The Information Assurance Curriculum at Mesa Community College Meeting the Challenges of the 21 st...

The Information Assurance Curriculum The Information Assurance Curriculum at Mesa Community Collegeat Mesa Community College

Meeting the Challenges of the 21Meeting the Challenges of the 21stst Century Century

1717thth Annual Annual FFederal ederal IInformation nformation SSystems ystems SSecurity ecurity EEducation and ducation and AAwareness Conferencewareness Conference

Presenters: Presenters: Dr. Pinny Sheoran, Director, Business & Industry institute,Dr. Pinny Sheoran, Director, Business & Industry institute,

Dr. Oris Friesen, Chair, Enterprise Advisory Board,Dr. Oris Friesen, Chair, Enterprise Advisory Board,Robert Samson, FacultyRobert Samson, Faculty

Business and Industry InstituteBusiness and Industry InstituteMesa Community CollegeMesa Community College

March 11, 2004March 11, 2004

For additional information contact [email protected] additional information contact [email protected]

OverviewOverview• Introduction• Critical Information Infrastructure Protection• Role of Community Colleges in providing Information Assurance

education and training– Community College Programs– Mesa Community College(MCC) and the Business and Industry Institute (B&II

• Information Assurance Advisory Board• The Information Assurance Program at MCC’s B&II

– Driving forces– Models adopted– The IA program

• Focus on prevention– Network security– IA preparedness

• Focus on detection– Cyber Forensics– Cyber Forensics Crime Center

• Conclusion


Critical Information InfrastructureCritical Information Infrastructure• In the world of today, nearly all critical infrastructures include a vital

information component– To adequately protect such critical infrastructures it is essential that the

associated information infrastructure be protected.– Homeland Security Initiatives

• Focus on physical security– Dependencies on information – Digital worlds

• Focus on infra-structure– Basic resources- water, power, utilities, – Basic services health, safety, communication– Dependencies on data, information and networked infrastructures

– The first-responders• In addition to first-responders to provide physical protections• Silent first-responder backbone of IT workforce, need to be prepared for a cyber attack

on supporting information infrastructures • Specialists needed in

– Network Security– Information Assurance and – Cyber Forensics.


Role of Community CollegesRole of Community Colleges

• Extensive and well established presence in Workforce Initiatives:– Frequently providing One-stop workforce connections

– Extensive involvement in IT Education and certification programs through affiliations such as :

• Microsoft IT Academies – focused on certification preparation for Microsoft technologies

• Cisco Networking Academies- preparing IT workforce for Cisco technologies• Oracle Academic Initiatives – preparing workforce for Database technologies• CompTIA – member partnerships in CompTIA Standards development,

Apprenticeship programs such as NITAS (National Information technology Apprenticeship System).


Role of Community CollegesRole of Community Colleges

• Education and Training. Affordable alternatives– Why these partnerships:

• Focus on applied skills, • Nimble and flexible• Affordable services and programs for the workforce- new entrants, or re-

trainees.• Ability to build capacity and capabilities, in teaching staff, curriculum and

delivery services quickly, • Responsive to the constant changing nature of the Information technologies

– Integral role of Community Colleges • Seen in their communities as the affordable solutions for life-long learning• Serving the communities interest in accessing affordable entrée into Higher

Education for “first in family going to College” citizens.

– Local, and state mandates to prepare workforce for the 21st Century jobs.


