Lecture1

Lecture1 - TEL2813/IS2820 Security Management Lecture 1 Jan...

Info iconThis preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: TEL2813/IS2820 Security Management Lecture 1 Jan 6, 2005 Contact James Joshi 721, IS Building Phone: 412-624-9982 E-mail: jjoshi@mail.sis.pitt.edu Web: /~jjoshi/TELCOM2813/Spring2005/ Office Hours: Wednesdays: 1.00 3.00 p.m. or By appointments GSA: will be announced later Course objective The course is aimed at imparting knowledge and skill sets required to assume the overall responsibilities of administration and management of security of an enterprise information system. Course objective After the course, ability to to carry out detailed analysis of enterprise security by performing various types of analysis vulnerability analysis, penetration testing, audit trail analysis, system and network monitoring, and Configuration management, etc. Carry out the task of security risk management using various practical and theoretical tools. Course objective After the course, ability to carry out Design detailed enterprise wide security plans and policies, and deploy appropriate safeguards (models, mechanisms and tools) at all the levels due consideration to the life-cycle of the enterprise information systems and networks, legal and social environment Be able to certify products according to IA standards Course content Introduction to Security Management Security policies/models/mechanisms Security Management Principles, Models and Practices Security Planning/ Asset Protection Security Programs and Disaster Recovery Plans Standards and Security Certification Issues Rainbow Series, Common Criteria Security Certification Process National/International Security Laws and Ethical Issues Security Analysis and Safeguards Vulnerability analysis (Tools Tech.) Penetration testing Risk Management Protection Mechanisms and Incident handling Access Control and Authentication architecture Configuration Management Auditing systems audit trail analysis Network defense and countermeasures Intrusion Detection Systems (SNORT) Architectural configurations and survivability Firewall configurations Virtual private networks Computer and network forensic Privacy Protection Case studies on OS and application software (e.g., SELinux, Unix and Windows Security) Course Material Recommended course material Management of Information Security , M. E. Whitman, H. J. Mattord Guide to Disaster Recovery , M. Erbschilde Guide to Network Defense and Countermeasures , G. Holden Computer Security: Art and Science, Matt Bishop (ISBN: 0- 201-44099-7), Addison-Wesley 2003...
View Full Document

Page1 / 54

Lecture1 - TEL2813/IS2820 Security Management Lecture 1 Jan...

This preview shows document pages 1 - 8. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online