Scribd Logo
Upload

Welcome to Scribd!

  • MIS 427 Syllabus: Materials

    Uploaded by

    AlfredoAgusato
    10 views3 pages
    Because fuck it why not

    Original Title

    2011-FALL-MIS427-LEC-A1

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Because fuck it why not

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    10 views3 pages

    MIS 427 Syllabus: Materials

    Uploaded by

    AlfredoAgusato
    Because fuck it why not

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    MIS 427 Syllabus

    This course covers the main aspects of IT security from a manager's point of view.
    Managers in any field need to be aware of security and have a grasp on what can be done
    to monitor and improve it. This is a field that literally changes on a daily basis and as the
    world becomes more and more interconnected there isn't a business or government on
    earth that doesn't have some sort of electronic entry into their private infrastructure. We will
    examine how these resources can be protected in both a proactive and reactive way. The
    Course addresses the key aspects of security including the following as well as others:

    Identifying targets- Who is attacked and why


    Examining outcomes- Lost revenue, repair costs, reputation, law suites, etc
    Challenges implementing security- Cultural, lost functionality, Freedom
    Policy Creation and enforcement- When is Big brother too much?
    Auditing and Forensics- Monitoring for attempts and breaches and then tracking
    them down
    Business Continuity- Keeping things running
    Entry points into your network- both physical and virtual
    Latest methods of Attacking

    This course takes a managers approach in dealing with the planning and implementing from
    a high level. There is some technical information covered but deals more with general
    information instead of vendor specific settings. The assignments will revolve around
    identifying targets and how they can be exploited.
    This course is not only for MIS students but any student who wants to be in a manager's
    role in any company and is involved in maintaining and increasing revenues as well as
    reputation. Technology is everywhere and even if you think you are not a target you can
    become an easy way into bigger and better targets. Managers need to be aware what has
    to be done to ensure the successful securing of technology in business today.
    Materials
    Supplementary resource materials: URL: https://ulearn.ualberta.ca with articles, software,
    case studies, and exercises, etc.
    Pre-requisites
    You must have completed the introductory information systems course MIS 311 and have
    some experience with using computers. If you lack such pre-requisites, you should discuss
    your situation with the instructor prior to enrolling in this course.
    Format
    The format of the course will consist of lectures, group discussions, case studies, webcasts, scheduled lab sessions, a final exam, several small assignments, 2 larger
    assignments and class participation.

    Week 1 & 2- Introduction and Group Organization


    Week 3- Identifying Targets, who and why(Industries, specific companies, size of
    companies, terrorism, government, backdoors or zombies to attack other targets and the
    fun and challenging hack)
    Week 4- Examining the outcomes of successful attempts (Repair costs, Lost Revenue,
    Reputation, Law suites, physical damage chain reactions with other businesses)
    Week 5- Challenges implementing security (Cultural changes, training, Cost, Lost
    functionality, Balancing Security with easy of Use)
    Week 6- Policy Creation and enforcement (big Brother)
    Week 7- Auditing and Forensics (creating reports for either internal use or outside
    authorities, auditing running systems and finding the trail of compromises)
    Week 8 - Disaster Recovery and Business Continuity Planning (How to plan and prepare for
    after a physical or cyber threat has affected your Business)
    Week 9 - Points of Access (ways to penetrate systems e.g. Online monitoring, monitoring
    network traffic wired and wireless, scanning computer network Ports, server penetration)
    Week 10 -Detection & Protection (which general tools can be used to detect and protect)
    Week 11- Updates on the latest attempts and what they look like (examination of recent
    breaches and attempts that affect different industry's, Should include recent Case studies.
    Week12- Presentation (Revolves around address a security IT plan for a business from
    Policy to training to implementation to maintaining)
    Week 13 - Used to balance out over run or guest speakers

    Date

    Sept 8
    Sept
    13,15
    Sept
    20,22
    Sept
    27,29

    Topic

    Text Additional
    PP Resources

    -Intro

    Jim Kiddoo

    -Group Setup
    -Assignment
    intro

    Jim Kiddoo

    Identify Targets

    Jim Kiddoo

    Examine
    Outcomes
    Implementation
    challenges
    Policy Creation
    Oct 4,6 and
    Enforcement
    Auditing and
    Oct 11,13
    Forensics
    Disaster Recover
    Oct 18,20 and Business
    Continuity
    Oct 25,27 Points of Entry
    Detect and
    Nov 1,3
    Protect
    Nov 8,10 Latest Attempts
    Nov 15,17 Presentations
    Nov 22,24 Review
    Nov 29,
    Dec 1

    1.
    2.
    3.
    4.
    5.

    Instructor/Guest Comments/Notes

    GradingSeparate Assignments -10%


    In class exercises- 20%
    Assignment #1- 20%
    Term Assignment #2-20%
    Final Exam- 30%

    Jim Kiddoo
    Jim Kiddoo
    Jim Kiddoo
    Jim Kiddoo
    Jim Kiddoo

    Jim Kiddoo
    Jim Kiddoo
    Jim Kiddoo
    Jim Kiddoo
    Jim Kiddoo

    You might also like