Mesa Community College Stepping Forward to Mesa Community College Stepping Forward to meet a Critical needmeet a Critical need

• Mesa Community College– Located in Mesa Arizona,

• One of the fastest growing cities in the Southwest, • 3rd Largest city in Arizona (Phoenix and Tucson are the other 2 cities)• Population of over 400,000

– Serves 32,000 full and part time students– Has 2 comprehensive campuses and 4 centers– One of 10 colleges that form the Maricopa County Community College

District• District of 10 colleges serve the residents of Maricopa County with a population

of approximately 3 million.• The 10 colleges enroll approximately 180,000 full and part-time students


Mesa Community College’s Mesa Community College’s Business and Industry InstituteBusiness and Industry Institute

• Mesa Community College is recognized in the state and nationally as a leader in many Community College initiatives, including Campus Compact, Leadership Academy and It’s Business and Industry Institute

• The Business and Industry Institute– One of Mesa Community College’s Centers

• Focused on Industry partnerships– Provides workforce education and training – specializing in IT– Has over two decades of success in creating and supporting partnerships with major

technology companies– Motorola- and the Motorola University partnership– Cisco networking Academies and the Cisco Academy Training Center Partnership– Microsoft, Oracle, Novell, Sun Microsystems– Serves approximately 2000 Students enrolled in:

• Certification programs such as Cisco certifications, Security Certified Professionals, Oracle, Sun Microsystems Solaris or Java)

• Two year- Associate Degrees programs in Network Administration, Information Assurance, Cyber forensics, Bioinformatics

• Professional training workshops– Profile of students

• 49% have at least a Bachelor’s Degree • 40% attending for re-training, or professional advancement• 50% pursuing some form of Industry certification• 45% pursuing the Associate Degree


Business and Industry InstituteBusiness and Industry InstituteInformation Assurance ProgramInformation Assurance Program

Driving ForcesDriving Forces• Employer Interests in expanding skills of network and database administrators in

Information Assurance

• Community, Businesses and Industry express a need– Creation of the Information Assurance Advisory Board

• Extending existing capacity and capabilities– Extensive offerings from entry to advanced level courses, certificates and degrees in

• Network administration • Database administration

– Current IT curriculum development work by Cisco, Sun Microsystems, Microsoft, expanded into Network Security

• Availability of national models for developing curriculum and education programs – NWCET– CompTIA– GIAC– SANS– SCP

• Interest of faculty and college financial support for professional certification of faculty in areas of IT security


B&II – Information Assurance B&II – Information Assurance ProgramProgram

The Enterprise Advisory Board

ChairDr. Oris Friessen


Information Assurance Information Assurance Advisory BoardAdvisory Board

• Formed in Fall 2002• An action-oriented results-focused group • Defined desired outcomes for IA program• Defined broad program outlines to encompass the

desired outcomes• Diverse membership



• The Enterprise Advisory Board functions as a conduit – between enterprises (private and public) and MCC

– for the development of a technologically literate workforce in various domains

• For the Information Assurance domain, it involves:– Information Assurance Advisory Board

• Model for goal-oriented collaborative curriculum development

– Business & Industry Institute• Model for engagement of workforce employers



• Roles– Recommending committee

• For content• Marketing• Employer needs• Project employment prospects for graduates

• Input and influences– Assess existing programs– Develop broad program competencies, and exit credentials (Degree,

Certificate)– Collaborate with faculty

• To develop individual courses, and • Define scope and sequence of courses in Degree, Certificates


Information Assurance Advisory BoardInformation Assurance Advisory Board• The Players

– Academia• Business & Industry Institute of Mesa Community College• Arizona State University (ASU) and ASU East Faculty

– Industry, Industry Associations and Economic Development Organizations

• Cyber Security Committee of the Arizona Telecommunications & Information Council (ATIC)

• InfraGard• Cisco Systems, Boeing, Honeywell, Intel • Small Businesses -- Computer Technical Services • CompTIA • Arizona Technology Council

– Government Agencies• Arizona Department of Public Safety (DPS)• Arizona Government Information Technology Agency (GITA)



• Created because of a perceived need for Cyber Security Education– Industry and Businesses

• Recognized a need to get up to speed on security after 9/11

– ATIC Launched Cyber Security Committee• Took Inventory of Existing Programs

– Very little available

• Recognized Need for New Local Cyber Security Education Programs• Sponsored Cyber Security Seminar at Intel

– ATIC , ASU and B&II partner to explore Academia’s involvement in Cyber Security Education

– Leverage Existing B&II Partnerships (e.g., Sun, Cisco, CompTIA)



• Defining Outcomes for the program in the broadest terms resulted in– Emphasis on Broad Topic of Information Assurance– IA encompasses those operations that

• Protect and defend information and systems • Ensure their

– Availability,– Integrity– Authentication– Confidentiality– Non-repudiation.

