readings:
    • Chapter 3: Risks, Threats, And Vulnerabilities
  • Read assigned chapter
  • Review the Lecture material
  • Participate in the Discussions
  • Submit Lab 2 - Perform a Vulnerability Assessment
  • Submit Quiz - Lab 2
  • Submit Assignment - Quantitative and Qualitative Risk Assessment Analysis
  • Submit Project - Part 1: Data Classification Standards and Risk Assessment Methodology

3

3

Topic: Business Drivers, Networks, and Telecommunications

  • Readings:
    • Chapter 4: Business Drivers of Information Security
    • Chapter 5: Networks and Telecommunications
  • Read assigned chapters
  • Review the Lecture material
  • Participate in the Discussions
  • Submit Lab 3 - Performing Packet Capture and Traffic Analysis
  • Submit Quiz - Lab 3
  • Submit Assignment - Remote Access Control Policy Definition
  • Submit Project - Part 2: Gap Analysis Plan

4

4,5

Topics: Access Controls and Cryptography

  • Readings:
    • Chapter 6: Security Operations and Administration
    • Chapter 7: Auditing, Testing, and Monitoring
  • Read assigned chapters
  • Review the Lecture material
  • Participate in the Discussions
  • Submit Lab 4 - Applying User Authentication and Access Controls
  • Submit Quiz - Lab 4
  • Submit Lab 5 - Using Encryption to Enhance Confidentiality and Integrity
  • Submit Quiz - Lab 5
  • Submit Assignment - Design an Encryption Strategy

5

6

Topics: Malicious Software and Attack Vectors

  • Readings:
    • Chapter 8: Malicious Software and Attack Vectors
  • Read assigned chapters
  • Review the Lecture material
  • Participate in the Discussions
  • Submit Lab 6 - Assessing Common Attack Vectors
  • Submit Quiz - Lab 6
  • Submit Project - Part 3: Malware Attack and Security Breach

6

7

Topics: Security Operations, Auditing, Testing, and Monitoring

  • Readings:
    • Chapter 9: Security Operations and Administration
    • Chapter 10: Auditing, Testing, and Monitoring
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Lab 7 - Implementing an IT Security Policy
  • Submit Quiz - Lab 7
  • Submit Lab 8 - Implementing Security Monitoring and Logging
  • Submit Quiz - Lab 8
  • Submit Project - Part 4: System Hardening and Auditing

7

8

Topics: Contingency Planning and Digital Forensics

  • Readings:
    • Chapter 11: Contingency Planning
    • Chapter 12: Digital Forensics
  • Read assigned chapters
  • Review the Lecture material
  • Participate in the Discussions
  • Submit Lab 9 - Configuring Backup and Recovery Functions
  • Submit Quiz - Lab 9
  • Submit Lab 10 - Performing Incident Response and Forensic Analysis
  • Submit Quiz - Lab 10
  • Submit Assignment - Methods and Techniques When Uncertain How to Respond to Cybersecurity Incidents

8

9

Topics: Information Security Standards, Certifications, and Laws

  • Readings:
    • Chapter 13: Information Security Standards
    • Chapter 14: Information Security Certifications
    • Chapter 15: Compliance Laws
    • Review chapters and course materials for Final Exam
  • Read assigned chapters
  • Review the Lecture material
  • Participate in the Discussions
  • Submit Assignment - Apply the Payment Card Industry Data Security Standard (PCI DSS)
  • Submit Project - Part 5: Presentation to Leadership
  • Submit Final Exam
  • Complete Course Evaluation

Hatsize System Requirements

Internet Connection

  • Bandwidth: At least .8 Mbps per second
  • Latency: Less than 125 milliseconds

Minimum System Requirements

  • N/A – all requirements are network and browser-based

Browser Requirements

  • Any contemporary browser that supports HTML 5 classes
  • Chrome and Firefox are recommended

COSC Accessibility Statement

Charter Oak State College encourages students with disabilities, including non-visible disabilities such as chronic diseases, learning disabilities, head injury, attention deficit/hyperactive disorder, or psychiatric disabilities, to discuss appropriate accommodations with the Office of Accessibility Services at OAS@charteroak.edu.

COSC Policies, Course Policies, Academic Support Services and Resources

Students are responsible for knowing all Charter Oak State College (COSC) institutional policies, course-specific policies, procedures, and available academic support services and resources. Please see COSC Policies for COSC institutional policies, and see also specific policies related to this course. See COSC Resources for information regarding available academic support services and resources.