Operating System Security Syllabus for 2013-2014
Return to Syllabus List
Instructor Information
Instructor
Ervin Frenzel (Curriculum Vitae)Office Location
Office Hours
Course Information
Recording Policy
Disability Statement
Any student who, because of a disabling condition, may require some special arrangements in order to meet course requirements should contact disAbility Services (Student Service Center room 119, phone 371-5436) as soon as possible.
Statement for Mental Health and Advocacy & Resource Center:
As a student you may experience a range of issues that can cause barriers to learning, such as strained relationships, increased anxiety, alcohol/drug problems, feeling down, difficulty concentrating and/or lack of motivation. These mental health concerns or stressful events may lead to diminished academic performance or reduce a student's ability to participate in daily activities. Amarillo College offers services to assist you with addressing these and other concerns you may be experiencing. If you or someone you know are suffering from any of the aforementioned conditions, you can learn more about the broad range of confidential mental health services available on campus by calling the AC Counseling Center at 806-371-5900. The AC Counseling Center website is https://www.actx.edu/counseling/ . Also, if you are in need of social services (affordable housing, utilities, transportation, food, clothing, childcare, medical/dental/vision, legal), please call the AC Advocacy & Resource Center at 806-371-5439. The AC Advocacy & Resource Center website is https://www.actx.edu/arc
Amarillo College Tutoring for Success Policy:
Administrative Drop Policy
N/A
Student Withdrawal Procedures
N/A
Privacy Statement
The Amarillo College Privacy Policy is found at https://www.actx.edu/-amarillo-college-privacy-notice , and applies to all Amarillo College students. If you have questions about this privacy statement or you believe that your personal information has been released without your consent, send email to humanresources@actx.edu .
Course
ITSY-2300-002 Operating System Security
Prerequisites
ITSY 1342
Course Description
Safeguard computer operating systems by demonstrating server support skills and designing and implementing a security system. Identify security threats and monitor network security implementations. Use best practices to configure operating systems to industry security standards.
Student Resources Student Resources Website
Department Expectations
\N
Occupational License Disclaimer
Hours
(3 sem hrs; 2 lec, 2 lab)
Class Type
On Campus Course
Syllabus Information
Textbooks
Textbook
\ \Official (ISC)2 Guide to the CAP CBK (2nd Edition)
\ \ISBN: 978-1-4398-2075-9
\ \Author: Howard
\ \Publisher: ISC2 Press
\ \\ \
Security Policies and Implementation Issues (electronic edition) and lab manual (obtained from www.ShopJBLearning.com)
\ \Author: Rob Johnson
\ \ISBN: 978-1-284-02077-9
\ \Publisher Jones and Bartlett
\
These books are not available through the Amarillo College bookstore and will have to be purchased/ordered from www.isc2.org , www.amazon.com or directly from www.ShopJBLearning.com (have it in your possession by the 2nd week of class at the latest).
\ \Additional texts (electronic format) will be made available throughout the course from the National Institute of Standards and Technology (NIST) homepage at no cost to the students.
\ \Supplementals (no cost to students) downloaded from http://csrc.nist.gov/publications/PubsSPs.html
\ \NIST SP 800-59 (Guideline for Identifying an Information System as a National Security System)*
\ \NIST SP 800-53 A Rev. 1 (Guide for Assessing the Security Controls in Federal Information Systems and Organizations, Building Effective Security Assessment Plans)*
\ \NIST SP 800-47 (Security Guide for Interconnecting Information Technology Systems)*
\ \NIST SP 800-39 (Managing Information Security Risk: Organization, Mission, and Information System View)*
\ \NIST SP 800-37 Rev. 1(Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach)*
\ \NIST SP 800-30 Rev. 1(Guide for Conducting Risk Assessments)*
\ \NIST SP 800-18 Rev.1 (Guide for Developing Security Plans for Federal Information Systems)*
\ \NIST SP 800-14 (Generally Accepted Principles and Practices for Securing Information Technology Systems)*
\ \NIST SP 800-12 (An Introduction to Computer Security: The NIST Handbook)*
Supplies
\ Students must have reliable access to a PC (personal computer) and the Internet. Computers are available in the CIS Department at Amarillo College and have reliable access to the Internet. Additionally students will need: Binder, pen, pencil, scrat
Student Performance
End-of-Course Outcomes: Employ the physical security of network infrastructure components using National Institute of Standards and Technology (NIST) Guidelines and other best practices; develop backup procedures to provide for data security; use network operating system features to implement network security; identify computer and network threats and vulnerabilities and methods to prevent their effects; use tools to enhance network security; and use encryption techniques to protect network data.
Students Rights and Responsibilities
Student Rights and ResponsibilitiesLog in using the AC Connect Portal
In order to receive your AC Connect Email, you must log in through AC Connect at https://acconnect.actx.edu .
If you are an active staff or faculty member according to Human Resources, use "Exchange". All other students, use "AC Connect (Google) Email".