– This includes providing for restoration of information systems by incorporating capabilities for

• Protection• Detection• Reaction



• Training and Education Programs in Existence in Fall 2002 in Arizona – Information Technology (IT)

• Microsoft It Academies, Novell Academies

– Network Administration• Cisco Networking Academies

– Database Administration• Oracle academic initiatives

• Very Little in Network Security and Nothing in Information Assurance



• Academic Activity- Where is the Action?– Universities

• Limited workforce training activity

– Private Institutions• High cost

– Community College advantages• Leaders in partnering with technology companies to deliver training and

education– Availability of a pool of industry certified faculty

• Quick to “market”• Committed to workforce development• Affordable $$$


Information Assurance Advisory Information Assurance Advisory BoardBoard

• Explored Models for curriculum development– NWCET

– GIAC certifications

– Vendor based certifications:• Cisco certifications• Microsoft certifications• Sun Microsystems

– ISC2

– ASIS

– ISACA

– CompTIA


IA curriculum IA curriculum CompTIA presented a Framework at the League For Innovation

at the Community Colleges conference 2002


IA CurriculumIA Curriculum

• Adoption of the CompTIA framework

– Domain Specific• Followed the GIAC certification as

basis for identifying cores objectives for courses

– Identified essential course-work specific to vendor technologies

– Created a single course that would serve as the core required foundation for the IA program

– Established completion of network certifications, or course work as pre-requisites


The Information Assurance (IA) Program at B&IIThe Information Assurance (IA) Program at B&II

• During this last year we developed and implemented a comprehensive Information Assurance program

• The program encompasses:– A dozen or more new courses.

- Compilation of a scope and sequence of study in IA and related courses for 3 Certificates and an AAS degree

- Certificates include::1. Network Security

2. Information Assurance

3. Cyber Forensics Technician (under development)

– Two year degree culminating in an • Associate in Applied Science (AAS) Degree in Information Assurance


LegendIndicates a Pre-Requisite Course

Indicates No Specific Course Order

3 Indicates Number of Credit Hours

3 4 3 3

CIS272DA(Network

Defense & Counter

Measures)

CIS 271DA(Hardening the Network

Infrastructure)CIS 270

(Essentials of Network andInformation

Security) 3

3

3

CIS238US(UNIX

Security)

CIS175CG(Designinga SecureMicrosoftWindows

2000Network)

ORMST259

(DesigningWindowsNetworkSecurity)

CNT186(Cisco:Funda-mentals

of WirelessLANs -Local Area

Networks)

4

CNT185 (Cisco:Funda-

mentals of

Network Security)

PHI214 (Business

Ethics)

Network Security CertificationNetwork Security Certification (8 courses -- 26 credits) (8 courses -- 26 credits)


Network Security Certification CoursesNetwork Security Certification Courses

Focus of this certificate is preparation of foundational skills in IA with emphasis on knowledge and skills related to vendor specific technologies

Pre-requisites:Certificates or Degree in Network Administration

Foundation Courses:CIS270 - Security + certification preparationPHI214 - Business ethics

Vendor Specific Skills in Security:Cisco - CNT185, AND CNT186 Wireless and Cisco router securityMicrosoft – CIS175CG, OR MST259Unix – Solaris or Linux CIS238US

Next Step:Certificate in Network Security is a Pre-requisite for the Next level of study in Information Assurance


Information Assurance CertificationInformation Assurance Certification(6 courses -- 21 credits)(6 courses -- 21 credits)

CIS279DA(Practical Applications in Information Assurance:

Capstone)

CIS273DA(Information

AuditandRisk

Analysis)

CIS273DB(Digital

Authenticationand

PublicKey

Infrastructure)

CIS247DL(Legal Issues

SurroundingInformation Assurance)

LegendIndicates a Pre-Requisite Course

Indicates No Specific Course Order

CIS247DA(Cyber

Forensicsand

IncidentHandling)

CIS273DC(Data

Assuranceand

DisasterRecovery)

3 Indicates Number of Credit Hours

3 3 4 4 3

4


Information Assurance Information Assurance Certification CoursesCertification Courses

This certificate provides the Student preparation in a broad understanding of the Domain specific knowledge for Information Assurance.

