Introduction to Introduction to Information Systems Information Systems

SecuritySecurity

CISS 300 OrientationCISS 300 Orientation

Spring 2010Spring 2010

Instructor: Buddy Instructor: Buddy SpisakSpisak• Office HoursOffice Hours: Mon. 6:30-7:30 p.m. (Jan. 25 to May 17, : Mon. 6:30-7:30 p.m. (Jan. 25 to May 17,

2010)2010)

• OfficeOffice: BS-143: BS-143

• Voice MailVoice Mail: (916) 568-3100 ext. 14162 or (800) 486-8156 : (916) 568-3100 ext. 14162 or (800) 486-8156 ext. 14162ext. 14162

• EmailEmail: : spisakj@crc.losrios.edu The turnaround time for The turnaround time for responding to most emails is about one to two days. Be responding to most emails is about one to two days. Be sure to include your name and the course number in each sure to include your name and the course number in each email so I can identify who you are and what the email is email so I can identify who you are and what the email is about.about.

• Course Web pageCourse Web page: : https://d2l.losrios.edu/

• Instructor Web pageInstructor Web page: : http://crc.losrios.edu/spisakj/

• Microsoft MessengerMicrosoft Messenger: You can also add me to your contact : You can also add me to your contact list for Windows Messenger. You can use my email address list for Windows Messenger. You can use my email address to find me.to find me.

CISS 300CISS 300 22

Course DetailsCourse Details

• Prerequisites: NonePrerequisites: None

• Advisory: NoneAdvisory: None

• Lecture: OnlineLecture: Online

• Accepted for Credit: CSUAccepted for Credit: CSU

• Class Credits: 1 unitClass Credits: 1 unit

CISS 300CISS 300 33

Required Textbook:Required Textbook:

Security Awareness: Applying Practical Security Awareness: Applying Practical Security in Your World, 3ed. Security in Your World, 3ed.

Author:  Mark CiampaAuthor:  Mark CiampaPublisher:  Thompson Course Technology, 2010Publisher:  Thompson Course Technology, 2010ISBN10:  1-4354-5414-6ISBN10:  1-4354-5414-6ISBN13: 978-1-4354-5414-9ISBN13: 978-1-4354-5414-9

CISS 300CISS 300 44

Optional Materials:Optional Materials:

• 3-1/2” floppies or a flash drive to store 3-1/2” floppies or a flash drive to store your work for the class.your work for the class.

CISS 300CISS 300 55

Course Description:Course Description:

• This course provides an introduction This course provides an introduction to network-based and internet-based to network-based and internet-based security applications and standards. security applications and standards. Topics include cryptography, Topics include cryptography, security protocols, network security security protocols, network security applications, encryption, hash applications, encryption, hash functions, digital signatures, functions, digital signatures, viruses and key exchange.viruses and key exchange.

CISS 300CISS 300 66

Student Learning Outcomes Student Learning Outcomes and Course Objectives:and Course Objectives:As a result of completing this course, you As a result of completing this course, you will be able to:will be able to:

• Understand computer and network security issues, Understand computer and network security issues, including the numerous types of attacks computers including the numerous types of attacks computers are vulnerable to, the types of attacker profiles, are vulnerable to, the types of attacker profiles, and the hardware and software defense solutions and the hardware and software defense solutions available. available.

• Understand concepts such as security goals, the Understand concepts such as security goals, the importance of security, intruder profiles, and importance of security, intruder profiles, and defense mechanisms. defense mechanisms.

• Protect individual personal computers in both the Protect individual personal computers in both the home and corporate environments. This includes home and corporate environments. This includes protecting the single device from the threats of protecting the single device from the threats of data theft, viruses and spyware, techniques of data theft, viruses and spyware, techniques of authentication and security patch management. authentication and security patch management.

CISS 300CISS 300 77

Student Learning Student Learning Outcomes and Course Outcomes and Course Objectives - Continued:Objectives - Continued:• Implement corporate security policy measures involving Implement corporate security policy measures involving

email, internet access, passwords, Incident Response and email, internet access, passwords, Incident Response and Disaster Recovery. Disaster Recovery.

• Ensure internet Security and Network Security by focusing Ensure internet Security and Network Security by focusing on the threats to WAN and LAN networks and learning methods on the threats to WAN and LAN networks and learning methods of protecting each type of network. of protecting each type of network.

• Unite all of the concepts into a picture of “Total Unite all of the concepts into a picture of “Total Security.” While each lesson stands alone in terms of the Security.” While each lesson stands alone in terms of the specific topic it presents, the concepts in each lesson specific topic it presents, the concepts in each lesson overlap into the other lessons. It is difficult to discuss overlap into the other lessons. It is difficult to discuss protecting an organizational network or even an individual protecting an organizational network or even an individual computer without addressing threats from the internet. computer without addressing threats from the internet.