Expected Student Behavior
\ It is the policy of the Sciences and Engineering Division and the Electronics Technology Department that food and drink may be allowed in the classroom setting, at the instructor’s discretion, but food and drink are not allowed in labs. Additionally pagers and cell phones must be turned off or in silent mode in the classroom setting and pagers and cell phones must be turned off while in labs.
\\ Students are expected to maintain a high standard of individual honor in their scholastic work. Students who are guilty of cheating, plagiarism, copying, or dishonesty may be excluded from class with a grade of F; or, in flagrant cases, may be suspended from the College.
\\ The faculty of the CIS Department reserves the right to ask a student to verify any portion of a test by reproducing any specific section or the entire exam of the test in question. Any action that compromises the computer systems at Amarillo College, including but not limited to hacking or cracking, can result in a grade of "F" in this course and possible further disciplinary action.
Grading Criteria
A >90, B = 80 to 89, C = 70 to 79, D = 60 to 69, F < 60
\ \\ \
Class Overall Grade
\ \| DHS, FEMA, and TEEX - Information Security Basics (15%) & Information Risk Management (15%) | \30% | \
| \
Classroom (20%) Participation / In-Class Discussions - Done through Blackboard \ | \
20% | \
| \
Homework - Chapter Review Questions (ISC2 Book) - Done through Blackboard \ | \
\
20% \ | \
| \
Individual Notebook \ | \
\
20% \ | \
| \
Attendence \ | \
\
10% \ | \
\ \
For Papers
\ \\ \
| \
Grammar and Adherence to APA Format \ | \
\
25 Points \ | \
| \
Clarity and Logic of Presentation \ | \
\
15 Points \ | \
| \
Originality of Ideas and Research \ | \
\
25 Points \ | \
| \
Depth of Scholarship & Substantive Value \ | \
\
10 Points \ | \
| \
Theoretical and Conceptual Framework \ | \
\
10 Points \ | \
| \
Use of Literature \ | \
\
15 Points \ | \
| \
PLAGARIZED WORKS \ | \
\
-100 Points \ | \
\ \
For Notebooks
\ \| Binder turned in on time & organized | \\ | 5 points | \
| Coversheet on binder (includes name, class, instructor name, date) | \\ | 5 points | \
| Table of contents listed to include: | \\ | \ |
| Table of contents | \(Page #) | \10 points | \
| Syllabus | \(Page #) | \10 points | \
| Lab book and completion report (as applicable from class) | \(Page #) | \10 points | \
| NIST documentation (as applicable from class) | \(Page #) | \10 points | \
| Relevant Notes | \(Page #) | \10 points | \
| Turned in and graded reports | \(Page #) | \10 points | \
| Completed labs (ITSY 2300 - requires certificates of completion for FEMA courses) | \(Page #) | \30 points | \
| Turned in after due date (Not accepted after 3 late days) | \\ | -10 points/day | \
The opportunity to make-up an exam and/or lab will be determined by the circumstances of each individual, permitted at the discretion of the instructor. It is understood that the student has no intention of making up missed work if more than five days have elapsed since assignment was due. Communication is critical therefore notifiy the instuctor through email, text, or phone call immediately if you have an illness or absence that will affect your ability to complete any assignment prior to the completion date.
\ \The time and place for make-up test will be determined by the instructor. No make-up work will be accepted after the close of the semester.
\ \Students who miss gradable coursework due to an absence will be given the opportunity to make up the missed work, with the exception of the final exam provided they have made contact with the instructor and arranged a time to complete the work prior to the close of the semester. The final exam may be taken early, if prior arrangements have been made. It is the responsibility of the student to contact the instructor as soon as possible after return to class to arrange to make up missed coursework.
\ \INSTRUCTOR'S STATEMENT: As your instructor, I am always willing to discuss your grades with you and explain how your grade was determined. If a grading error has been made on my part, I am always willing to correct the error. No work will be accepted after the close of the semester if prior arrangements by individual assignment were not made.
\ \Written work Rubric will be posted in the resource folder in class.
Attendance
Please remember the deadline for dropping a class at AC is published in the official Amarillo College Schedule of Classes. If you stop attending class and do not officially drop the course by this deadline, you will receive an F for the course. Attendance in class is regarded as requirement, and obligation for learning. Students will be counseled by the instructor after three (3) absences and warned and after two (2) absences. Four (4) absences in any one semester will be cause for student to be dropped one (1) letter grade.
\ \Being tardy three (3) times will be considered one (1) absence.
\ \It is the responsibility of the student to make up any work missed due to absences and to gain missed lecture notes through outside reading and/or note from classmates. Make up examinations (and other assignments) will be permitted at the discretion of the instructor. The time and place for make-up test will be determined by the instructor.
\ \If you are going to be late or absent, please notify the instructor as soon as possible (before class).
\
Calendar
The week starts on Monday morning at 00:01 and ends Sunday night at 23:59.
\ \\ \
SUMMER 2014
\ \ITSY 2300: Operating System Security Course Calendar
\ \Week 1 J&B Chapter 9 - User Domain Policies; J&B Chapter 10 IT Infrastructure Security Policies
\ \Discussion Questions to be completed by the Thursday evening of the current week.