Pre-requisites:Certificates or Degree in Network Security

GIAC – certifications drive the content and objectives of the coursesCourse content is complementary to each other, allowing students to take a combination of

courses at the same timeCapstone course provides the student an integrated learning experience or participating in

internships, case studies and formal report preparations and presentations.


The capstone experienceThe capstone experience

CIS279DA Practical Applications in Information Assurance: Capstone

• Practicum on application of core skills and knowledge in information assurance to real world scenarios or simulations of situations representing information security vulnerabilities comparable to the SANS/GIAC simulation exercises. The key competencies are:• Case Studies • Creation of policies and procedures• Preparation of incident and response reports• Presentations of policy recommendations based on Case Study and

simulation exercises.

Prerequisites: all of the courses required to obtain the Information Assurance Certificate


Program StatusProgram Status

• Four full-time faculty complete vendor and other certifications• Six courses are being offered at B&II- Program offerings launched in

Fall of 2003. – About 50 students have completed them to date– Students were requesting enrollment before courses were approved– Fall 2004, First group of students to complete Network Security Certificate

• Several IA courses have been adopted at other Maricopa community colleges (The basic Security Plus course CIS270)

• National recognition, White House selects B&II as a Model Workforce preparation program, providing cutting edge training and education. President Bush Visits Mesa and talks with 3 of the students regarding their preparation and successes.

• Articulation has been established with ASU-East• Community involvement is high due to Advisory Board involvement


Cyber ForensicsCyber Forensics

• The IA board members interest in increasing the available pool of IT professionals with ‘examiner’ skills

• Original impetus provided by interest of Law Enforcement in expanding the program to provide ‘examiner’ education

• Voice of Industry and other government agencies in the need for IT professionals to be well prepared to – Examine

– Report

– Respond

– Present in court, properly gather evidence


Cyber Forensics Technician Cyber Forensics Technician CertificationCertification

• Understanding of Forensics

• Hardening infrastructure• Media analysis• Understanding of hardware

and software• Legal Issues• Policies and Procedures • Risk Analysis • Disaster Recovery • Preparation for Legal

presentation

• Courses identified– Introduction to Cyber Forensics– Windows, Unix OS courses– Computer hardware, repair,

installation, building and maintenance

– Media analysis– Use of forensics toolkits– Capstone experiences in real-

world cases and presentation via Moot Court experiences

Competencies


Cyber Forensics Cyber Forensics and Community Interestand Community Interest

• Law enforcement agencies focus on what is often called “computer forensics”

• Human Resources issues deal with the larger and more general topic of “computer/network forensics” or simply “network forensics.”

• The target employers for cyber forensics technicians in the future will not be computer forensics for law enforcement so much as it will be network forensics for– corporations, – government agencies and the – insurance industry.

• Many of the issues to be dealt with will be related to Human Resources policies and the gathering of data in a pristine condition.


Cyber Forensics Crime CenterCyber Forensics Crime Center

• The State of Arizona Department of Public Safety (DPS) already maintains a computer forensics crime lab that is made available to other agencies for – Instruction and

– Evaluation of real world cyber forensics cases.

• The focus is on Law Enforcement Agencies and what is normally termed Computer Forensics.

• The plan is to use the crime lab to provide – hands-on teaching of cyber forensics techniques,

– similar to the “teaching hospital” approach frequently employed by Medical Schools.

