Feb 19, 2020  
2019 - 2020 Cowley College Academic Catalog 
    
2019 - 2020 Cowley College Academic Catalog

CIS1959 SECURITY+ COURSE PROCEDURE


CIS1959 SECURITY+

3 Credit Hours

Student Level:

This course is open to students on the college level in either the Freshman or Sophomore year.

Catalog Description:

CIS1959 - Security+ (3 hrs.)

This course will prepare students for the CompTIA Security+ certification.  The topics will include security concepts, threats, cryptography, network attacks, network defenses, device security, identity management, access management, and risk management.

Course Classification:

Lecture

Prerequisites:

None.

Co-requisites:

None

Controlling Purpose:

This course is designed to prepare students to protect computer systems.  These concepts provide a foundation for further courses involving security and preparation for the Security+ certification test.

Learner Outcomes:

Upon completion of the course, the student will be able to explain security concepts, threats, cryptography, network attacks, network defenses, device security, identity management, access management, and risk management.  The student will be able to use various intrusion, detection, and protection tools.

Unit Outcomes for Criterion Based Evaluation:

The following outline defines the minimum core content, not including the final examination period. Instructors may add other material as time allows.

UNIT 1: Introduction to Security

Outcomes: Demonstrate knowledge of the basics of security, including securing information, defining security, identifying the types of threats, and how to defend against these attacks.

  • Explain the challenges of securing information
  • Define information security and explain why it is important
  • Identify the types of threat actors that are common today
  • Describe how to defend against attacks

UNIT 2: Malware and Social Engineering Attacks

Outcomes: Demonstrate the knowledge necessary to identify the two categories of malicious software programs and deceiving users, examining attacks that use malicious software, and explain current methods of attack through users of the computer system.

  • Define malware
  • List the different types of malware
  • Identify payloads of malware
  • Describe the types of psychological, social engineering attacks
  • Explain the physical, social engineering attacks

UNIT 3: Basic Cryptography

Outcomes: Explain risk and steps to manage it, strategies for reducing risk, practices for mitigating risk, and troubleshooting techniques for common security issues.

  • Define cryptography
  • Describe hash, symmetric, and asymmetric cryptographic algorithms
  • Explain different cryptographic attacks
  • List the various ways in which cryptography is used

UNIT 4: Advanced Cryptography and PKI

Outcomes: Explain how cryptography is implemented, digital certificates along with public key infrastructure, and different transport cryptographic algorithms.

  • Explain how to implement cryptography
  • Define digital certificates
  • Describe the components of Public Key Infrastructure (PK
  • Describe the different transport encryption algorithms

UNIT 5: Networking and Server Attacks

Outcomes: Describe network attacks and defenses, common attacks against networks, and attacks that target network-based servers and the applications that run on those devices.

  • Describe the different types of networking-based attacks
  • Explain how servers are attacked

UNIT 6: Network Security Devices, Design, and Technology

Outcomes: Explain the basics of network security, and investigates how to build a secure network through network devices, network architectures, and network technologies.

  • List the different types of network security devices and how they can be used
  • Describe secure network architectures
  • Explain how network technologies can enhance security

UNIT 7: Administering a Secure Network

Outcomes: Explain secure network protocols, proper locations for installing security devices, steps for analyzing security data, and how to secure three types of network applications: virtualization, cloud computing, and software defined networks.

  • List and describe the functions of secure network protocol
  • Explain the placement of security devices and technologies
  • Tell how security data can be analyzed
  • Explain how to manage and secure network platforms

UNIT 8: Wireless Network Security

Outcomes: Explain wireless network security, investigate common attacks on wireless devices, different vulnerable wireless security mechanisms, and secure wireless protections.

  • Describe the different types of wireless network attacks
  • List the vulnerabilities in IEEE 802.11 security
  • Explain the solutions for securing a wireless network

UNIT 9: Client and Application Security

Outcomes: Explain the different types of client devices and how to secure them, basic client hardware and software security, physical security to protect client devices, and the development and deployment of secure software applications.

  • List the steps for securing a client device
  • Define application security
  • Explain how physical security can be used for protection

UNIT 10: Mobile and Embedded Device Security

Outcomes: Explain the different types of mobile devices, risks associated with these devices, technique to secure these devices and their applications, embedded systems, the Internet of Things, and the risks.

  • List and compare the different types of mobile devices and how they are deployed
  • Explain the risks associated with mobile devices
  • List ways to secure a mobile device
  • Describe different types of embedded systems and IoT devices and how to secure them

UNIT 11: Authentication and Account Management

Outcomes: Explain the different types of authentication credentials, single-sign on, and techniques and technologies to manage user accounts securely.

  • Describe the different types of authentication credentials
  • Explain what single sign-on can do
  • List the account management procedures for securing passwords

UNIT 12: Access Management

Outcomes: Explain access management, how to manage access through account management, best practices for access control, ways to implement it, and identity and access services.

  • Define access management and list the access control models
  • Describe how to manage access through account management
  • List the best practices for access control
  • Describe how to implement access control
  • Explain the different types of identity and access services

UNIT 13: Vulnerability Assessment and Data Security

Outcomes: Explain vulnerability assessment, tools and techniques, differences between vulnerability scanning and penetration testing, and steps for practicing data security.

  • Explain how to assess the security posture of an enterprise
  • Define vulnerability assessment and explain why it is important
  • Explain the differences between vulnerability scanning and penetration testing
  • Describe the techniques for practicing data privacy and security

UNIT 14: Business Continuity

Outcomes: Explain business continuity, prevention of disruptions through redundancy, protection of resources with environmental controls, and usage of incident response procedures and forensics during an event.

  • Define business continuity
  • Describe how to achieve fault tolerance through redundancy
  • Explain different environmental controls
  • Describe forensics and incident response procedures

UNIT 15: Risk Mitigation

Outcomes: Explain risk and steps to manage risk, strategies for reducing risk, practices for mitigating risks, and troubleshooting common security issues that may increase risk.

  • Explain how to manage risk
  • Describe strategies for reducing risk
  • List practices for mitigating risk
  • Describe common security issues

Projects Required:

Varies, refer to syllabus.

Textbook:

Contact Bookstore for current textbook.

Materials/Equipment Required:

None

Attendance Policy:

Students should adhere to the attendance policy outlined by the instructor in the course syllabus.

Grading Policy:

The grading policy will be outlined by the instructor in the course syllabus.

Maximum class size:

Based on classroom occupancy

Course Time Frame:

The U.S. Department of Education, Higher Learning Commission and the Kansas Board of Regents, define credit hour and have specific regulations that the college must follow when developing, teaching and assessing the educational aspects of the college. A credit hour is an amount of work represented in intended learning outcomes and verified by evidence of student achievement that is an institutionally-established equivalency that reasonably approximates not less than one hour of classroom or direct faculty instruction and a minimum of two hours of out-of-class student work for approximately fifteen weeks for one semester hour of credit or an equivalent amount of work over a different amount of time.  The number of semester hours of credit allowed for each distance education or blended hybrid courses shall be assigned by the college based on the amount of time needed to achieve the same course outcomes in a purely face-to-face format.

Refer to the following policies:

402.00 Academic Code of Conduct

263.00 Student Appeal of Course Grades

403.00 Student Code of Conduct

Disability Services Program:

Cowley College, in recognition of state and federal laws, will accommodate a student with a documented disability. If a student has a disability which may impact work in this class and which requires accommodations, contact the Disability Services Coordinator.