COLLEGEWIDE COURSE OUTLINE OF RECORD CINT 251, INTRODUCTION TO SYSTEMS SECURITY CATALOG DESCRIPTION: Provides a fundamental understanding of network

security principles and implementation. The student will learn the technologies used and principles involved in creating a secure computer networking environment including authentication, the types of attacks and malicious code that may be used against a network, the threats and countermeasures for e-mail, web applications, remote access, and file and print services. Students are required to demonstrate course objectives through the appropriate CompTia certification exam preparation materials and the fee for the exam is assessed upon enrollment in the course. MAJOR COURSE LEARNING OBJECTIVES: Upon successful completion of this course the student will be expected to: 1. Recognize and differentiate access control models. 2. Recognize and differentiate methods of authentication. 3. Identify non-essential services and protocols and know what actions to take to reduce the risks of those services and protocols. 4. Recognize attacks and specify the appropriate actions to take to mitigate vulnerability and risk. 5. Recognize the types of malicious code and specify the appropriate actions to take to mitigate vulnerability and risk. 6. Explain how to reduce the risks of social engineering. 7. Explain the significance of auditing, logging and system scanning. 8. Recognize and understand the administration of the remote access technologies. 9. Recognize and understand the administration of email security concepts. 10. Recognize and understand the administration of internet security concepts. 11. Recognize and understand the administration of directory security concepts. 12. Recognize and understand the administration of file transfer protocols and concepts. 13. Recognize and understand the administration of wireless technologies and concepts. 14. Discuss security concerns and concepts of types of devices and media. 15. Discuss the concepts behind the kinds of security topologies. 16. Differentiate the types of intrusion detection, explain the concepts of each type, and understand the implementation and configuration of each kind of intrusion detection system. 17. Describe Security Baselines; be able to explain what a Security Baseline is, and understand the implementation and configuration of each kind of intrusion detection system. 18. Enable and Disable Services and Protocols. 19. Understand and manipulate Access Control Lists. 20. Understand Directory Services. 21. Understand System Security Databases (SID's) 22. Identify and explain the different kinds of cryptographic algorithms, standards and protocols. 23. Discuss how cryptography addresses security concepts. 24. Explain the concepts of PKI (Public Key Infrastructure). 25. Explain the concepts of Key Management and Certificate Lifecycles. 26. Apply concepts of physical security. 27. Describe the security implications of disaster recovery. 28. Discuss the security implications of business continuity. 29. Explain the concepts and uses of types of policies and procedures. 30. Understand the security implications during the employee hiring and termination processes. 31. Understand the ACM Code of Ethics. 32. Explain the concepts of privilege management. 33. Describe the security implications during forensics investigations. 34. Explain concepts of risk identification. 35. Discuss the security relevance of the education and training of end users, executives and human resources. 36. Explain documentation concepts.

COURSE CONTENT: Topical areas of study include General security concepts Communication security Infrastructure security Basics of cryptography Operational/organizational security