• Apply the above concepts to each particular setting and Apply the above concepts to each particular setting and know how and why they are adapted from one environment to know how and why they are adapted from one environment to another. another.

CISS 300CISS 300 88

Methods of Measuring Methods of Measuring Student Learning Student Learning Outcomes:Outcomes:• You will demonstrate knowledge of network You will demonstrate knowledge of network and internet security applications and and internet security applications and standards through class discussions and standards through class discussions and achievement on quizzes and final achievement on quizzes and final examination.examination.

• You will demonstrate competence in the You will demonstrate competence in the coursework by completing projects and coursework by completing projects and participating in discussions during the participating in discussions during the semester.semester.

CISS 300CISS 300 99

Student Obligations:Student Obligations:

• It is important that you understand what It is important that you understand what is expected of you in this course.is expected of you in this course.

• Refer to the Syllabus if you have any Refer to the Syllabus if you have any questions.questions.

CISS 300CISS 300 1010

Attendance:Attendance:

• Since this course is online, only Since this course is online, only attendance at the Final on Mar. 13, 2010 attendance at the Final on Mar. 13, 2010 is necessary. It’s up to you to go to the is necessary. It’s up to you to go to the course materials in Desire 2 Learn (d2l) course materials in Desire 2 Learn (d2l) and do all of the required work. and do all of the required work.

• Typically, each week we will be covering Typically, each week we will be covering one chapter in your textbook.one chapter in your textbook.

• Attendance for the On-Campus Final Exam is Attendance for the On-Campus Final Exam is required. Photo identification is required. Photo identification is required at the time of the exam to verify required at the time of the exam to verify your identity.your identity.

CISS 300CISS 300 1111

Discussions:Discussions:

• I want everyone to take a pro-active approach to I want everyone to take a pro-active approach to learning this material. This includes using the learning this material. This includes using the Discussions link to ask questions and also answer Discussions link to ask questions and also answer other students’ questions. I will also post other students’ questions. I will also post questions each week that you can answer to further questions each week that you can answer to further your understanding of the material. I expect two your understanding of the material. I expect two postings each week unless otherwise noted.postings each week unless otherwise noted.– You can accomplish this task by asking questions about You can accomplish this task by asking questions about the current discussion topic or by responding to existing the current discussion topic or by responding to existing questions.questions.

– My expectation from you is that you will write at least My expectation from you is that you will write at least two- to three-sentence responses that add substance to two- to three-sentence responses that add substance to the discussion.the discussion.

• Each discussion item is worth 10 points.Each discussion item is worth 10 points.

CISS 300CISS 300 1212

Projects:Projects:

• We will be spending a lot of time working on We will be spending a lot of time working on activities. There will be six hands-on projects activities. There will be six hands-on projects and six case projects credited for homework for and six case projects credited for homework for the class. The projects will help reinforce the class. The projects will help reinforce what you are learning in each lesson. what you are learning in each lesson.

• You will submit your results into the d2l You will submit your results into the d2l discussions area in order to receive points for discussions area in order to receive points for that assignment. On all projects you are that assignment. On all projects you are expected to do your own work. expected to do your own work.

• You are responsible for making sure that your You are responsible for making sure that your instructor receives your work.instructor receives your work.

• Each project is worth 15 points.Each project is worth 15 points.

CISS 300CISS 300 1313

Quizzes:Quizzes:

• Each week there will be a quiz Each week there will be a quiz that will test you on the material that will test you on the material covered.covered.– It is open book and open notes.It is open book and open notes.– You can take the quiz multiple times You can take the quiz multiple times

to improve your score, but be aware to improve your score, but be aware that the questions may change each that the questions may change each time you take quiz and that your last time you take quiz and that your last quiz score will be the one counted as quiz score will be the one counted as your grade.your grade.

• Each quiz is worth 20 points.Each quiz is worth 20 points.

CISS 300CISS 300 1414

Final Exam:Final Exam:

• The Final Exam will be matching, short-The Final Exam will be matching, short-answer and essay in format. You can use answer and essay in format. You can use both your notes and your book. You must both your notes and your book. You must submit the answers for the Final at the submit the answers for the Final at the college on Saturday, Mar. 13, from 2:00 to college on Saturday, Mar. 13, from 2:00 to 3:50 p.m. in the BS-153 classroom. 3:50 p.m. in the BS-153 classroom.

• You will have access to the final exam one You will have access to the final exam one week before the due date. You only come week before the due date. You only come to the college to submit your answers on to the college to submit your answers on paper. It is necessary to show a picture paper. It is necessary to show a picture ID for identity verification.ID for identity verification.

