p. 1

course number/title bu282 cybersecurity department recommended text business/criminal justice easttom chuck 2006 computer security fundamentals upper saddle river nj prentice hall dr michael thompson posted and by appointment htpp istep.axiolearning.org freshman/sophomore year credit hours days/times fall 2010 3 hour online instructor office hours website course placement room number axio online office ph 785.460.5530 e-mail michael.thompson@colbycc.edu prerequisite none rationale this course offers elective credits in business and criminal justice studies course description today businesses security agencies and law enforcement face the unprecedented challenge of a criminal that is organized well informed and technically competent acts of terrorism and the compromise of computer communications are examples of threats that require the application of technology to provide increased security this emerging field of study and practice is a multidisciplinary academic field of study this class will address the cybersecurity threat from a comprehensive position students will be challenged to recognize and understand security concerns from multiple perspectives ranging from insider threat to threats involving actual physical components students will be introduced to basic security principles as well as theory and concepts of computer security in networked systems study will include security issues and the importance of sound security policies in organizational management as well as in design methodology associated with hardware software development databases operating systems and networks as well as the use of encryption the most common attacks on systems will be covered vulnerability assessment tools and techniques will for defending systems will be explored no special computer skills or knowledge is required for this class ccc student learning outcomes addressed in this course 1 2 3 a higher level of critical and creative thinking processes ability to solve problems using a variety of techniques and methods ability to utilize the technology relevant to the learner s discipline course outcomes a cognitive outcomes this course will develop the student s general intellectual abilities curiosity powers of critical analysis aesthetic appreciation and creativity the student will have the capacity to analyze and interpret the general principles underlying current cyber threats to security and critically examine the application of these principles to real problems demonstrated by the student s ability to read and think critically to write effectively and express him or herself.

[close]

p. 2

bu282 cybersecurity 2 b affective outcomes upon completion of the course the student will have a basic understanding of electronic applications to business and security interests how to interpret threats and how systems are charged with balancing the need for operational efficiency and protection of valuables contrasted to the need to protect the individual rights and privacy so to employ fair and just results course outline modules module 1 topics orientation lessons course overview activities review class website reflect class policies read text walk-through p xiv discussion 1 introductions read text pp 1-20 review powerpoint reflect how seriously should you take threats to network security exercise1 assess your system discussion 2 security analysis read text pp 27-47 review powerpoint reflect how does the internet work exercise 2 tracert exercise 3 ping read text pp 54-79 review powerpoint reflect how does a hacker assess a target system exercise 4 netcraft exam 1 ­ chapters 1-3 read text pp 85-101 review powerpoint reflect what are the operational limits of computer systems read text pp 108-126 review powerpoint reflect how can attacks on your system be prevented module 2 assessment introduction to cyber crime and security introduction identifying types of threats common attacks basic terminology network security paradigms online security resources introduction the osi model network basics how the internet works basic network utilities other network devices introduction basic reconnaissance scanning port monitoring managing in-depth searches introduction dos attacks distributed denial of service defending dos attacks introduction viruses trojan horses buffer overflow attack sasser virus spyware other forms of malware detecting and eliminating viruses and spyware introduction basics of assessing a system securing computer systems safe web surfing professional help assessment module 3 networks and the internet assessment module 4 assessing a target system module 5 assessment denial of service attacks module 6 malware assessment module 7 basics of assessing and securing a system assessment exercise 5 preventing sobig discussion 3 prevention read text pp 134-157 review powerpoint reflect how secure is secure exam 2 ­ chapters 4-6

[close]