\ \Week 2 Chapter 2 - Information System Categorization (CAP book)
\ \J&B Chapter 7 - How to Design Organize, Implement, and Maintain IT Security Policies
\ \J&B Chapter 8 - IT Security Policy Framework Approaches
\ \Discussion Questions to be completed by the Thursday evening of the current week.
\ \Week 3 Chapter 3 - Establishment of the Security Control Baseline (CAP book)
\ \J&B Chapter 2 - Business Drivers for Information Security Policies
\ \J&B Chapter 6 - IT Security Policy Frameworks
\ \Discussion Questions to be completed by the Thursday evening of the current week.
\ \Week 4 Chapter 4 - Application of Security Controls (CAP book)
\ \J&B Chapter 5 - Information Security Policy Implementation Issues
\ \Completion of EC - AWR173 - 28 (Information Security Basics)
\ \(From http://teex.com/teex.cfm?pageid=training&templateid=14&area=teex&browse=231)* EC - AWR177-28 Due NLT 6 July 2014 at 23:59
\ \Week 5 Chapter 5 - Assessment of Security Controls (CAP book)
\ \J&B Chapter 3 - US Compliance Laws and Information Security Policy Requirements
\ \J&B Chapter 4 - Business Challenges within the Seven Domains of IT Responsibility
\ \Discussion Questions to be completed by the Thursday evening of the current week.
\ \Week 6 Chapter 5 - Assessment of Security Controls (CAP book)
\ \J&B Chapter 11 - Data Classification and Handling Policies and Risk Management Policies
\ \Discussion Questions to be completed by the Thursday evening of the current week.
\ \Week 7 Chapter 6 - Information System Authorization (CAP book)
\ \J&B Chapter 12 - Incident Response Team (IRT) Policies; Chapter 15 - IT Policy Compliance Systems and Emerging Technologies
\ \Discussion Questions to be completed by the Thursday evening of the current week.
\ \Notebook to be turned in no later than Friday at noon - contact instructor for turn-in location. - This can be turned in early but not late.
\ \Week 8 Chapter 7 - Security Controls Monitoring (CAP book)
\ \J&B Chapter 13 - IT Security Policy Implementations; Chapter 14 - IT Security Policy Enforcement
\ \Discussion Questions to be completed by the Thursday evening of the current week.
\ \Final Prep for CAP testing & Completion of EC - AWR177 - 28 (Information Risk Mgmt)
\ \(From http://teex.com/teex.cfm?pageid=training&templateid=14&area=teex&browse=231)* EC - AWR177-28 Due NLT 22 July 2014 at 23:59
\ \Material to be covered is subject to change.
\ \The course content builds upon itself, missing classes will place you behind. Please inform me if you know in advance that you will be absent – it is up to you as a student to find out what was missed during previous classes. Much of this class will be team oriented and the final grade/project for the course will be a industry best-practice standardized team developed security program. Use your time wisely - the online certification course can be completed prior to the due dates. I do not give points, I simply record your efforts.
\ \* Requires registration through FEMA, walking through the registration process begins at http://teex.com/teex.cfm?pageid=training&templateid=14&area=teex&browse=231
\ \
Additional Information
\ \
Important Dates to Remember
\ \| \
Summer I \ | \
\ |
| \
May 27 \ | \
\
Summer I classes begin \ | \
| \
May 30 \ | \
\
Census day (Summer I) \ | \
| \
June 25 \ | \
\
Last day to drop (Summer I) \ | \
| July 3 | \\
End of Semester (Summer I) \ | \
| \
July 4 \ | \
\
Happy 4th of July - School Closed \ | \
| \
Summer II \ | \
\ |
| July 7 | \\
Summer II classes begin \ | \
| \
July 10 \ | \
\
Census day (Summer II) \ | \
| \
August 6 \ | \
\
Last day to drop (Summer II) \ | \
| August 14 | \\
End of Semester (Summer II) \ | \
| \
Summer 2013 \ | \
\ |
| \
May 27 \ | \
\
Summer classes begin \ | \
| \
June 9 \ | \
\
8 week online classes begin \ | \
| June 16 | \\
8 week online classes census day \ | \
| July 22 | \\
Last day to withdraw from 8 week online classes \ | \
| \
August 1 \ | \
\
End of 8 week online classes \ | \
| \ | \
\ | \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
\ \
This course requires work outside of the classroom to complete. Additional training videos can be watched prior to attending class to improve your concept understanding for the scheduled section. This helps to lay the foundation for the classroom discussion. Contact the lab staff for further guidance and video sign-in roster.
\ \Missing scheduled presentation days will automatically result in a zero for the individual absent for that assignment. Team leaders who miss deadlines will be given a zero for their portion of the assignment (no exceptions), there is no grace for team projects. Submitted papers will only be accepted through the inclass folder, no submissions to any other email address is allowed. All documents will be submitted in an unlocked word document using a .doc or docx format.
Syllabus Created on:
11/30/-1 12:00 AM
Last Edited on:
11/30/-1 12:00 AM