Lumpkin College of Business and Applied Sciences



|MIS 4850-001 |

|Systems Security |

School of Business

Lumpkin College of Business and Applied Sciences

Spring 2016

|Instructor: |Dr. Abdou Illia |

|Office location: |Lumpkin Hall 4020 |

|Telephone: |(217) 581-6391 |

|Email Address: |aillia@eiu.edu |

|Course website: |D2L () and eiu.edu/~a_illia/MIS4850 |

|Office Hours: |MW 3:00 PM – 4:00 PM and T 11:00 AM -1:00 PM |

|Class Meetings: |Mon and Wed: 12:30 - 1:45 PM in LH 2041 |

| | |

|Catalog Description:     |(3-0-3) Study of theories, principles and techniques of systems security. The course covers basic security concepts, |

| |communications security, infrastructure security, cryptography, as well as operational and organizational security. |

|Prerequisites: |BUS 3500 or ACC 3900, and admission to the School of Business or to a minor offered by the School of Business or permission of |

| |the Associate Chair, School of Business. |

|Teaching Method: |The class will be taught as a combination of lectures, discussion, exercises, and hands-on lab exercises. |

|Required Text:  |Corporate Computer Security by R. Boyle & R. Panko. Pearson, 2012. ISBN: 0-13-214535-9. |

|Course Objectives: |Upon successful completion of the course, the student should be able to: |

| | |

| |1.      Explain the concept of systems security including the latest security threats. |

| |2.      Discuss various types of systems attacks. |

| |3.      Understand and discuss the technical aspect of types of systems attacks.  |

| |4.      Discuss the various defense systems including firewalls, intrusion defense systems, |

| |intrusion prevention systems, cryptographic systems, and antivirus software. |

| |5.      Evaluate security policies and disaster recovery. |

| |6.      Implement basic principles of network security. |

| |7.      Configure defense tools to secure network resources. |

| |8.     Appreciate the concept of systems security and its evolution. |

| |9.    Be aware of security threats and their potential impact. |

| |In addition, graduate students enrolled in the class should be able to discuss common information security challenges facing |

| |organizations and how to handle and manage them. |

| |

|Grade Calculation |

|Grades will be calculated by dividing the points amassed by the number possible. The resulting percentage will be assigned a grade based on the following |

|scale: |

|90% or better A |

|80-89% B |

|70-79% C |

|60-69% D |

| |

|Points possible may vary, but tentatively they will be as follows: |

|Exam (3) |

|300 |

| |

|Final Exam |

|150 |

| |

|Lab Exercises (6) |

|120 |

| |

|Case Study (Graduate students) |

|100 |

| |

|Case Presentation |

|15 |

| |

|Quizzes/In-Class exercises |

|? |

| |

|Total |

|685 possible points or more |

| |

| |  |

|Grading:  | |

|Examinations: |The exams will cover the material discussed in class and in the readings. The final examination is comprehensive, but will |

| |emphasize the “new” material presented since the last exam. The examinations are closed books and closed notes. |

|Case Study: |Graduate students enrolled in this class will be responsible for one case evaluation. Students will utilize the concepts learned |

| |throughout the class to discuss issues related to the specific case assigned by the instructor. |

|Case Presentation: |Students enrolled in this class will each be responsible for one oral presentation of a mini case study. |

|Labs: |Up to six lab exercises on implementing security in a network environment will be assigned. These assignments will give students |

| |the opportunity to do hands-on exercises that will help them better understand the concepts learned in class. |

|Makeup policy |

|You are responsible to make sure that your assignments are turned in on time. Late assignments will not be accepted unless you have an excused absence. An |

|absence from class will be considered an "excused absence" under the following circumstances: |

|a) Absence due to illness. An absence due to illness is excused ONLY IF the student notifies the professor of the absence in advance (i.e., prior to the |

|missed class) and provides documentation of the illness upon return to class. |

|b) Absence due to an official University activity. Absence due to an official University activity is an excused absence only if the student notifies the |

|professor of the absence in advanced (i.e., prior to the missed class) and provides written documentation of the University activity from an appropriate |

|University representative prior to the absence. |

|c) Absence due to emergency. Evaluation of whether an absence due to an emergency is an excused absence will be made by the professor on a case by case basis.|

|At a minimum, the student should notify the professor of the absence as soon as possible and should provide documentation of the emergency. |

| |

|Academic integrity |

|All students are expected to comply with University rules and regulations on academic integrity and honesty. These rules and regulations are summarized in the|

|Student Conduct Code (). Disciplinary sanctions may be imposed for violations of these rules and |

