SRJC Course Outlines

7/31/2021 2:56:54 AMCS 82.56 Course Outline as of Fall 2016

Changed Course
CATALOG INFORMATION

Discipline and Nbr:  CS 82.56Title:  COMPUTER NETWRK SECURITY  
Full Title:  Computer Network Security
Last Reviewed:2/22/2016

UnitsCourse Hours per Week Nbr of WeeksCourse Hours Total
Maximum4.00Lecture Scheduled4.0017.5 max.Lecture Scheduled70.00
Minimum4.00Lab Scheduled06 min.Lab Scheduled0
 Contact DHR0 Contact DHR0
 Contact Total4.00 Contact Total70.00
 
 Non-contact DHR0 Non-contact DHR Total0

 Total Out of Class Hours:  140.00Total Student Learning Hours: 210.00 

Title 5 Category:  AA Degree Applicable
Grading:  Grade or P/NP
Repeatability:  00 - Two Repeats if Grade was D, F, NC, or NP
Also Listed As: 
Formerly:  CIS 56.22

Catalog Description:
Untitled document
An in-depth exploration of the essentials of computer network security. Students will analyze security objectives and the role of policy deployment while they practice defending against network attacks. Students will learn about attacks and malware, E-mail, web components, software development, disaster recovery, risk, change and privilege management, forensics and legal issues. Scenario-based curriculum describing a start-up company in which the students are employed with specific roles, will also be incorporated in the class.  Tasks and product deliverables, for the start-up company, which are based on industry standards, augment assignments and exams. Coverage of both CompTIA's Security+ certification exam and the (ISC)2 SSCP certification, is integral to this course. Students should have a familiarity with network operating systems.

Prerequisites/Corequisites:


Recommended Preparation:
Course Completion of CS 82.21A AND Eligibility for ENGL 100 or ESL 100

Limits on Enrollment:

Schedule of Classes Information
Description: Untitled document
An in-depth exploration of the essentials of computer network security. Students will analyze security objectives and the role of policy deployment while they practice defending against network attacks. Students will learn about attacks and malware, E-mail, web components, software development, disaster recovery, risk, change and privilege management, forensics and legal issues. Scenario-based curriculum describing a start-up company in which the students are employed with specific roles, will also be incorporated in the class.  Tasks and product deliverables, for the start-up company, which are based on industry standards, augment assignments and exams. Coverage of both CompTIA's Security+ certification exam and the (ISC)2 SSCP certification, is integral to this course. Students should have a familiarity with network operating systems.
(Grade or P/NP)

Prerequisites:
Recommended:Course Completion of CS 82.21A AND Eligibility for ENGL 100 or ESL 100
Limits on Enrollment:
Transfer Credit:CSU;
Repeatability:00 - Two Repeats if Grade was D, F, NC, or NP

ARTICULATION, MAJOR, and CERTIFICATION INFORMATION

Associate Degree:Effective:Inactive:
 Area:
 
CSU GE:Transfer Area Effective:Inactive:
 
IGETC:Transfer Area Effective:Inactive:
 
CSU Transfer:TransferableEffective:Spring 2007Inactive:
 
UC Transfer:Effective:Inactive:
 
C-ID:

Certificate/Major Applicable: Not Certificate/Major Applicable

Approval and Dates
Version:04Course Created/Approved: 10/23/2006
Version Created:4/13/2015Course Last Modified:6/5/2021
Submitter:Michael McKeeverCourse Last Full Review:2/22/2016
Version Status:Approved Changed CoursePrereq Created/Approved:2/22/2016
Version Status Date:2/22/2016Semester Last Taught:Spring 2021
Version Term Effective:Fall 2016Term Inactive:


COURSE CONTENT

Student Learning Outcomes:
Upon completion of the course, students will be able to:
Untitled document
1.   Define and explain attacks and malware, E-mail, web components, software development, disaster recovery, risk, change and privilege management, forensics and legal issues.
2.   Analyze security objectives and the role of policy deployment and practice defending against network attacks.  
3.   Pass a mock certification exam for Computing Technology Industry Association (CompTIA) Security+ certification and Internet Security Consortium (ISC)2 Systems Security Certified Practitioner (SSCP) Certification.
 

Objectives: Untitled document
Upon completion of the course, students will be able to:
1.   Differentiate various types of computer and network attacks.
2.   Evaluate various e-mail security practices.
3.   Compare the component protocols used for website development and contrast internet applications and their associated security issues.
4.   Summarize the methods of incorporating security into the software development process.
5.   Evaluate disaster recovery and business continuity best practices.
6.   Study risk management and diagram an approach to effectively manage risk.
7.   Differentiate the essential elements of change management.
8.   Evaluate methods of managing access.
9.   Examine the steps in investigating a computer crime or policy violation.
10. Relate the role of ethics in computer security and survey the laws that enforce ethical behavior.

