UNIVERSITY OF SCIENCE AND TECHNOLOGY
FM-USTP-ACAD-01
Alubijid | Cagayan de Oro | Claveria | Jasaan | Oroquieta | Panaon
College of Information Technology and Computing
Department of Information Technology
USTP Vision
A nationally-recognized Science
and Technology (S&T) university
providing the vital link between
education and the economy
USTP Mission
 Bring the world of work
(industry) into the actual
higher education
and training of the
students;
 Offer entrepreneurs of
the opportunity to
maximize their business
potentials through a
gamut of services from
product
conceptualization to
commercialization;
 Contribute significantly
to the national
development goals of
food security and energy
sufficiency through
technology solutions.
Document Code No.
OF SOUTHERN PHILIPPINES
Rev. No. Effective Date Page No.
01 05.01.19 1 of 8
SYLLABUS
Course Title: Information Assurance and Security1
Course Code: IT311
Credits: 3 units (2 hours Lecture, 3 hrs Laboratory)
Semester/Year: 1st Semester SY2020-2021 Prerequisite(s): IT207 – Information Management, IT208-
Class Schedule: Networking 2, IT209 – Web Systems and Technologies 1
Bldg./Rm. No. ICT Building 9
Co-requisite(s):
Instructor: Jay Noel N. Rojo Consultation Schedule:
Email: jaynoel.rojo@ustp.edu.ph Bldg.Rm. No.: Bldg 09
Mobile No.: Office Phone No./Local: (088) 856 1739 local 154
I. Course Description:
This course provides an in depth investigation into meeting security needs of modern IT systems. Students will be
expected to demonstrate an ability to establish security policies and configure security devices and software
Topics covered include fundamental concepts, security mechanisms/countermeasures, compliance
with regulations and standards, risk assessment and mitigation.
II. Course Outcomes:
Program Outcomes (PO)
Course Outcomes (CO)
01 02 03 04 05 06 07 08 09 10 11 12 13
CO1: Examine the relationship
between threats, vulnerabilities,
countermeasures, attacks, E E E E E E
compromises and remediation throughout
the entire system life cycle. CO2: Explain
the key factors involved in authentication
and how they are used to
verify, identify and grant access to the
system.
Program Educational
Objectives:
CO3: Describe the legal and ethical
considerations related to the handling
and management of enterprise E E E E E E E E E E E
information assets.
CO4: Develop an incident handling
and reporting process and
recommend appropriate operational and
managerial processes to mitigate D D D D D D D D D D D D D
security and information assurance
issues based on a business impact
analysis report.
PEO1: Graduates are proficient in
the IT field and able to engage III. Course Outline:
constantly in technological and
professional advancement by Course Teaching-
Allotted Intended Learning Topic/s Suggested Assessment Grading Rema
pursuing a higher academic level Outcomes Learning
Time Outcomes (ILO) Readings Tasks/Tools Criteria rks
and practicing quality improvement (CO) Activities
in their career and personal lives. Course 1.Orientation 1. Online
Orientation Walk-through on
(Class Policies & the Information Registration
Assurance and
PEO2: Graduates are competent in requirements) Security
generating new ideas and Online student
Student Curriculum
innovations in Information Orientation on the enrolment to
Technology with more emphasis on Week 1 Handbook USTeP portal
USTeP portal
technopreneurship, management, Course
3 hrs
IT solutions and the likes Syllabus Social media
Creation of online
through research collaborations. group page.
PEO3: Graduates are student account.
practicing professionals in the
field of
Information Technology who can 1. Briefly describe the  History and Principles of - Lecture/seminar - online self-
contribute significantly to human history of the Terminology Information - Videos assessme
development, socio-economic field of Security 4th - Interactive nt test
transformation, and Information  Security Edition Activities
patriotic initiatives. Assurance and Mindset
Security. Security
Week2-  Design Engineering:
4 2. Explain the security principle A Guide to - Lecture/seminar
mindset Building
15 hrs - Videos
Dependable
  System/securi Distributed - Interactive
3. Outline the system ty life cycle Systems 2nd Activities
life-cycle and its Edition
relationship to
security.
 Security - Case-study
4. Prepare a threat report/analysis
implementation
analysis Case-study 1
and
mechanisms analysis
Program Outcomes: CO1 5. Describe a disaster Discussion
recovery
PO1: Identify, select and apply
-
scenario  Information Case-study
appropriate knowledge of computing, assurance report/analysis
science and mathematics in solving analysis model
computing problems. 2
 Disaster
PO2: Understand,
recovery
apply and
integrate best
practices and
-
standards in
solving
computing
p
r
o
b
l
e
m
s

b
y

e
v
a
l
u
a
t
i
n
g

t
h
e
i
r

a
p
p
l
i
c
a
t
i
o
n
s
 UNIVERSITY OF SCIENCE AND TECHNOLOGY Document Code No.
FM-USTP-ACAD-01
OF SOUTHERN PHILIPPINES
Rev. No. Effective Date Page No.
Alubijid | Cagayan de Oro | Claveria | Jasaan | Oroquieta | Panaon 01 05.01.19 3 of 8