p. 3

bu282 cybersecurity module 8 encryption introduction cryptographic basics history of encryption modern methods virtual private networks introduction internet fraud cyber stalking laws of cyber crime introduction what is industrial espionage information as an asset how does espionage occur protecting against espionage real world examples read text pp 166-183 review powerpoint reflect how secure is the information you send 3 module 9 assessment internet fraud and cyber crime discussion 4 ­ rsa encryption read text pp 189-211 review powerpoint reflect pirates on the internet exercise 6 chatroom track exercise 7 anti-spyware read text pp 219-234 review powerpoint reflect what type of information might a competitor want to know about you exercise 8 ­ key loggers exercise 9 ­screen captures exam 3 ­ chapters 7-9 read text pp 241-258 review powerpoint reflect how can you defend against cyber terrorist attacks assessment module 10 industrial espionage in cyberspace assessment module 11 cyber terrorism and information warfare introduction economic attacks military operations attacks general attacks information warfare actual cases future trends defense against cyber terrorism introduction general searches court records criminal checks usenet assessment module 12 cyber detective discussion 5 ­ security tactics information warfare read text pp 264-274 review powerpoint reflect what resources are available for conducting an investigation exercise 10 blocking information read text pp 282-295 review powerpoint reflect what hardware and software is available to protect your computer exam 4 ­ chapters 10-12 final exam chapters 1-12 assessment module 13 computer security hardware and software introduction virus scanners firewalls anti-spyware intursion-detection software finals week assessment assessment course learning objectives after mastering the material in this course the student will be able to identify security breaches in physical and cyber systems be able to discuss major issues concerning computer and physical security be familiar with standard security tools necessary to locate and fix security leaks in computer systems be able to model the security risks inherent in a networked system be able to discuss suitable security policies for different scenarios apply various access control techniques.

[close]

p. 4

bu282 cybersecurity 4 become familiar with the basic tools and techniques used by hackers to attack systems assess network and system vulnerabilities to attacks and learn countermeasures be aware of the importance of ethical conduct method of instruction learning management system lms axiotm is the learning management system lms that will be used for this online hybrid course a hybrid element may be brought into play with learners meeting in an online classroom during our fifteen week learning period instruction will be a blended online format using distance peer2peer interaction student2instructor interaction cooperative learning completion of written assignments and usage of resources textbook transparencies handouts current events and instructional technology including interactive computer simulations and internet programs scheduled presentations will employ discussion sessions in which students will be encouraged to participate in an instructor-guided exchange of ideas and observations pertinent to selected subject areas attendance and participation are imperative the instructor may modify course activities and/or the class schedule in the best interest of student learning and will inform the students of any changes i strongly believe that a free and open exchange of ideas and points of view concerning the concepts and issues that are involved in this course is an essential element of the learning process this approach requires that students think about the justice and security systems in an objective fashion it also requires students to adequately prepare themselves to participate in class discussions opposing points of view even those contrary to my own which are in good taste pertinent to the topic at hand and intended to enhance the learning process are encouraged as such this course will be a collaborative effort between the instructor and student we will engage in lectures class discussion simulation exercises critical writing practical encounters and videos method of evaluation evaluation of the student s success will be measured through examinations exercises discussion threads and lab activities using this range of assessment will give me a fair evaluation of student performance in the course a final letter grade will be given based on the following criteria partcipation this is a hands-on course and computer intensive it is your task to impress me by playing an active role in the learning process and have thoughtfully read the assignments class time is for answering your questions and exploring ideas you will have the opportunity to analyze data relevant to security issues and the activities that comprise the focus of this course this analysis will not be a summary of what you read but will instead consist of critiques comments observations suggestions or ideas developed while preparing for your assignments you will be asked to observe the protection process and you will help one another and the instructor better understand the legal issues at this level of the business applications for security it should be fun as well as informative to get the most out of this class you need to participate in all aspects of it including internet analyses class discussions and class meetings you are also expected to complete assignments and papers on time and to do your own work tests ­ including the final there will be five tests of equal weight including the final these may be cumulative in that they may assume concepts and theories introduced in previous sections of the course tests may include various kinds of questions including multiple choice short answer and discussion.

[close]

