Professor Randall K Nichols

Textbooks

2) Paul Campbell, Ben Calvert, Steven Boswell, Cisco Learning Institute, Security+ Guide to Network Security Fundamentals, Course Technology Incorporated, 2003, ISBN 0-619-12017-7 [with CDROM] [NS]

3) Bruce Schneier, Beyond Fear: Thinking Sensibly About Security in an Uncertain World, Copernicus, 2003. ISBN: 0-387-02620-7. [BF]

Course Objectives

There are two main themes/ goals for this course:

1. We will survey and explore enterprise information systems architectures including software systems, hardware, operating systems, databases, component technologies, networking, and architecture patterns. We will consider the Systems Development Process: analysis, design, development, implementation and post implementation-phases.
2. Security of IT systems is too important to be separated from IT architecture and systems analysis. We will seek to have a fundamental understanding of network security principles and implementation. We will learn about the technologies used and principles involved in creating a secure computer networking environment. Topics will include: authentication, the types of attacks and malicious code that may be used against your network, the threats and countermeasures for e-mail, Web applications, remote access, and file and print services. A variety of security topologies will be discussed as well as technologies and concepts used for providing secure communications channels, secure internetworking devices, and network medium.
   

Course Skills

• Upon completion of this course, students should be able to:
• Describe and understand the significance of different levels ( viewpoints) of enterprise system architectures
• Explain the components (software, hardware and networks) that comprise an enterprise system
• Identify the security tradeoffs involved in the design, development, and maintenance of enterprise systems.

Web Site

A wealth of supplementary information for our course is available at www.infosec-technologies.com. Material downloaded must be appropriately attributed to contributors in all team / individual papers.

E-Mail

All students are requested to obtain an e-mail account that can receive a lot of Mail (PPTs, notes, etc). If you have any questions about the course or need assistance, please contact me in person or by telephone during office hours; or by e-mail at any time. About mid-semester, I will send out a confidential “1 to 1” email to check on the progress of each student. Response is optional.

COURSE DELIVERABLES

The course deliverables are as follows:

Exams. There are normally two exams designed to help students improve their understanding of the concepts discussed in this course. A special collaborative project is generally used to substitute for the Midterm Exam and Final Exam.

Collaborative Team Research Paper / PowerPoint Presentation. A semester-long team research paper and PowerPoint presentation is required. Depending on the difficulty of the assignment, it may be used to substitute for the final exam, at the instructor’s discretion.

Participation. Students are expected to prepare for each class meeting and participate in the homework discussion conferences. Questions based on the weekly lecturette and assigned text readings require students to contribute regularly. A rubric for participation is available as a benchmark

Bullets. Students will prepare short Bullets on current items pertaining to this course (URLS, 30 - 60 second summaries of current security events, interesting IT/ INFOSEC finds, etc. or webliography items REGULARLY. Virus bullets (and AV product news) do not count. Duplicate bullets do not count. Bullet participation is generally a grade differentiator on participation.

There are quality bullets and there are not so quality ones. There are A-bullets which go right to the gradebook in your favor. There are 2 conditions I look for in addition to the quality of Bullets: 1) currency [bullets should be not more than 7-days old or if older, need to be updated with a current reference on the same subject]and 2) bullets about viruses or malicious software in any form, including spyware, bots, web bugs, Trojans, worms, computer programs to stop them, script kiddies, AV company information, new marketing program signatures or even legal stuff about them are boring information and should be avoided, like poison. There are literally hundreds of security events happening around the world; INFOSEC newsletters, newspapers, formal /informal initiatives, CT resources that provide raw high-grade material for bullets.

The instructor reserves the right to make changes to this syllabus at any time.

GRADING:

The final grade will be determined as follows:

Midterm Exam / Special Asymmetric Project-- 25%
Final Exam / Group Research Paper and PowerPoint Presentation-- 35%
Weekly Discussion Participation / In-Class Team / Individual Assignments-- 25%
Bullets -- regular submissions of "Bullets" or webliography are required -- 15%

GRADUATE SCHOOL GRADING GUIDELINES:

According to Graduate School grading policy, the following symbols are used: A = excellent; B = good; C = passing; and F = failure.

The grade of B represents the benchmark for the Graduate School. It indicates that the student has demonstrated competency in the subject matter of the course, e.g., has fulfilled all course requirements on time, has a clear grasp of the full range of course materials and concepts, and is able to present and apply these materials and concepts in clear, well-reasoned, well-organized, and grammatically correct responses, whether written or oral.

Only students who fully meet this standard and, in addition, demonstrate exceptional comprehension and application of the course subject matter earn a grade of A.

Students who do not meet the benchmark standard of competency fall within the C range or lower. They, in effect, have not met graduate level standards. Where this failure is substantial, they can earn an F.

WRITING STANDARDS:

Effective managers, leaders, and teachers are also effective communicators. Written communication is an important element of the total communication process. The Graduate School recognizes and expects exemplary writing to be the norm for course work. To this end, all papers, individual and group, must demonstrate graduate level writing and comply with the format requirements of the Publication Manual of the American Psychological Association, (5th Edition). Careful attention should be given to spelling, punctuation, source citations, references, and the presentation of tables and figures. It is expected that all course work will be presented on time and error free. Work submitted online should follow standard procedures for formatting and citations.

POLICY ON ACADEMIC INTEGRITY AND PLAGIARISM:

Academic integrity is central to the learning and teaching process. Students are expected to conduct themselves in a manner that will contribute to the maintenance of academic integrity by making all reasonable efforts to prevent the occurrence of academic dishonesty. Academic dishonesty includes, but is not limited to, obtaining or giving aid on an examination, having unauthorized prior knowledge of an examination, doing work for another student, and plagiarism of all types.

Plagiarism is the intentional or unintentional presentation of another person’s idea or product as ones own. Plagiarism includes, but is not limited to, the following: copying verbatim all or part of another’s written work; using phrases, charts, figures, illustrations, or mathematical or scientific solutions without citing the source; paraphrasing ideas, conclusions, or research without citing the source; and using all or part of a literary plot, poem, film, musical score, or other artistic product without attributing the work to its creator. Students can avoid unintentional plagiarism by following carefully accepted scholarly practices. Notes taken for papers and research projects should accurately record sources to material to be cited, quoted, paraphrased, or summarized, and papers should acknowledge these sources. The penalties for plagiarism include a zero or a grade of F on the work in question, a grade of F in the course, suspension with a file letter, suspension with a transcript notation, or expulsion.

COURSE EVALUATIONS:

Feedback on each graduate course and instructor is important to the university, your professor, and to all students. Towson has the responsibility to assess the effectiveness of classroom instruction, and each student has the responsibility to provide accurate and timely feedback through completion of the course evaluation form. This is a shared obligation for us all. It is therefore important that you complete the evaluation form for each course. This should be viewed as an additional course and program requirement.

Course Schedule