|regulations. |

| |

|Academic integrity— Students are expected to maintain principles of academic integrity and conduct as defined in EIU’s Code of Conduct |

|(). Violations will be reported to the Office of Student Standards. |

| |

|Turnitin. To encourage original and authentic written work, students may be required to submit their written assignments in this course for review to |

|, or other systems designed to detect plagiarized material, and those assignments will become a searchable document with the Turnitin (or other |

|system’s) database. |

| |

| |

|Instructor Assistance |

|You may contact me via email or call me at (217) 581-6391. If you have a handicap or other condition which will require special consideration, please see me |

|immediately. |

| |

|Students With Disabilities |

|Appropriate academic support is available for students with a documented disability. Please notify your instructor and contact the Office of Disability |

|Services (581-6583) for further information. |

|Students with disabilities—If you are a student with a documented disability in need of accommodations to fully participate in this class, please contact the |

|Office of Student Disability Services (OSDS). All accommodations must be approved through OSDS. Please stop by Ninth Street Hall, Room 2006, or call |

|217-581-6583 to make an appointment. |

| |

|Emergency preparedness plan |

|Instructions about what to do in the event of an emergency are posted in all classrooms on Eastern’s campus. Students and faculty are responsible for |

|acquainting themselves as to the specific instructions so that they will be prepared in the event of an emergency. |

| |

|Student Success Center |

|Students who are having difficulty achieving their academic goals are encouraged to contact the Student Success Center (eiu.edu/~success) for assistance |

|with time management, text taking, note taking, avoiding procrastination, setting goals, and other skills to support academic achievement. The Student Success|

|Center provides individualized consultations. To make an appointment, call 217-581-6696, or go to 9th Street Hall, Room 1302. |

| |

|Other Services |

|Contact info for student services: |

|Career Services 581-2412 |

|Counseling Center: 581-3413 |

|Student Success Center: 581-6696 |

Course Calendar

This is a tentative calendar and is subject to change. Changes will be announced in class and/or posted to the course website. Students are responsible for complying with changes announced in class. Some of the class sessions will be held in a computer lab.

|Day |Topic |Reading |Assignment |

|1/11 |Intro to Course | | |

|1/13 |Intro to Systems Security | Amazon video: Cybercrime |Ch. 1.1-1.2, 1.7, 2.1 | |

|1/18 |MLK Birthday – No class | |In-Class Exercise 1 |

|1/20 |Threat Severity Analysis1 | In-Class Exercise| Case Present. |Ch. 2.4, p. 85-94 | |

|1/25 |Resources Access Control |Ch. 5 | |

|1/27 |Site Security and Wireless Security |Ch. 4.6 | |

|2/1 |Lab 1: Access Control | |Lab Exercise 1 |

|2/3 |TCP/IP | Case Presentation |Module A , p.595+ | |

|2/8 |TCP/IP (cont.), Access Control & TCP/IP Exer | |In-Class Exercise 2 |

|2/10 |Review For Exam 1 | | |

|2/15 |Exam 1 | |Case/Exercise assigned |

|2/17 |Attack Methods: Break-in and DoS |Ch. 1.4, Ch. 4.1-4.4 | |

| 2/22 |Attack Methods: Malware, Lab 2 |Ch 1.3 |Lab Exercise 2 |

|2/24 |Firewalls | Case Presentation |Ch. 6 | |

|2/29 |Firewalls (cont) |Ch. 6 | |

|3/2 |Lab 3: Firewall installation & configuration | |Lab Exercise 3 |

|3/7 |Host Security |Ch. 7 | |

|3/9 |Lab 4: Host Hardening | Case Presentation | |Lab Exercise 4 |

|3/14 |SPRING BREAK | | |

|3/16 |SPRING BREAK | | |

|3/21 |Review For Exam 2 | Case Presentation | | |

|3/23 |Exam 2 | | |

|3/28 |Cryptography |Ch. 3 | |

|3/30 |Cryptographic Systems | | |

|4/4 |Lab 5: Cryptography | Case Presentation | |Lab Exercise 5 |

|4/6 |Application Security |Ch. 8 | |

|4/11 |Application Security (cont) | Case Presentation |Ch. 8 |Lab Exercise 6 |

|4/13 |Lab 6: Application security | | |

|4/18 |Exam 3 | | |

|4/20 |Data Protection |Ch. 9 | |

|4/25 |Incident and Disaster Response | Case Presentation |Ch. 10 |Case/Exercise due 4/27 |

|4/27 |Review For Final Exam | | |

|FINAL |Wednesday, May 4, 10:15 AM – 12:15 PM |

| |

|1. Intel’s White paper: |

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download