p. 5

bu282 cybersecurity 5 discussion threads you need to answer each discussion thread topic as assigned in the outline there are five 5 discussion threads for this course each is worth up to fifty 50 points for a total of 250 possible points in which you critically reflect upon and analyze the problem and your experience these threads are a self-conscious effort at thinking about what you are learning notes reflections insights connections and critiques from your life experiences readings other relevant courses or experiences are to be recorded threaded entries should reflect a serious effort to synthesize theory and practice by including analytical observations and critical thought of the various cybersecurity environments that we cover in class and discuss the main concepts so read daydream think of some questions that the reading left you with or think about how the reading made sense to you explore your ideas by observation within our online environments exercises the material outline as set forth above represents an issue in corporate computer and network security students will perform and prepare written documentation and evidence of completing the assignment for ten 10 separate issues as outlined the exercises and assignments are intended to develop your critical reading and thinking skills and will also serve as important feedback regarding what you are learning from the readings so that i can adjust our in-class activities to help you understand the material better you will be graded on the critical thinking and technical proficiency evident in your responses that indicate you carefully reflected on the assignment these ten 10 lab assignments are worth up to 10 points each the completed assignment will be concise and only as long as is necessary to demonstrate your achievement of the exercise goal these assignments will be graded as follows ways to lose points using any of the examples i ve mentioned in lecture in class or on this instruction page using any ideas strongly related to the above material in general anything indicating a failure to think for yourself and looking for a shortcut ways to complete the assignment ways to gain points finding a state guarantee that involves a deeply significant highly fundamental right expressing an understanding of why the right is significant or more important than others anything that expresses the full substantive scope of a right not just a minor procedural change you are on your own in finding sources of information but i would recommend any source that indexes or summarizes the information you need you might also try publications or websites indicated in your text or side readings one final tip if you want to avoid thrashing around endlessly it helps if you conceptualize the particular problem to be solved in your mind before you begin your search feel free to e-mail me if you have questions or want assistance bonus points you can receive bonus points by attending certain college functions and events these will be posted on the announcement page and by giving in-class presentations on cybersecurity topics you will need to discuss these topics with me first and to schedule when the presentations will be given no more than sixty 60 bonus points will be added to your total points for these activities a total of sixty 60 bonus points may be earned in this class which will be added to the sum of your point totals.

[close]

p. 6

bu282 cybersecurity 6 extra credit option to obtain extra credit you must complete the term paper project option on computer and network security the purpose of this project is to practice writing-communication skills necessary to succeed in most occupations and to learn more about the cybersecurity process this option requires you to write a formal research paper on some specific aspect of cybersecurity extra credit project minimum standards are 1 your paper must be typewritten 2 your paper must have a title page identifying the title of your paper the title of this class your name my name and the date 3 you must develop a thesis that you will prove or disprove such as the inescapable dilemma of security procedures is that the easier it is made to prove guilt the more difficult it is to establish innocence you are to state this thesis on a separate piece of paper and place it after your cover sheet be specific do not be ambiguous 4 the body must have page numbers and all margins must be no greater than 1 inch 5 use an english style manual i.e turabian strunk or the chicago manual for proper citation of footnotes 6 the body must be thoughtful neat well organized and must be at least ten 10 pages in length less will not be accepted and does not include the bibliography the body of your research paper will provide evidence to support your thesis not based on your opinion but based on the best factual sources that you can find in the literature 7 use a multitude of footnotes notes at the end of the sentence mla style are not acceptable using lots of notes to draw attention to where you got your material only strengthens a research paper almost every thing you say came from some source 8 lastly have a bibliography pages and i expect at least four 4 or more quality sources 9 the paper must be completed by the monday april 28th the paper must be handed in on time or it may be downgraded each day the project is late and not actually in my physical possession the term project will be worth a maximum of 100 points of extra credit depending on the quality of the project extra credit points will be added to the sum of your point totals grading policy and scale there is no grading curve nor are there any expectations as to the number of a s b s c s etc are given in a particular class therefore you are not competing against others in the class this means you will receive whatever grade you earn based upon the quality of your work however excellent or poor that quality is i believe every student is capable of earning a good grade in this course if they are willing to make the necessary commitment of tire and effort i encourage you to be optimistic about your potential grade however at the same time you have realistic expectations given the level of commitment you are willing to devote to the class i make every effort to be a fair and objective grader i will never penalize you because you have a difference of opinion with me as long as you support your opinion with wellreasoned arguments and evidence which you believe supports your opinion letter grades will be assigned as follows abcdf 90 and above 80-89 70-79 60-69 below 60 grade appeal procedure for assignment grades i am perfectly willing to hear an appeal of your grade on any assignments in fact because i try my best to be a fair objective and accurate grader i actually want you to point out to me any concerns you have

[close]

