Lumpkin College of Business and Applied Sciences



|MIS 4850 |

|Systems Security |

School of Business

Lumpkin College of Business and Applied Sciences

Spring 2013

|Instructor: |Dr. Abdou Illia |

|Office location: |Lumpkin Hall 4020 |

|Telephone: |(217) 581-6391 |

|Email Address: |aillia@eiu.edu |

|Course website: |eiu.edu/~a_illia |

|Office Hours: |Tue and Thu: 10:00 AM -12:30 PM and by appointment |

|Class Meetings: |Mon and Wed: 2:00 - 3:15 PM in Coleman Hall 2130 |

| | |

|Catalog Description:     |Study of theories, principles and techniques of systems security. The course covers basic security concepts, communications |

| |security, infrastructure security, cryptography, as well as operational and organizational security. |

|Prerequisites: |BUS 3500 or ACC 3900,  and admission to the School of Business or to a minor offered by the School of Business or permission of|

| |the Chair, School of Business. |

|Teaching Method: |The class will be taught as a combination of lectures, discussion, exercises, and hands-on lab exercises. |

|Required Text:  |Corporate Computer Security by R. Boyle & R. Panko. Pearson, 2012. ISBN: 0-13-214535-9. |

|Course Objectives: |Upon successful completion of the course, the student should be able to: |

| | |

| |1.      Explain the concept of systems security including the latest security threats. |

| |2.      Understand and discuss various types of systems attacks. |

| |3.      Understand the technical aspect of each type of systems attack.  |

| |4.      Discuss the various defense systems including firewalls, intrusion defense systems, |

| |intrusion prevention systems, cryptographic systems, and antivirus software. |

| |5.      Evaluate security policies and disaster recovery. |

| | |

| |6.      Implement basic principles of network security. |

| |7.      Configure defense tools to secure network resources. |

| |8. Manage security |

| | |

| |9.      Appreciate the concept of systems security and its evolution. |

| |10.    Be aware of security threats and their potential impact. |

| | |

|Grade Calculation |

|Grades will be calculated by dividing the points amassed by the number possible. The resulting percentage will be assigned a grade based on the following |

|scale: |

|90% or better A |

|80-89% B |

|70-79% C |

|60-69% D |

| |

|Points possible may vary, but tentatively they will be as follows: |

|Exam (3) |

|300 |

| |

|Final Exam |

|150 |

| |

|Exercise/Case Study (1) |

|100 |

| |

|Lab Exercises (6+) |

|90 |

| |

|Quizzes/In-Class exercises |

|? |

| |

|Total |

|640 possible points or more |

| |

|Grading:  |  |

|Examinations: |The exams will cover the material discussed in class and in the readings. The final examination is comprehensive, but will |

| |emphasize the “new” material presented since the last exam. The examinations are closed books and closed notes. |

|Exercise or Case Study: |Graduate students enrolled in this class will be responsible for one exercise or case evaluation. Students will utilize the |

| |concepts learned throughout the class to discuss issues related to the specific case assigned by the instructor. |

|Labs: |Six lab exercises on implementing security in a network environment will be assigned. These assignments will give students the |

| |opportunity to do hands-on exercise that will help them better understand the concepts learned in class |

|Makeup policy |

|You are responsible to make sure that your assignments are turned in on time. Late assignments will not be accepted unless you have an excused absence. An |

|absence from class will be considered an "excused absence" under the following circumstances: |

|a) Absence due to illness. An absence due to illness is excused ONLY IF the student notifies the professor of the absence in advance (i.e., prior to the |

|missed class) and provides documentation of the illness upon return to class. |

|b) Absence due to an official University activity. Absence due to an official University activity is an excused absence only if the student notifies the |

|professor of the absence in advanced (i.e., prior to the missed class) and provides written documentation of the University activity from an appropriate |

|University representative prior to the absence. |

|c) Absence due to emergency. Evaluation of whether an absence due to an emergency is an excused absence will be made by the professor on a case by case basis.|