• This would be part of a Capstone course in Cyber Forensics


Cyber Forensics Cyber Forensics and Community Interest in a Crime Centerand Community Interest in a Crime Center

• Consortium of Academia, Industry, Government agencies and law enforcement

• Provide a formal organizational structure to support– Research

– Education

– Training

– Services

• Key elements– Provide a ‘safe-house’ for examining cyber-crime evidence

– Provide examination experiences for students in the Cyber-forensics program

– Provide ASU-East opportunities for developing tools, testing tools, defining best practices and standards.

– Provide University graduate students research projects


Cyber Forensics Cyber Forensics and Community Interest in a Crime Centerand Community Interest in a Crime Center

• Community Benefits– Services to small businesses and government agencies

– Teaching (A teaching learning Cyber –crime Lab)

– Creation of curriculum content through collaboration of Law enforcement experts and teaching faculty from the University and Community College

– Practicum and real-world internship experiences for Students

– Service to Industry and Government agencies through ‘safe-house’ for examining white-collar crime incidents

– Creation of a Cyber-crime ‘swat team’


ConclusionConclusion

• The MCC Information Assurance Program is directly related to the protection of critical information infrastructure.

• The program has the potential to provide a large number of "first responders," to information infrastructure attacks, in the form of educated and trained specialists in– Network Security

– Information Assurance and

– Cyber Forensics


• Contact Information Dr. Oris Friesen, Chair

Information Assurance Industry Advisory Board

Business and Industry Institute

Mesa Community College

Email: [email protected]

Dr. Pinny Sheoran, Executive Director




Bob Samson

CCAI, CCNA, HTI+, Net+, A+, CLI

Full-time Faculty-Security Lead





Course InformationCourse Information

• Coursework in the IA program


Network Security Certification Network Security Certification CoursesCourses

CIS270 Essentials of Network and Information Security

• Threats to security of information systems; responsibilities and basic tools for information security, including communication security, infrastructure security, organizational security and basic cryptography. Introduction to the language of network security and hardware, software and firmware components of an information security system for local, metropolitan, enterprise, and wide area networks. Helps prepare participants for the Comptia Security+ exam and the GIAC Security Essentials Certificate (GSEC).

Prerequisites: CNT150, or (MST150 or MST150 any module), or permission of instructor.


Network Security CoursesNetwork Security Courses

CNT185 Cisco Network Security

• Applications of Cisco Networking technologies in designing and implementing security solutions to reduce risk of revenue loss and vulnerability. Hands-on experience and skills in security policy design and management, security technologies, products and solutions, firewall and secure router design, installation, configuration and maintenance, AAA (Authentication, Authorization, and Accounting) and VPN (Virtual Private Network) implementation using firewalls and routers. Preparation for the MCNS (Managing Cisco Network Security) and CSPFA (Cisco Secure PIX Firewall Advanced) exams toward certification as a Cisco Firewall Specialist. Exams also apply to CCSP (Cisco Certified Security Professional) certification.

Prerequisites: CNT170, or permission of instructor.



CNT186 Fundamentals of Wireless LANs

• Design, planning, implementation, operation, and troubleshooting of wireless networks. Overview of technologies, security, and design best practices with emphasis on hands-on skills in wireless LAN (local area network) setup and troubleshooting, 802.11a & 802.11b technologies, products and solutions, site surveys, resilient WLAN design, installation and configuration, WLAN Security - 802.1x, EAP (Extensible Authentication Protocol), LEAP (Light Extensible Authentication Protocol), WEP (Wired Equivalent Privacy), SSID (Service Set Identifier), and vendor interoperability strategies. Prepare students to earn Cisco Wireless LAN Support Specialist designation and to take the Certified Wireless Network Administrator (CWNA) exam.

Prerequisites: CNT170, or permission of instructor.



CIS175CG Designing a Secure Microsoft Windows 2000 Network

• Information and skills necessary to design a security framework for small, medium and enterprise networks using MS Windows 2000 technologies. Covers security risks and requirements, administrative access, user accounts, file resources, and backup procedures. Securing access emphasized.

