Introduction to Information Systems Security
I: Administrative Information II: Course Details
III: Topical Outline(s) Printable Version
|Section I: Administrative Information
Total hours: 42.0
Credit Value: 3.0
Credit Value Notes: N/A
Effective: Fall 2018
Pre/Co/Equiv Notes: N/A
Hon Bach CompSci - Mobile Comp
Course Leader or Contact: Richard Pyne
Status: Approved (APPR)
Section I Notes:
| Section II: Course Details
Students are introduced to the field of information security and assurance, and are presented with a spectrum of information systems security activities, methods, methodologies, and procedures.Students learn about the foundation for understanding the key issues associated with protecting information assets, determining the levels of protection and response to security incidents, and designing a consistent, reasonable information security system, with appropriate intrusion detection and reporting features. Students learn through interactive lectures, hands-on exercises and assignment experiences about security solutions, threat assessment and risks to information systems. Additional students investigate topics which include determining the levels of protection and response to security incidents, and designing a consistent, reasonable information security system, with appropriate intrusion detection and reporting features. Their investigation includes inspection and protection of information assets, detection of and reaction to threats to information assets, and an overview of the information security management and implementation.
Course Critical Performance and Learning Outcomes
|Hon Bach CompSci - Mobile Comp
|This required second year course provides the foundation for understanding the key issues associated with protecting information assets, threat assessment and risks to information systems.
|By the end of this course, students will have demonstrated ability to evaluate security solutions, threats and risks to information systems.
To achieve the critical performance, students will have demonstrated the ability to:
- Prioritize threats to the information system.
- Identify security solutions including components of hardware, software and personnel.
- Define a security solution that addresses a specific vulnerability.
- Assess the security threats posed to corporate information assets.
- Describe the common approaches to information asset risk management.
- Use the components of an information risk assessment appropriately.
- Apply the main stages of a qualitative information risk analysis.
Students demonstrate their learning in the following ways:
| ||Evaluation Plan: IN-CLASS|
| ||Assignments (3 @ 13.33% approx. weeks 3, 6, 9)||40.0%|
| ||Mid Term Exam (approx. week 7)||30.0%|
| ||Final Exam (approx. week 13)||30.0%|
Evaluation Notes and Academic Missed Work Procedure:
To pass the course, students must achieve a 50% weighted average across the tests and the exams and at least 50% overall in the course.
The course meets the following Ministry of Advanced Education and Skills Development requirements:
Prior Learning Assessment and Recognition
PLAR Contact (if course is PLAR-eligible) - Office of the Registrar
Students may apply to receive credit by demonstrating achievement of the course learning outcomes through previous relevant work/life experience, service, self-study and training on the job. This course is eligible for challenge through the following method(s):
- Challenge Exam
Notes:Challenge exam, portfolio, and project are required for PLA.
| Section III: Topical Outline
Some details of this outline may change as a result of circumstances such as weather cancellations, College and student activities, and class timetabling.
Instruction Mode: In-Class
Professor: Multiple Professors
|Required||Textbook||Principles of Information Security, Whitman, E., M., & Mattord, J., H., Course Technology, Centage Learning, 5th ed., ISBN 9781285448367, 2012|
|Required||Textbook||Information Security Risk Analysis, Peltier, R., T., CRC Press, 3rd ed., ISBN 9781439839560 OR EBOOK 9781439, 2010|
Applicable student group(s): Bachelor of Applied Computer Science - Mobile Computing
1. Fundamentals of Information Security.
- Critical characteristics of information and information
- Approaches to information security implementation
- The security systems development lifecycle
- Threats to information assets
- Types of attacks on information assets
- Secure software development
2. Legal, Ethical, and Professional Issues in Information
- Law and ethics in information security
- Relevant Canadian, U.S. and international laws and legal
- Policy vs. law
- Ethics and information security
- Codes of ethics, certification, and professional
3. Risk Management and Planning for Security
- Risk identification, assessment, and control strategies
- Selecting a risk control strategy
- Information security planning and governance
- Information security, policy, standards, and practices
- Information security blueprint
- Security strategies
4. Security Technology:
Firewalls, VPNs, and Wireless
- Access control, Firewalls, Protecting remote connections
Intrusion Detection and Prevention Systems and Other
- Intrusion detection and prevention systems
- Honeypots, honeynets, and padded cell systems
- Scanning and analysis tools
- Biometric access control
- Cipher methods
- Cryptographic algorithms
- Cryptographic tools
- Protocols for secure communications
- Attacks on cryptosystems
6. Physical Security.
- Physical access control
- Interception of data
- Mobile and portable systems
- Special considerations for physical security
7. Implementing Information Security, Maintenance and
- IS project management (Technical and non-technical aspects
- Security management maintenance models
- Digital forensics
Note: The topics within each module are grouped semantically and are not meant to suggest a time sequence. A course plan must be provided by the professor identifying the class-by-class arrangement of topics.
All Sheridan policies can be viewed on the Sheridan policy website.
Academic Integrity: The principle of academic integrity requires that all work submitted for evaluation and course credit be the original, unassisted work of the student. Cheating or plagiarism including borrowing, copying, purchasing or collaborating on work, except for group projects arranged and approved by the professor, or otherwise submitting work that is not the student's own, violates this principle and will not be tolerated. Students who have any questions regarding whether or not specific circumstances involve a breach of academic integrity are advised to review the Academic Integrity Policy and procedure and/or discuss them with the professor.
Copyright: A majority of the course lectures and materials provided in class and posted in SLATE are protected by copyright. Use of these materials must comply with the Acceptable Use Policy, Use of Copyright Protected Work Policy and Student Code of Conduct. Students may use, copy and share these materials for learning and/or research purposes provided that the use complies with fair dealing or an exception in the Copyright Act. Permission from the rights holder would be necessary otherwise. Please note that it is prohibited to reproduce and/or post a work that is not your own on third-party commercial websites including but not limited to Course Hero or OneNote. It is also prohibited to reproduce and/or post a work that is not your own or your own work with the intent to assist others in cheating on third-party commercial websites including but not limited to Course Hero or OneNote.
Intellectual Property: Sheridan's Intellectual Property Policy generally applies such that students own their own work. Please be advised that students working with external research and/or industry collaborators may be asked to sign agreements that waive or modify their IP rights. Please refer to Sheridan's IP Policy and Procedure.
Respectful Behaviour: Sheridan is committed to provide a learning environment that supports academic achievement by respecting the dignity, self-esteem and fair treatment of every person engaged in the learning process. Behaviour which is inconsistent with this principle will not be tolerated. Details of Sheridan's policy on Harassment and Discrimination, Academic Integrity and other academic policies are available on the Sheridan policy website.
Accessible Learning: Accessible Learning coordinates academic accommodations for students with disabilities. For more information or to register, please see the Accessible Learning website (Statement added September 2016)
Course Outline Changes: The information contained in this Course Outline including but not limited to faculty and program information and course description is subject to change without notice. Any changes to course curriculum and/or assessment shall adhere to approved Sheridan protocol. Nothing in this Course Outline should be viewed as a representation, offer and/or warranty. Students are responsible for reading the Important Notice and Disclaimer which applies to Programs and Courses.
Printable Version ]|
|Copyright © Sheridan College. All rights reserved.