|At a minimum, the student should notify the professor of the absence as soon as possible and should provide documentation of the emergency. |

| |

|Academic integrity |

|All students are expected to comply with University rules and regulations on academic integrity and honesty. These rules and regulations are summarized in |

|the Student Conduct Code (). Disciplinary sanctions may be imposed for violations of these rules and regulations. |

|Turnitin. To encourage original and authentic written work, students may be required to submit their written assignments in this course for review to |

|, or other systems designed to detect plagiarized material, and those assignments will become a searchable document with the Turnitin’s (or other |

|systems’) database. |

| |

|Instructor Assistance |

|You may contact me via email or call me at (217) 581-6391. If you have a handicap or other condition which will require special consideration, please see me |

|immediately. |

| |

|Students With Disabilities |

|Appropriate academic support is available for students with a documented disability. Please notify your instructor and contact the Office of Disability |

|Services (581-6583) for further information. |

| |

|Emergency preparedness plan |

|Instructions about what to do in the event of an emergency are posted in all classrooms on Eastern’s campus. Students and faculty are responsible for |

|acquainting themselves as to the specific instructions so that they will be prepared in the event of an emergency. |

| |

|Other Services |

|Contact info for student services: |

|Career Services 581-2412 |

|Counseling Center: 581-3413 |

|Student Success Center: 581-6696 |

Course Calendar

This is a tentative calendar and is subject to change. Changes will be announced in class and/or posted to the course website. Some of the class sessions will be held in a computer lab.

|Day |Topic |Reading |Assignment |

|1/7 |Intro to Course | | |

|1/9 |Intro to Systems Security |Ch. 1.1-1.2, 1.7, 2.1 | |

|1/14 |Threat Severity Analysis1 | In-Class Exercise |Ch. 2.4, p. 85-94 |In-Class Exercise 1 |

|1/16 |Resources Access Control |Ch. 5 | |

|1/21 |MLK Birthday – No class |Ch. 4.6 | |

|1/23 |Site Security and Wireless Security | | |

|1/28 |Lab 1: Access Control | |Lab Exercise 1 |

|1/30 |TCP/IP |Module A , p.595+ | |

|2/4 |TCP/IP (cont.), Access Control & TCP/IP Exer | |In-Class Exercise 2 |

|2/6 |Review For Exam 1 | | |

|2/11 |Exam 1 | | |

|2/13 |Attack Methods: Break-in and DoS |Ch. 1.4, Ch. 4.1-4-5 |Case/Exercise assigned |

| 2/18 |Attack Methods: Malware, Lab 2 |Ch 1.3 |Lab Exercise 2 |

|2/20 |Firewalls |Ch. 6 | |

|2/25 |Firewalls (cont) |Ch. 6 | |

|2/27 |Lab 3: Firewall installation & configuration | |Lab Exercise 3 |

|3/4 |Host Security |Ch. 7 | |

|3/9 |Lab 4: Host Hardening | |Lab Exercise 4 |

|3/11 |SPRING BREAK | | |

|3/13 |SPRING BREAK | | |

|3/18 |Review For Exam 2 | | |

|3/20 |Exam 2 | | |

|3/25 |Cryptography |Ch. 3 | |

|3/27 |Cryptographic Systems | | |

|4/1 |Lab 5: Cryptography | |Lab Exercise 5 |

|4/3 |Application Security |Ch. 8 | |

|4/8 |Application Security (cont) |Ch. 8 |Lab Exercise 6 |

|4/10 |Lab 6: Application security | | |

|4/15 |Exam 3 | | |

|4/17 |Data Protection |Ch. 9 | |

|4/22 |Incident and Disaster Response |Ch. 10 |Case/Exercise due 4/24 |

|4/24 |Review For Final Exam | | |

|FINAL |Thurs., May 2, 8:00 - 10:00 am |

1. Intel’s White paper:

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download