Prerequisites: None.



MST259 Designing Windows Network Security

• Knowledge and skills to analyze business requirements and processes to design a security solution for a Microsoft Windows network. Preparation for Microsoft certification examination.

Prerequisites or Co requisites: MST157 or permission of instructor.



CIS238USUNIX Security

• Unix system administration and security management including directory structure, access control and authentication mechanisms, password management, system logs and monitoring, process accounting, configuring public services, restricted environments, the sudo command, SSH (Secure Shell), file system mount options, file integrity management, immutable/append-only files and system security levels, loadable kernel modules, rootkits, non-executable stacks, backups, common vulnerabilities and exposures, and firewall filtering.

Prerequisites: CIS238, or permission of instructor.



CIS271DA Security Certified Professional (SCP)-Hardening the

Infrastructure

• Network security-related fundamentals, issues, and skills for systems administrators to implement network security. Includes network security basics, advanced Transmission Control Protocol/Internet Protocol (TCP/IP), IP packet structure and analysis, routing and access control lists, securing Windows computers, securing Linux computers, Internet security, and hacker attack techniques.

Prerequisites: (CNT150 and MST 150) or permission of instructor.



CIS272DA Security Certified Professional (SCP) - Network Defense and

Countermeasures

• Architecture of network defense and skills for system administrators to implement network defense. Includes network defense fundamentals, designing and configuring firewalls, configuring Virtual Private Networks (VPNs), designing and configuring an Intrusion Detection System (IDS), analyzing intrusion signatures, performing risk analysis, and creating a security policy.

Prerequisites: CIS271DA or permission of instructor.



PHI214 Business Ethics

• Philosophical consideration of moral problems arising in business practice, including corporate responsibility, government regulation, hiring practices, and advertising. Application to both the United States and other countries.

Prerequisites: None.


Information Assurance Information Assurance CoursesCourses

CIS247DACyber Forensics and Incident Handling

• Forensic and advanced incident handling techniques in a lab setting with hands-on skills in incident response, forensic preparation, Windows forensics, UNIX and Linux forensics, data recovery and analysis, malicious code analysis, law enforcement interaction and case law, corporate and managerial legal concerns and direction. Prepares students for GIAC Certified Forensic Analyst (GCFA) Certification and IACIS Certified Forensic Computer Examiner (CFCE) certification.

Prerequisites: CIS270.



CIS247DL Legal Issues of Information Assurance

• Legal implications of organizational computing policies, interaction with legal counsel and law enforcement, evidence collection and preservation, risk management of liability, and loss of property and risk mitigation through insurance.

Prerequisites: CIS270 or permission of instructor.



CIS273DA Information Audit and Risk Analysis

• Knowledge, skills, and abilities in basic risk analysis techniques to secure information and to conduct a technical audit of essential information systems. Prepares students for the GIAC Systems and Network Auditor certification.




CIS273DB Digital Authentication and Public Key Infrastructure (PKI)

• Knowledge and skills necessary to plan and implement PKI (Public Key Infrastructure) and Digital Authentication security methods and biometrics. Preparation for Security Certified.net certification examination Security Certified Network Architect (SCNA).




CIS273DC Data Assurance and Disaster Recovery

• Security and protection of data with emphasis on physical security of data servers and storage, disaster recovery plan and procedures, backup management and procedures, business continuity planning for unusual conditions, data confidentiality, integrity, and assurance, data retention policy and procedures, data warehouse, data use authorization and authentication, securing data in the mobile environment, handling data in response to cyber crime, data risk identification and assessment, and user education in and awareness of data assurance.

Prerequisites: CIS270 or CNT185 or CIS271DA or permission of instructor.

The Information Assurance Curriculum at Mesa Community College Meeting the Challenges of the 21 st...

Documents

Transcript of The Information Assurance Curriculum at Mesa Community College Meeting the Challenges of the 21 st...