ITE 145: Fundamentals of Information Systems Security

Course Description

This course will focus on an overview of security challenges and strategies of countermeasure in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. (3 credits)

Prerequisite

  • ITE 101: Management Information Systems or ITE 102: Introduction to Computer Science

Student Learning Outcomes (SLOs)

Upon completion of the course, the students will be able to:

  1. Explain the concepts of information systems security as applied to an IT infrastructure.
  2. Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure.
  3. Explain the role of access controls in implementing a security policy.
  4. Explain the role of operations and administration in effective implementation of security policy.
  5. Explain the importance of security audits, testing, and monitoring to effective security policy.
  6. Describe the principles of risk management, common response techniques, and issues related to recovery of IT systems.
  7. Explain how businesses apply cryptography in maintaining information security.
  8. Analyze the importance of network principles and architecture to security operations.
  9. Explain the means attackers use to compromise systems and networks and defenses used by organizations.
  10. Apply international and domestic information security standards and compliance laws to real-world implementation in both the private and public sector.

General Education Outcomes (GEOs)

Please check the applicable GEOs for this course, if any, by outcomes at GEO Category Search, or by subject area at GEO Discipline Search.

Course Activities and Grading

AssignmentsWeight

Discussions (Weeks 1-8)

16%

Written Assignments (Weeks 1-7)

20%

Labs (Weeks 1-7)

20%

Projects (Weeks 2, 6 & 8)

30%

Final Exam (Week 8)

14%

Total

100%

Required Textbooks

Available through Charter Oak's online bookstore

  • Kim, David, and Michael G. Solomon. Fundamentals of Information Systems Security - with Access Code. 4th ed. Sudbury, MA: Jones & Bartlett, 2023. ISBN-13: 978-1-284-22073-5

Note: This is a bundle which includes the textbook and an access code required for this course. Student must purchase these materials “New” from the Charter Oak State College bookstore. Used materials or materials from any other source are not acceptable.

Additional Resources

  • Links and readings will be provided in the Course Documents and Webliography sections on Blackboard.

Technical Requirements

  • See below for additional requirements

Course Schedule

WeekSLOsReadings and ExercisesAssignments

1

1

Topic: Information Systems Security Fundamentals

  • Readings:
    • Chapter 1: Information Systems Security
    • Chapter 2: Changing How People and Businesses Communicate


  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Assignment: Match Risks/Threats to Solutions
  • Submit Assignment: Impact of a Data Classification Standard
  • Complete Lab: Perform Reconnaissance & Probing Using ZenMap GUI (Nmap)
  • Begin working on Project Part 1 due Week 2

2

2

Topic: Security Countermeasures to Mitigate Malicious Attacks

  • Readings:
    • Chapter 3: Malicious Attacks, Threats, and Vulnerabilities
    • Chapter 4: The Drivers of the Information Security Business
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Assignment: Microsoft Environment Analysis
  • Complete Lab: Perform a Vulnerability Assessment
  • Submit Project Part 1: Risks, Threats and Vulnerabilities

3

3

Topic: Access Controls

  • Readings:
    • Chapter 5: Access Controls
  • Read assigned chapter
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Assignment: Remote Access Control Policy Definition
  • Complete Lab: Enabling Windows Active Directory and User Access Controls

4

4,5

Topics: Security Policies, Auditing, Testing, and Monitoring

  • Readings:
    • Chapter 6: Security Operations and Administration
    • Chapter 7: Auditing, Testing, and Monitoring
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Assignment: Enhance an Existing IT Security Policy Framework
  • Submit Assignment: Create an Internet and E-mail Acceptable Use Policy
  • Submit Assignment: Testing and Monitoring Security Controls
  • Submit Assignment: Define a Comprehensive Acceptable Use Policy
  • Complete Lab: Using Group Policy Objects and Microsoft Baseline Security Analyzer for Change Control
  • Complete Lab: Performing Packet Capture and Traffic Analysis

5

6,7

Topics: Risk, Response, Recovery, and Cryptography

  • Readings:
    • Chapter 8: Risk, Response and Recovery
    • Chapter 9: Cryptography
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Assignment: Match Risk and Response Descriptions
  • Submit Assignment: Quantitative and Qualitative Risk Assessment Analysis
  • Submit Assignment: Select Appropriate Encryption Algorithms
  • Submit Assignment: Design an Encryption Strategy
  • Complete Lab: Implementing a Business Continuity Plan
  • Complete Lab: Using Encryption to Enhance Confidentiality & Integrity
  • Begin working on Project Part 2 due Week 6

6

8,9

Topics: Network Weaknesses and Mitigation of Risks and Threats from Attacks

  • Readings:
    • Chapter 10: Networks and Telecommunications
    • Chapter 11: Malicious Code and Activity
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Assignment: Network Hardening
  • Submit Assignment: Network Security Applications and Countermeasures
  • Submit Assignment: List Phases of an Attack
  • Submit Assignment: Summary Report on a Malicious Code Attack
  • Complete Lab: Performing a Website and Database Attack by Exploiting Identified Vulnerabilities
  • Submit Project Part 2: Gap Analysis Plan and Risk Assessment Methodology

7

10

Topics: Information Security Standards and Compliance Laws

  • Readings:
    • Chapter 12: Information Security Standards
    • Chapter 15: U.S. Compliance Laws
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Assignment: Examine Real-World Implementations of Security Standards
  • Submit Assignment: Examine Real-World Implementations of U.S. Compliance Laws
  • Submit Assignment: Small- to Medium-Sized Business Analysis
  • Complete Lab: Eliminating Threats with a Layered Security Approach
  • Begin working on Project Part 3 due Week 8

8

1-10

Topics: Information Systems Security Education and Certifications

  • Readings:
    • Review chapters and course materials for Final Exam
  • Participate in the Discussions
  • Submit Project Part 3: System Hardening and Auditing
  • Complete Final Exam
  • Complete Course Evaluation

Final Exam
Chapters 1-12 & 15
SLOs 1-10

Hatsize System Requirements

Internet Connection

  • Bandwidth: At least .8 Mbps per second
  • Latency: Less than 125 milliseconds

Minimum System Requirements

  • N/A – all requirements are network and browser-based

Browser Requirements

  • Any contemporary browser that supports HTML 5 classes
  • Chrome and Firefox are recommended

COSC Accessibility Statement

Charter Oak State College encourages students with disabilities, including non-visible disabilities such as chronic diseases, learning disabilities, head injury, attention deficit/hyperactive disorder, or psychiatric disabilities, to discuss appropriate accommodations with the Office of Accessibility Services at OAS@charteroak.edu.

COSC Policies, Course Policies, Academic Support Services and Resources

Students are responsible for knowing all Charter Oak State College (COSC) institutional policies, course-specific policies, procedures, and available academic support services and resources. Please see COSC Policies for COSC institutional policies, and see also specific policies related to this course. See COSC Resources for information regarding available academic support services and resources.