ITM Security (ITMS)
This course examines security architecture elements within modern object-oriented programming languages that create the framework for secure programming. Analysis of components and services with their inherent strength and weaknesses give rise to common coding security challenges. An exploration of identity management, encryption services and common hacking techniques will enable the student's ability to develop secure code. Homework assignments and projects will reinforce theories taught.
Students will engage in an in-depth examination of topics in data security including security considerations in applications & systems development, encryption methods, cryptography law, and security architecture & models.
This course will address methods to properly conduct a computer and/or network forensics investigation including digital evidence collection and evaluation and legal issues involved in network forensics. Technical issues in acquiring court-admissible chains of evidence using various forensic tools that reconstruct criminally liable actions at the physical and logical levels are also addressed. Technical topics covered include detailed analysis of hard disks, files systems (including FAT, NTFS and EXT), and removable storage media; mechanisms for hiding and detecting hidden information; and the hands-on use of powerful forensic analysis tools.
Digital steganography is the science of hiding covert information in otherwise innocent carrier files so that the observer is unaware that hidden information exists. This course studies both digital steganography and digital steganalysis (the science of discovering the existence of and extracting the covert information). In addition to understanding the science and the pathologies of specific carriers and hiding algorithms, students will have hands-on experience with tools to both hide and extract information. Carrier files such as image, audio, and video files will be investigated.
This course addresses hands-on ethical hacking, penetration testing, and detection of malicious probes and their prevention. It provides students with in-depth theoretical and practical knowledge of the vulnerabilities of networks of computers including the networks themselves, operating systems and important applications. Integrated with the lectures are laboratories focusing on the use of open source and freeware tools; students will learn in a closed environment to probe, penetrate and hack other networks.
Prepares students for a role as a network security administrator and analyst. Topics include viruses, worms, other attack mechanisms, vulnerabilities and countermeasures, network security protocols, encryption, identity and authentication, scanning, firewalls, security tools, and organizations addressing security. A component of this course is a self-contained team project that, if the student wishes, can he extended into a full operational security system in a follow-course,
Prepares students for a role as a network security analyst and developer and gives the student experience in developing a production security system. Topics may include computer and network forensics, advances in cryptography and security protocols and systems; operating system security, analysis of recent security attacks, vulnerability and intrusion detection, incident analysis and design and development of secure networks. This course includes a significant real world team project that results in an fully operational security system. Students should have previous experience with object-oriented and/or scripting languages.
This course will address methods for recovering digital data or evidence and conducting forensic analysis of mobile devices such as smart phones and tablets. Various devices will be compared including iPhone, Android, and Blackberry. A brief review of Linux and related forensic tools. ANAND technology and mobile file systems will be discussed. Students will learn how to unlock and root mobile devices and recover data from actual mobile devices.
Cyber warfare is defined as "warfare waged in cyberspace," which can include defending information and computer networks and deterring information attacks as well as denying an adversary's ability to do the same. It can include offensive information operations mounted against an adversary or even dominating information on the battlefield. Students participating in this discussion-based course will explore the current state of cyber security from national and international perspectives and consider cyber-based operations through the lens of a government pursuing strategic goals. How might their actions impact the industry's ability to conduct business operations? What does the current threat environment look like? The course will include extensive discussions and student presentations.
This course will address theoretical concepts of operating system security, security architectures of current operating systems, and details of security implementation using best practices to configure operating systems to industry security standards. Server configuration, system-level firewalls, file system security, logging, anti-virus and anti-spyware measures and other operating system security strategies will be examined.
In-depth examination of topics in the management of information technology security including access control systems & methodology, business continuity & disaster recovery planning, legal issues in information system security, ethics, computer operations security, physical security and security architecture & models using current standards and models.
This course will cover a particular topic in Information Security, varying from semester to semester, in which there is particular student or staff interest. This course may be taken more than once but only 9 hours of ITMS 579 credit may be applied to a degree.
In this course, students learn the fundamental principles and concepts in the conduct of investigations in the digital realm. Students will learn the process and methods of obtaining, preserving and presenting digital information for use as evidence in civil, criminal, or administrative cases. Topics include legal concepts and terminology, ethics, computer crime, investigative procedures, chain of custody, digital evidence controls, processing crime and incident scenes, data acquisition, e-mail investigations, applicable case law, and appearance as an expert witness in a judicial or administrative proceeding.
This course is an in-depth examination of topics in information technology/information security governance, risk, and compliance including information assurance policies, standards, and compliance as well as the examination of security risk analysis and the performance of systems certification and accreditation.
Students learn to design and manage key business information security functions including incident response plans and incident response teams disaster recovery plans; and business continuity plans. Reporting, response planning and budgeting are all addressed. Students working in reams will prepare an incident response, disaster recovery, or business continuity plan for a real-world organizations such as a business or a government body or agency.