CISS 300CISS 300 1515

Due Dates:Due Dates:

• Unless noted, all assignments will be submitted Unless noted, all assignments will be submitted in Desire 2 Learn (d2l) under the “Dropbox” in Desire 2 Learn (d2l) under the “Dropbox” link. link. – If, for any reason, you cannot access d2l or are If, for any reason, you cannot access d2l or are unable to submit the assignment on time, please email unable to submit the assignment on time, please email it to me instead so that you are not penalized for it to me instead so that you are not penalized for being late.being late.

• Quizzes and the discussions items cannot be Quizzes and the discussions items cannot be taken past their due dates.taken past their due dates.– If you miss a quiz and you want to make up points, If you miss a quiz and you want to make up points, you can take advantage of the extra credit you can take advantage of the extra credit assignments posted in d2l.assignments posted in d2l.

– Everyone is welcome to work on the extra credit Everyone is welcome to work on the extra credit assignments. Typically, they are five to ten points assignments. Typically, they are five to ten points each, depending on the difficulty of the assignment.each, depending on the difficulty of the assignment.

CISS 300CISS 300 1616

Late Work:Late Work:

• Unless noted all assignments are due Unless noted all assignments are due on Sunday by midnight each week.on Sunday by midnight each week.– I have identified the due dates in the I have identified the due dates in the course schedule.course schedule.

– Late work will be accepted ONLY if you Late work will be accepted ONLY if you have contacted me prior to the due date have contacted me prior to the due date either by email or voice mail.either by email or voice mail.

– In general, late work is due the next In general, late work is due the next week, and no late assignments may be week, and no late assignments may be turned in after one week from the original turned in after one week from the original due date, regardless of the reason.due date, regardless of the reason.

– For every day an assignment is late, you For every day an assignment is late, you will lose 10% of its grade.will lose 10% of its grade.

CISS 300CISS 300 1717

Plagiarism Plagiarism Policy/Cheating:Policy/Cheating:

Plagiarism:Plagiarism:• It is inappropriate, and a violation of academic policy, to It is inappropriate, and a violation of academic policy, to

copy information from any source (including, but not limited copy information from any source (including, but not limited to, textbooks, magazine articles, newspaper articles and to, textbooks, magazine articles, newspaper articles and Internet articles) without giving proper credit to the author Internet articles) without giving proper credit to the author by using standard quotation procedures such as in-line quotes, by using standard quotation procedures such as in-line quotes, footnotes, endnotes, etc. Quotes may not exceed 25% of the footnotes, endnotes, etc. Quotes may not exceed 25% of the assignment's total length. You will receive no credit (0 assignment's total length. You will receive no credit (0 points) for any assignment that copies any material from any points) for any assignment that copies any material from any other source without giving proper credit to the author(s). other source without giving proper credit to the author(s). Repeat offenders of this policy are subject to academic Repeat offenders of this policy are subject to academic discipline as outlined in the policies published by the discipline as outlined in the policies published by the college.college.

Cheating:Cheating:• Students who cheat will receive a failing grade for the course. Students who cheat will receive a failing grade for the course.

(See CRC 2009-10 College Catalog, p. 34 or the Student Behavior (See CRC 2009-10 College Catalog, p. 34 or the Student Behavior and Academic Integrity page of the college website and Academic Integrity page of the college website (http://www.crc.losrios.edu/College_Catalog/General_Information(http://www.crc.losrios.edu/College_Catalog/General_Information/Student_Behavior_and_Academic_Integrity.htm)./Student_Behavior_and_Academic_Integrity.htm).

CISS 300CISS 300 1818

CRC Honor Code:CRC Honor Code:

• Academic integrity requires honesty, Academic integrity requires honesty, fairness, respect and responsibility. (See fairness, respect and responsibility. (See the Cosumnes River College Honor Code the Cosumnes River College Honor Code posted on the college website posted on the college website (http://www.crc.losrios.edu/documents/acad(http://www.crc.losrios.edu/documents/academic_integrity_committee/Cosumnes%20Riveremic_integrity_committee/Cosumnes%20River%20College%20Honor%20Code%20(display%20College%20Honor%20Code%20(display%20version).pdf).%20version).pdf).

CISS 300CISS 300 1919

Dropping:Dropping:

• Students are responsible for Students are responsible for dropping the course.dropping the course.

CISS 300CISS 300 2020

Email/Discussions Email/Discussions Etiquette:Etiquette:• Every student will be required to have an email Every student will be required to have an email account. If you do not have an email account, the account. If you do not have an email account, the college provides free email accounts for all college provides free email accounts for all current students. To activate your account, go to current students. To activate your account, go to https://imail.losrios.edu/ and follow the and follow the directions provided.directions provided.

