IS2621/TEL2813: Security Management (Spring-2014)
Tuesdays 3:00 - 5:50PM
IS 404 (may change)
(Updated on March 25, 2014)
(Updated on March 25, 2014)
This course covers issues related to administration and management of security of enterprise information systems and networks. Topics include intrusion detection systems, vulnerability analysis, anomaly detection, computer forensics, application logging, auditing and data management, risk management, contingency planning and incident handling, cyber defense/operations, and security program management and lifecyle. The course will study in detail principles and tools related to these topics. The course will also cover security standards, evaluation, accreditation and certification process; security planning, compliance issues ethical and legal issues in information; privacy, traceability and cyber-evidence;
The course is aimed at imparting knowledge and skill sets required to assume the overall responsibilities of administration and management of security of an enterprise information system. The course is aimed at developing capabilities to do the following:
Students who have taken either of the following courses will benefit the most from this course:
If you have not taken either of these courses, have not taken other courses, and want to take this course, please talk to the instructor.
The course will include laboratory components hence basic knowledge of system environments (Window and Unix) will be essential. The students are expected to have adequate programming skills (C, C++ or Java).
There is no one book that covers all the topics considered in this course. All the relevant books are still being checked to see if one can be used as the main text book. Here are some reference books that will be recommended for the course.
(More to add)
Additional reading list of journals and articles and NIST/GAO and federal reports will be provided.
Introduction to Security Management & Cyber Defense/Operations (3-4 Weeks)
· Cyber Security Planning and Management
· Cyber Operations
Security Risk Management (3-4 Weeks)
· Risk Assessment/Analysis Methodologies
· Risk Management Measurement and Evaluation Methodologies
· Risk Management Models/Processes (NIST SP800-37)
· Risk Mitigation Strategies and Economics
· Risk Transference/Acceptance/Mitigation/Communication
Computer Forensics (tools and techniques) (3 Weeks)
· Host and Network Forensics
· Digital Forensics Overview
· Device/Media Forensics
· Forensic Accounting
Standards, Compliance and Security Certification/Accreditation Issues (2 Weeks)
· HIPAA, SO, FERPA, Data Breach Disclosure Laws, FISMA, Gramm Leach Bliley, PCI DSS
· Rainbow Series, Common Criteria
· Security Certification Process: DOD Policies and Directives, National and International Security Laws and Ethical Issues
Security and Privacy in Cloud computing/SN/Bigdata (2 Weeks)
If you are having a disability for which you are or may be requesting an accommodation, you are encouraged to contact both your instructor and the Office of Disability Resources and Services (DRS), 216 William Pitt Union (412-648-7890/412-383-7355) as early as possible in the term. DRS will verify your disability and determine reasonable accommodations for this course.