Topics and Scope
Untitled document
I. Computer Attacks
        A. Denial-of-Service Attacks
        B. Backdoors and Trapdoors
        C. Other Attacks such as Malware
II. E-mail
        A. Security of E-mail Transmissions
        B. Malicious Code
        C. Hoax E-mails
        D. Unsolicited Commercial E-mail (Spam)
        E. Mail Encryption
III. Web Components
        A. Current Web Components and Concerns
        B. Protocols
        C. Code-Based Vulnerabilities
IV. Software Development
        A. The Software Engineering Process
        B. Good Practices
V. Disaster Recovery, Business Continuity, and Organizational Policies
        A. Disaster Recovery
             1. Disaster Recovery Plans/Process
             2. Backups
        B. Policies and Procedures
             1. Security Policies
             2. Privacy
             3. Service Level Agreements
VI. Risk Management
        A. An Overview of Risk Management
        B. Business Risks
        C. Risk Management Models
             1. General Risk Management Model
             2. Software Engineering Institute Model
        D. Qualitatively Assessing Risk
VII. Change Management
        A. Why Change Management?
        B. The Key Concept: Segregation of Duties
        C. Elements of Change Management
VIII. Privilege Management
        A. User, Group, and Role Management
        B. Single Sign-On
        C. Centralized vs. Decentralized Management
        D. Auditing (Privilege, Usage, and Escalation)
        E. Handling Access Control
             1. Mandatory Access Control (MAC)
             2. Discretionary Access Control (DAC)
             3. Role-Based Access Control (RBAC)
IX. Computer Forensics
        A. Evidence
             1. Standards for Evidence
             2. Types of Evidence              
             3. Three Rules Regarding Evidence
        B. Collecting Evidence
        C. Chain of Custody
        D. Free Space vs. Slack Space
        E. Message Digest and Hash
        F. Analysis
X. Security and Law
        A. Import/Export Encryption Restrictions
        B. Digital Signature Laws
        C. Digital Rights Management
        D. Privacy Laws
             1. United States Laws              
             2. European Laws
        E. Computer Trespass
        F. Ethics

Assignments:
Untitled document
1. Online research of current security appliances and best practices
2. Read topical weekly online newsletters and security reports
3. Read approximately 50 pages per week from textbook
4. Write a sample company security policy
5. 2-4 objective examinations and quizzes
6. 6-10 skill demonstration assignments

Methods of Evaluation/Basis of Grade.
Writing: Assessment tools that demonstrate writing skill and/or require students to select, organize and explain ideas in writing.Writing
10 - 30%
Compose a sample company security policy
Problem solving: Assessment tools, other than exams, that demonstrate competence in computational or non-computational problem solving skills.Problem Solving
10 - 30%
Research and delineate best current computer and network security appliances and practices
Skill Demonstrations: All skill-based and physical demonstrations used for assessment purposes including skill performance exams.Skill Demonstrations
20 - 30%
6-10 skill demonstration assignments
Exams: All forms of formal testing, other than skill performance exams.Exams
20 - 30%
2-4 objective examinations and quizzes
Other: Includes any assessment tools that do not logically fit into the above categories.Other Category
10 - 20%
Attendance and participation


Representative Textbooks and Materials:
Untitled document
Principles of Computer Security (4th). Conklin, Wm Arthur. McGraw-Hill Osborne Media: 2015

OTHER REQUIRED ELEMENTS

Student Preparation
 Matric Assessment Required:ERequires English Assessment
 Prerequisites-generate description:NPNo Prerequisite
 Advisories-generate description:UUser-Generated Text
 Prereq-provisional:NNO
 Prereq/coreq-registration check:NNo Prerequisite Rules Exist
 Requires instructor signature:NInstructor's Signature Not Required
   
BASIC INFORMATION, HOURS/UNITS & REPEATABILITY
 Method of instruction:02Lecture
 71Internet-Based, Simultaneous Interaction
 72Internet-Based, Delayed Interaction
 Area department:CSComputer Studies
 Division:72Arts & Humanities
 Special topic course:NNot a Special Topic Course
 Program Status:2Not Certificate/Major Applicable
 Repeatability:00Two Repeats if Grade was D, F, NC, or NP
 Repeat group id:  
   
SCHEDULING
 Audit allowed:NNot Auditable
 Open entry/exit:NNot Open Entry/Open Exit
 Credit by Exam:NCredit by examination not allowed
 Budget code: Program:0000Unrestricted
 Budget code: Activity:0701Computer & Information Science
   
OTHER CODES
Disciplines:Computer Information Systems
OR
Computer Science
 Basic Skills:NNot a Basic Skills Course
 Level below transfer:YNot Applicable
 CVU/CVC status:YDistance Ed, Not CVU/CVC Developed
 Distance Ed Approved:NNone
 Emergency Distance Ed Approved:YFully Online
Partially Online
Online with flexible in-person activities
 Non-credit category:YNot Applicable, Credit Course
 Classification:YCareer-Technical Education
 SAM classification:CClearly Occupational
 TOP code:0708.00Computer Infrastructure and Support
 Work-based learning:NDoes Not Include Work-Based Learning
 DSPS course:NNO
 In-service:NNot an in-Service Course

Print PDF