p. 7

bu282 cybersecurity 7 about the points and grades i have assigned to make the appeal process itself as fair and objective as possible i have the following procedures you need to follow in making a grade appeal 1 your appeal must be in writing and typed this is so that i have an official record of the specifics of your appeal but also partly so that i know your appeal is genuine 2 in your written appeal you must tell me your precise concern about my grading how many additional points you think you deserve and why this is o i know your precise concerns the specific remedy you are seeking and your reasons in support of your appeal if you believe a photocopy of a portion of your class notes or a page reference to one of the course texts supports your appeal then include them in your written appeal 3 you must attach your graded assignment or exam to your appeal so that i can re-evaluate it with your concerns in mind after receiving your written appeal i will give it serious consideration and make a decision as soon as possible i will return the assignment or exam to you with a written typed explanation of my decision in the appeal if you would then like to meet with me personally to discuss my decision i will be happy to do so in order to help you improve your performance in the course further appeals should be made to the division chair and subsequently to the dean of instruction course requirements a you and your fellow students comprise this course to a large extent understanding comes from interacting and you cannot interact if you participate you must plan and participate to take advantage of this teaching technique make sure that you complete the writing assignments and take notes on what you read we cover something important every single class module communicating your thoughts to others is an important component of learning and participation is an important part of the course participation requires that you are to have read and thought about the material and respond accordingly on the discussion thread and in the exercises participation means not only responding to questions but also asking questions read the assignments in the text prepare daily make no mistake about it college is hard work to be successful you need to prepare and analyze information the better prepared you are the less time will be required explaining content and the more time we will have to devote to discussion take detailed notes try paraphrasing taking notes in your own words take notes on what we discuss even what you learned from an outside source leave room in your notes from other sources e.g the textbook later b c d recopy your notes many students are convinced that this is the most effective technique at the very least go over your notes nightly and use a highlighter to mark the most important points and make an outline e read the book especially read the parts that i emphasize mark in your book this does not decrease the resale value of your book tearing out pages does that i suggest reading the book three times scan it once briefly before the topic is discussed in class so that you know a little bit about the topic read it in detail after the topic is discussed in class and highlight all important parts these can also be transferred to your notes before the writing assignments/exam reread the highlighted portions of the text allow ample time to study this technique prevents

[close]

p. 8

bu282 cybersecurity 8 cramming the night before the final exam for each hour in class at least three hours outside of class are usually necessary for proper study time more if college is hard for you f see a tutor available free-of-charge at the comprehensive learning center tutors have been selected from past classes based on their academic performance and their ability to explain concepts assignment and deadline policy this course is self paced however students must have completed at least through chapter 6 and exam 2 by the mid-term copyright release note students are welcome to download materials for their own use but these should not be distributed these also may not be used commercially attendance policy while we don t meet in a traditional classroom setting it requires the same time commitment when we have an online meeting in chat or the online classroom you will be expected to attend you don t want to miss a class meeting unless a debilitating illness or kidnapping occurs people who participate perform better than those who do not moreover your absence deprives classmates of your wise judgment and could lead hopeless cynics to conclude that your thinking might be as random as your attendance if you plan to drop the course it is your responsibility to officially withdraw before the last day to drop if you fail to do so you may receive a failing grade in the course instead of a w student dishonesty you are strongly encouraged to review the section academic dishonesty found in the college bulletin copying answers from a classmate being unprepared for class without informing the instructor using crib notes plagiarizing signing in another student for class or representing another s work as your own without giving due credit will constitute academic dishonesty and will be dealt with in accordance with colby college s policy and result in a failing grade for the course citizenship the nature of this class is intended to expose you to the workings of electronic monitoring and security processes you are to operate under the assumption that everyone is acting in good faith as to honestly held beliefs those beliefs will be respected discussions will be issue oriented only and not personal there will be no personal attacks name calling questioning of patriotism or the like one goal of this course is to teach you to learn how to think and analyze critically and academically you will govern your behavior accordingly no barbarics behavior students pay money to take this course and most want to learn however sometimes an individual is not primarily interested in learning and disturbs or distracts others in a variety of ways therefore i reserve the right to reduce a student s grade by a letter for each incident this also extends to a student who distracts others a serious case of misconduct can result in expulsion from the course and a failing grade please be considerate of others trying to contribute and trying to learn.

[close]