6. Identify the Cryptography - online self-

PO3: Work collaboratively among difference Principles of - Lecture/seminar assessment
members of the team to analyze between Information test
complex problems by applying symmetric and Security 4th - Interactive
analytical and quantitative Week5 asymmetric Edition
CO2, Activities
reasoning; and define the -7 cryptosystems,
12 hrs - online chapter
computing requirements e.g., number of Security Quiz
- Basic
appropriate to its solution. keys required, Engineering:
Java/C++/p
the types of A Guide to ython
PO4: Communicate effectively algorithms used Building Program - hands-on/
with users to identify their needs Dependable
practical
and apply critical and creative 7. Explain what is Distributed
- Basic assessment 1
thinking skills to do analysis and meant by Systems
Encryption (basic Encryption)
take them into account in the integrity, Authentication 2nd Edition
Program
selection, creation, evaluation and confidentiality,
administration of computer-based and
systems. - hands-on/
authentication - group activities practical
assessment 2
- module quizzes (Basic Decryption)

Test
PO5: Creatively design, implement
2 hrs Prelim Exam Questionnaire
and evaluate using different 8. Explain how public - online self-
computer-based systems, key infrastructure Lecture assessment
processes, components, or works Slides - Lecture/ seminar test
programs to meet desired needs and
requirements under various Videos: - online chapter
- Interactive
constraints quiz
Activities
PO6: Properly integrate IT-based 9. Identify risks  Auditing
solutions using various methods, Wk 8-9 -hands-on/
associated with practical
policies and processes into the user 12 hrs CO3
disasters and  Cost/benefit assessment3
environment effectively. disruptions and analysis
-Brute force (Ceasar
specify key Cipher)
mitigation program/
PO7: Apply and demonstrate Algorithm
knowledge through the use of strategies -hands-on/
current techniques, skills, tools, practical
methods, theory and practices assessment4
necessary for the IT profession with (Brute force)
diversity and multicultural
competencies to promote equity
and social justice in the community.
 - hands-on/
practical
10. Identify the types  Asset assessment5
of company management (Out of the
assets to be box
protected by a  Legal Issues Encryption
security plan. software
ex.MD5)

Week 9
5 hrs
MIDTER
M
EXAMINATION
 UNIVERSITY OF SCIENCE AND TECHNOLOGY Document Code No.
FM-USTP-ACAD-01
OF SOUTHERN PHILIPPINES
Rev. No. Effective Date Page No.
Alubijid | Cagayan de Oro | Claveria | Jasaan | Oroquieta | Panaon 01 05.01.19 4 of 8

PO8: Function effectively as an

individual and as a member
or leader in diverse teams and Principles of Lecture/ seminar - online self-
in multidisciplinary settings 11. Specify the key Information assessment
by developing and aspects of Security 4th Interactive questionaire
contributing positively to the physical site Edition Activities
accomplishment of team goals security
through collaborative process, - online chapter
Security Quiz
developing and practicing effective 12. Describe the Engineering: A - module quizzes
interpersonal skills purpose and Guide to - hands-on/
elements of the Building practical
PO9: Assist in the creation of key types of Dependable
an effective IT Project Plan Case study assessment
security audits. Distributed
by evaluates as individual and Systems 2nd
team’s values and sense of Case study
13. Discuss the Edition report/analysis4
responsibility through participation importance of
in a range of learning contexts. utilizing
Week
10-14 standards and Case study
PO10: Communicate effectively in CO4 key standard
English (and as much as 23 hrs report/analysis5
processes
possible using local language and currently utilized
Filipino) with the computing in information
community and with society at assurance and
large about complex computing their areas of
activities through interviewing, relevance.
logical and ethical writing,
presentations, and clear
instructions

PO11: Able to work

collaboratively and respectfully
as members and leaders of
diverse teams and
communities in analyzing,
understanding, and assessing
societal issues and act
responsibly in making design and Test
implement decisions considering 2 hrs Semi-Finals Questionnair
the result of the
e
research relevant to the local
14. Describe the Lecture/ seminar -online self-
and
global impact on computing
importance of Enforcement Interactive Assessment
information technology on Activities
and the key Information Lecture
the Filipino culture,
elements Slides - final case
individuals, organizations, and
involved in module quizzes study/analysis
society.
incident tracking Assurance analysis
Week to develop an model
PO12: Understand professional, 15-17
ethical, legal, security and social CO4 incident handling
issues and responsibilities in the and reporting
18 hrs process Business impact
utilization of information
technology. analysis report

