|
Saint Xavier University |
CMPSC 281
(formerly CMPSC 381)
WEB SECURITY
|
|
|
|
| Faculty Info: |
Jim Aman, Ph.D.
Associate Professor of Computer Science
WAC - N326
Office: (773) 298-3454
vRoom (see Blackboard) |
Office Hours: |
| |
TBA
Other office times by appointment
Online at any time
|
| Course Info: |
|
Computer Security: Principles and Practice
William Stallings
Pearson Prentice Hall, 2008
978-0-13-600424-0
0-13-600424-5
Recommended additional readings:
- Will be assigned throughout the course
Notes and Notices!
- Check the schedule and read the first week's material before class
|
.Computer security, by whatever name it may be called, is a critical consideration in modern business and professional environments. A working knowledge of computer security is a hallmark of a well-educated, well-rounded, well-prepared graduate from any computing program. This course examines current developments in this area and involves students in readings and projects which examine threats to computers and networks, the risks they raise, and available effective countermeasures.
Course Syllabus
The syllabus will be available for download. Sections of the syllabus are included on this page.
This is a three-semester-hour course. The target audiences are
majors and minors in computer science and majors in computer studies.
Capsule Description
This course examines the causes of computer insecurity, such as hacking, virus transmission and code corruption, and provides students with procedures, processes, and information to enhance security in a corporate environment.
Philosophy
In today's computing environment, it is particularly important for network and system personnel to know about technologies, terms, and processes related to Internet and basic computer security. Ignorance is the greatest threat to a system administrator or computing professional, because, whether someone is developing software, designing a network, or maintaining computer systems, security must always be a consideration. That is why students in this course are exposed to numerous readings, projects, and hands-on projects as reinforcement of concepts and procedures.
Objectives
| The student who has mastered the material will
... |
|
|
Teaching Methods
- Lectures and Demonstrations:
- Projects
- Exercises
- Additional Readings
- Quizzes and exams
- Internet Support: Check Blackboard and
the class web page for additional information about the course.
Blackboard will be the primary Internet tool of the course
and will be used by the instructor to post assignments and
occasionally by the students to post their work.
|
|
|
| Policies: |
- Missed Classes: You are responsible for obtaining material
which may have been distributed on class days when you were
absent. This can be done through contacting a classmate who
was presente or by contacting the instructor during office
hours or by other means. Missed or late quizzes cannot be
made up under any circumstances, but, with good cause and
adequate notice, an early quiz may be given. There are no
make-up exams. Students missing exams due to a pre-arranged,
excused absence will be allowed to count the final exam at
double value. Only official excuses will be accepted. Any
uncoordinated, unexcused, missed exam will result in a score
of 0 for that exam.
- Assignments: All assignments are due at the beginning of
class on the date due (the Wednesday of the week following
coverage of the chapter). Late submission of assignments
will be assessed a penalty of 10% per day. No exceptions
will be made.
- Academic Dishonesty: Plagiarism and cheating are serious
offenses and may be punished by failure on exam, paper, or
project; failure in course; and/or expulsion from the University.
For more information, refer to the Undergraduate Catalog.
- Need for Assistance: If you have any condition, such as
a physical or learning disability, which will make it difficult
for you to carry out the work as outlined here, or which
will require academic accommodations, you must follow the
University’s established policy for documenting the
condition through the Learning Center. You should also notify
me as soon as possible.
- Posting of Grades: Final grades will not be officially
posted by the instructor. Progress of grades may be followed
on Blackboard, however.
|
|
| Grading: |
| |
Testing........................................... |
|
| |
Projects ........................................ |
|
| |
Assignments ................................ |
|
| |
Participation ................................ |
|
|
| Schedule: |
WEEK |
TOPICS |
READINGS
|
Jan 14 |
Course introduction
Overview of the Profession
|
Chapters 0 & 1 |
Jan 21 |
Cryptographic Tools |
Chapter 2 |
Jan 28 |
User Authentication |
Chapter 3 |
Feb 4 |
Access Control |
Chapter 4 |
Feb 11 |
Intrusion Detection |
Chapter 6 |
Feb 18 |
Malicious Software |
Chapter 7 |
Feb 25 |
MIDTERM EXAM |
Chapters 1-4, 6-7 |
Mar 4 |
NO CLASS: Spring Break and the SIGCSE CONFERENCE (Chattanooga, TN) |
Mar 11 |
Denial of Service |
Chapter 8 |
Mar 18 |
Firewalls and Intrusion Prevention Systems |
Chapter 9 |
Mar 25 |
Physical and Infrastructure Security |
Chapter 13 |
Apr 1 |
Human Factors |
Chapter 14 |
Apr 8 |
Security Auditing
|
Chapters 15 |
Apr 15 |
IT Security Management and Risk Assessment
IT Security Controls, Plans and Procedures |
Chapters 16 & 17 |
Apr 22 |
Legal and Ethical Aspects |
Chapters 18 |
Apr 29 |
Operating System Security |
Chapters 23 & 24 |
May 6 |
Final Exam - 6:30-8:30 p.m. |
Comprehensive |
|
|
|
|
|
| Copyright © 2006-09, J. R. Aman |
|
5/11/09 |
|
|