p. 9

bu282 cybersecurity 9 readings you are also responsible to learn all reading material assigned so pace yourself and do not leave your reading until just before it is due use whatever learning skill you like but i recommend reading the material at least twice and making notes about key concepts or make an outline you must be able to demonstrate knowledge of the material presented and you must read and comprehend the text for example the following does little if anything to demonstrate you actually read or even thought about the material and does not explain the basis for the question or comment 1 2 what does the author mean when she said `x i disagree with the author when she said `z on the other hand the following comments demonstrates the material was thoughtfully reflected upon 1 the author says `x on page 89 but i m not sure i understand that concept because the author also seemed to say `not x on page 94 and then also left out any discussion of concept `y which i think was necessary background in understanding `x what did the author mean when she said `x 2 i disagree with the author when she said `z her evidence on page 72 did not support `z because that evidence could have been explained instead by explanation `q and then the author also used the logical fallacy of `lf when she concluded `z preparedness you are expected to be prepared for every online session however i understand there are times when situations dictate otherwise because this course is participatory intensive it is disruptive when you are thrust into the discussion without proper preparation final grades if you want your final grade sooner than the college will provide it please provide me with a self addressed and stamped envelope at final time and i will mail your grade as soon as it is available in the alternative you may e-mail me a grade request and i can send you a reply recordings except to accommodate special needs recording is not allowed reservation of rights i reserve the right to change any information contained in this document when necessary with adequate notice given to the student notice shall be given in on the announcement page of the class no other notice is required it is the students responsibility to keep up with any changes modifications adjustments or amendments that are made to this document course feedback policy i actively seek and highly encourage any feedback about this course at any time you wish to offer it i want to try to help you learn the material as best as i can and if i can improve my teaching or the learning environment i really truly sincerely honestly would like you to let me know if you feel uncomfortable telling me in person you can leave me an anonymous feedback letter in an unmarked envelope at my office all i ask is that you try to be polite in offering your criticism and that you try to offer constructive

[close]

p. 10

bu282 cybersecurity 10 advice on how i can best respond to the feedback in other words tell me your suggested improvements for the course my teaching or anything else about the learning environment e-mail my office hours are posted on my door and at the head of this syllabus however i am also available for questions and consultations by telephone and e-mail i regularly check and answer my e-mail e-mail is the most reliable and efficient way of contacting me if you don t have internet access at home student computer labs are connected to the internet and a web based e-mail account can readily be established i try to answer all my e-mails within 24 hours please be sure and identify yourself and the class in your email as not all internet identities readily translate to your name also i have more than one class and some of you are in several of them equipment students should purchase and take to class the following items 1 portfolio management folder 2 textbooks and course materials including assignments/projects 3 purchase and maintain computer disks or jump drive for backing up your assignments 4 weekly planner-calendar 5 internet access and a computer accommodations for students with special needs according to the americans with disabilities act it is the responsibility of each student with a disability to notify the college of his/her disability and to request accommodation if a member of the class has a documented earning disability or physical disability and needs special accommodation contact student support services which is located in the student union bibliography easttom chuck computer security fundamentals 2006 pearson prentice hall upper saddle new jersey panko raymond r corporate computer and network security 2004 pearson prentice hall upper saddle new jersey pfleeger charles and pfleeger shari security in computing 3rd ed prentice hall upper saddle river nj gollmann dieter computer security 1999 wiley ny ny garcia mary lynn the design and evaluation of physical protection systems 2001 butterworth heinemann boston mass instructor profile dr michael thompson preparatory education central state university master of arts/political science summa cum laude central state university bachelor of arts/sociology legal education oklahoma city university juris doctor with honors course specific training cybersecurity and loss prevention nsa national science foundation indiana pa fraternity phi delta phi honor society phi alpha delta recipient kerr foundation scholar wayne johnson memorial scholar hervey foundation scholar ocu school of law faculty honor roll who s who among american law students west publishing company award american jurisprudence awards jessup moot court award ocu law review staff editor appointments juvenile justice and delinquency prevention advisor to governors george nigh and henry bellmon county juvenile post adjudication review board state commission on children and youth services member university of central oklahoma alumni life member edmond ok southwest legal foundation alumni association dallas tx georgetown university law center civil rights litigation alumni washington d.c written works,

[close]

p. 11

bu282 cybersecurity 11 include articles on political process legal liability constitutional jurisprudence labor advocacy and monographs on public policy and municipal administration prior lectures include criminal law and procedure administrative law legal liability and constitutional jurisprudence for the fbi academy quantico va southwestern law enforcement institute dallas tx oklahoma judicial conference oklahoma council on law enforcement education and training and southwestern states highway safety group formerly police detective captain retired attorney with emphasis in prosecuting and defending civil rights actions and government litigation legal studies instructor city college moore oklahoma course overview this course is designed to allow didactic in-depth and experimental learning within the applications of business and legal restraint the system of providing security to corporate and network computer systems is complex and fascinating this protective system one way or another affects every resident of this country we are now living in times of great uncertainty this uncertainty coupled with the declining trust in the criminal justice system presents profound complexities that require extensive study and understanding of the basic and advanced features of the corporate protective systems.

[close]