15. Create a business

impact analysis
report that
itemizes costs
associated with
incidents

Week FINAL
18 EXAMINATIO
N
PO13: Apply professional, ethical, IV. Course Requirements:
legal, security and social issuesand
responsibilities in the utilization of 1. Class standing (attendance, participation, etc.) policy:
information technology. (a) Expected classroom behavior (may want to develop this with the students, e.g., What guidelines m are appropriate
Understand, assess societal, health,
safety, legal, and cultural
for behavior and participation in a large class
issues within local and global  Students must come to class on time.
contexts, and the  Strict observance of deadlines.
consequential responsibilities  Class participation is encouraged.
relevant to professional  Observe proper courtesy.
computing practice
(b) Ground Rules for participation in discussions or activities.
PO14: Participate in generation of  Only one student may talk at a time.
new knowledge or in research and  Must follow instructions for every activity given.
development projects aligned to  For group activity, each member must participate accordingly.
local and national development
agenda or goals 2. Course Readings/Materials:
(a) Titles, authors, and editions of textbooks and other materials, required and recommended
PO15: Graduates are able to apply
and demonstrate sufficient
expertise in the field of Information 1. Security Engineering: A Guide to Building Dependable
Technology with the end view Distributed Systems 2nd Edition
of contributing to the local Ross J. Anderson
and national economy. ISBN - 13: 9780471389224 Copyright 2008

2. Principles of Information Security 4th Edition

Michael E. Whitman and Herbert J. Mattord
ISBN - 13: 9781111138219 Copyright 2012
 UNIVERSITY OF SCIENCE AND TECHNOLOGY Document Code No.
FM-USTP-ACAD-01
OF SOUTHERN PHILIPPINES
Rev. No. Effective Date Page No.
Alubijid | Cagayan de Oro | Claveria | Jasaan | Oroquieta | Panaon 01 05.01.19 6 of 8

Code Descriptor
I Introductory Course
E Enabling Course (b) Supplies needed (calculators, software, workbooks, disks, CDs, lab supplies, art supplies, etc.)
Demonstrative  Javascript/Type Scripting Software
D Course
Code Definition  C/C++ Programming Software
 Python Programming Software IDE
An introductory  Java Programming (JCreator, NetBeans)
I course to an outcome
 Operating System(Windows, Linux, etc)
A course that (c) URLs for online resources
E strengthens the  https://www.cl.cam.ac.uk/~rja14/book.html (down loadable ebook)
outcome  https://www.booksfree.org/principle-of-information-security-fourth-edition-by-michael-e-whitman-pdf/
A course  https://www.springboard.com/blog/cryptography-basics-the-ins-and-outs-of-encryption/
D demonstrating an  https://www.pearsonitcertification.com/articles/article.aspx?p=1680706
outcome
3. Assignments, Assessment, and Evaluation
(a) Policy concerning homework (grading, posting, late policy, etc.)
Students may share ideas as they work on their assignments but the submitted assignments must be their own work.
(b) Policy concerning make-up exams
No special examination is given unless a student has valid reasons stipulated in the Student Handbook Article 3: Excused
Absences.
(c) Policy concerning late assignments/requirements
 Assignments: no assignment for a particular date, will have a grade of zero (0).
 Projects: late submission of projects will have a corresponding consequence. There will be a deduction of
points for every day that the project submission will be late.
 (d) Preliminary information on term papers or projects, with due dates
 Projects for midterm and finals are given ahead of time along with its corresponding due dates, rubrics, and
other requirements for the completion of the projects.
 Non-submission of projects does not mean you

(e) List of assignments that will impact the final grade and % weight given each
 Portfolio: grade will be part of the PIT.
(f) Description in detail ofgrading processes and criteria (how many quizzes, tests, papers; weighting of each; amount of
homework, etc.) or the GRADING POLICY

Grading System

Lecture Grade (67%)

Performance Item/Criteria %

Class Performance Item 10%

Quizzes (All quizzes, prelim and pre-final exams) 40%

Major Exams (i.e, Midterm and Final Exams) 30%

Performance Innovative Task / Project 20%

TOTAL 100%

Laboratory Grade (33%)

Performance Item/Criteria %

Laboratory Exercises/Reports 30%

 Laboratory Major Exam 40%

Hands on Exercises 30%

TOTAL 100%

Term/Periodic Grade = 67% Lecture Grade + 33% Laboratory Grade

Options:

FINAL GRADE (FG) = 1/3 Midterm Grade (MTG)+ 2/3 Final Term Grade (FTG)

FINAL GRADE (FG) = 1/2 Midterm Grade (MTG)+ 1/2 Final Term Grade (FTG)
(Passing Percentage is 70%)
Ex. In a 10-item quiz, obtaining 7 points would be equivalent to a passing score.
Disclaimer:
Everyattemptismadetoprovideacompletesy labusthatprovidesanaccurateoverviewofthesubject.However,circumstancesandeventsmakeitnecessaryfortheinstructortomodifythesy labus duringthesemester.This
maydepend,inpart,ontheprogress,needs,andexperiencesofthestudent.

Prepared by:
Recommending Approval: Approved by:

JAY NOEL N. ROJO

Instructor
ENGR. MARICEL A. ESCLAMADO, MIT DR. JOCELYN B. BARBOSA
Chairperson, Dept. of Information Technology Dean, CITC
CHERRY B. SENIEL
Instructor

ULRICH LEE UY
Instructor