• I will not tolerate rude and demeaning comments or I will not tolerate rude and demeaning comments or emails to anyone in this class. Please keep your emails to anyone in this class. Please keep your comments and emails topic-related. If I determine comments and emails topic-related. If I determine that a comment or email to anyone else in the that a comment or email to anyone else in the class is rude or demeaning, I will warn you once. class is rude or demeaning, I will warn you once. If your behavior continues to be unacceptable, I If your behavior continues to be unacceptable, I will refer you to the administration of the will refer you to the administration of the college for disciplinary action.college for disciplinary action.

CISS 300CISS 300 2121

Online Course Online Course Responsibilities: Responsibilities: • This course requires significant self-motivation. You This course requires significant self-motivation. You must not get behind. Projects and weekly assignments must not get behind. Projects and weekly assignments can take up to 3 hours to finish. Please don’t try to can take up to 3 hours to finish. Please don’t try to finish them in one day. Not all activities are finish them in one day. Not all activities are created equal. Some may take a bit longer than created equal. Some may take a bit longer than others. others.

• You would normally spend 3 hours per week in class for You would normally spend 3 hours per week in class for this course: total of 18 hours. Allow yourself at this course: total of 18 hours. Allow yourself at least 6 hours per week to complete the activities least 6 hours per week to complete the activities online, including the time spent writing for the class online, including the time spent writing for the class discussions postings. You should plan additional time discussions postings. You should plan additional time to read the textbook and study for the quizzes.to read the textbook and study for the quizzes.

• Some people believe the online format provides a much Some people believe the online format provides a much easier way to study this subject than an on-campus easier way to study this subject than an on-campus framework because they love to read and avoid the framework because they love to read and avoid the parking problems. Others feel very intimidated at parking problems. Others feel very intimidated at first. Be patient as you work your way through the first. Be patient as you work your way through the activities. activities.

CISS 300CISS 300 2222

Using Desire 2 Learn Using Desire 2 Learn (d2l):(d2l):• How to log in:How to log in:

– You will not be able to participate in the You will not be able to participate in the online portion of your class using Los Rios online portion of your class using Los Rios Online until you have enrolled in your course Online until you have enrolled in your course through your college's registration system. through your college's registration system.

– Students registered as of the first day of Students registered as of the first day of the term should already have Los Rios Online the term should already have Los Rios Online accounts and be linked to the classes in accounts and be linked to the classes in which they are enrolled.which they are enrolled.

• To log on to your d2l account, open your web To log on to your d2l account, open your web browser and go to the following URL: browser and go to the following URL: https://d2l.losrios.edu

• Your User Name is the letter “w” followed by Your User Name is the letter “w” followed by your Student ID# (example: w0123456).your Student ID# (example: w0123456).

• Your password is your e-Services password.Your password is your e-Services password.

CISS 300CISS 300 2323

Grading:Grading:

Point System:Point System:There are 470 total assigned points.There are 470 total assigned points.

Grade Ranges:Grade Ranges: A= 423-470, B=376-422, C=329-375, D=282-328,

F=0-281CISS 300CISS 300 2424

Course TopicPoints Total Approximate % the of

Grade

Orientation Quiz (1) 10 10 2

Discussions (6) 10 60 12

Quizzes (6) 20 120 25

Case Projects (6) 15 90 19

Hands-on Projects (6) 15 90 19

Final Exam (1) 100 100 21

Sample Schedule:Sample Schedule:

CISS 300CISS 300 2525

Week: Lesson:

Online Lecture

: Proposed Schedule: Assignment Due:

Due Date(By

Midnight):Week 1-2 One Ch 1

Orientation and Introductions Discussion #1 Sun., Jan. 31View the Online Orientation

Orientation Quiz

Read Ch 1: Introduction to SecurityDo one Hands-on Project, and one Case Project from Chapter 1 Quiz #1

Hands-on Project #1

Case Project #1

Week 3-4

Two Ch 2Read Ch 2: Desktop Security Discussion #2

Sun., Feb. 14

Do one Hands-on Project, and one Case Project from Chapter 2 Quiz #2

Hands-on Project #2

Case Project #2

Conclusion:Conclusion:

• Log into d2l and take the Orientation Log into d2l and take the Orientation Quiz. It is due on Sunday, Jan. 31, Quiz. It is due on Sunday, Jan. 31, 2010.2010.

• Go to the Orientation Discussion and Go to the Orientation Discussion and introduce yourself to the class.introduce yourself to the class.

• Registered students for the class have Registered students for the class have access to d2l and can log into the access to d2l and can log into the campus network.campus network.

• Email any questions you might have to Email any questions you might have to me.me.

CISS 300CISS 300 2626