Information is an asset that must be protected. Without adequate protection or network security, many individuals, businesses, and governments are at risk of losing that asset. It is imperative that all networks be protected from threats and vulnerabilities so that a business can achieve its fullest potential. Security risks cannot be eliminated or prevented completely; however, effective risk management and assessment can significantly minimize the existing security risks. In order to provide effective protection to the organization's critical infrastructure and services, continuous monitoring as well as various processes, procedures, and technology is required to detect and prevent cyber-attacks, breaches, and security violations. In addition, existence of a comprehensive incident response plan is vitally connected to the survivability of an organization after a severe security breach or compromise of critical business operations. This course focuses on the operational aspect of managing challenges inherent in protecting a corporate network infrastructure and business information systems. The student will develop situational awareness of an organization's network and learn to manage, and maintain a defensive infrastructure that comprises of log servers, network firewalls, web application firewalls, and intrusion detection systems. Additional topics include information security operations, access control, risk management, business continuity planning, disaster recovery, and ethics. Overlap: ICS 484
- Articulate why information security is essential in today's computing environments;
- Discuss measures to secure remote access users, Email, web services, wireless networks, and operating systems; and
- Work in virtualized environments
- Identify and evaluate different vulnerabilities and understand how these vulnerabilities are exploited by hackers to gain entry into networks as well as to perform privilege escalation
- Recognize the best practices and guidelines for developing and verifying effective security policies and procedures, security goals, threats and vulnerabilities, standards and security policy development, forensics, privacy implications, and ethics.
- Evaluate severity levels and possible fixes to remediate the uncovered issues and be able to provide comprehensive solutions.
- Identify the goals of information security;
- Describe common security threats and attacks, their ramifications and how to safeguard against them;
- Identify and explain how various security-related technologies work;
- Differentiate between the various cryptographic concepts;
- Differentiate between physical security, disaster recovery, and business continuity;
- Demonstrate ethical behavior appropriate to security-related technologies
- Describe computer forensics and its role in information security;
- Demonstrate a practical understanding of Incident Detection and Response procedures