{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

Lecture1 - TEL2813/IS2820 Security Management Lecture 1 Jan...

Info iconThis preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon
    TEL2813/IS2820  Security Management Lecture 1 Jan 6, 2005
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
    Contact James Joshi 721, IS Building Phone: 412-624-9982  E-mail:  [email protected] Web:  /~jjoshi/TELCOM2813/Spring2005/ Office Hours:  Wednesdays: 1.00 – 3.00 p.m.  or By appointments GSA: will be announced later
Background image of page 2
    Course objective The course is aimed at imparting  knowledge and skill sets required to  assume the overall responsibilities of  administration and management of  security of an enterprise information  system. 
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
    Course objective After the course, ability to to carry out detailed  analysis  of enterprise security by  performing various types of analysis  vulnerability analysis, penetration testing,  audit trail analysis,  system and network monitoring, and  Configuration management, etc. Carry out the task of security  risk management   using various practical and theoretical tools. 
Background image of page 4
    Course objective After the course, ability to carry out Design  detailed enterprise wide security plans and  policies, and deploy appropriate safeguards  (models, mechanisms and tools) at all the levels  due consideration to the life-cycle of the enterprise information systems and  networks,  legal and social environment Be able to  certify  products according to IA  standards
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
    Course content Introduction to Security  Management Security  policies/models/mechanisms Security Management Principles,  Models and Practices Security Planning/ Asset  Protection Security Programs and Disaster  Recovery Plans  Standards and Security  Certification Issues Rainbow Series, Common Criteria Security Certification Process National/International Security  Laws and Ethical Issues Security Analysis and Safeguards  Vulnerability analysis (Tools Tech.) Penetration testing Risk Management Protection Mechanisms and Incident  handling Access Control and Authentication architecture Configuration Management Auditing systems audit trail analysis Network defense and countermeasures Intrusion Detection Systems (SNORT) Architectural configurations and survivability Firewall configurations Virtual private networks Computer and network forensic Privacy Protection Case studies on OS and application  software (e.g., SELinux, Unix and Windows  Security)
Background image of page 6
    Course Material Recommended course material  Management of Information Security , M. E. Whitman, H. J.  Mattord Guide to Disaster Recovery , M. Erbschilde Guide to Network Defense and Countermeasures , G. Holden Computer Security: Art and Science, Matt Bishop (ISBN: 0- 201-44099-7), Addison-Wesley 2003 Security in Computing, 2nd Edition, Charles P. Pfleeger,  Prentice Hall A list of papers will be provided
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 8
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}