Republic of the Philippines

Mindanao State University

TAWI-TAWI COLLEGE OF TECHNOLOGY AND OCEANOGRAPHY
INSTITUTE OF INFORMATION AND COMMUNICATIONS TECHNOLOGY

VISION MISSION GOALS OBJECTIVES

A university in the Sulu Archipelago
renowned for Fisheries, Marine
and Environmental Sciences, and
other Disciplines
 PROVIDE relevant quality education especially to A premier Institute in ICT  To produce IT professionals who
the Muslims and other indigenous groups education and are equipped with lifelong
 PROMOTE environmental conservation and innovation in the knowledge and have strong desire
sustainable utilization of fisheries and marine Southernmost part of for leadership in their field of
resources the country specialization
 DEVELOP and transfer new knowledge and  To become involved in providing
innovative technology to the community timely and relevant solutions
 ENGAGE stakeholders in peace and socio-economic through ICT to assist in addressing
development endeavors concerns of the community
 To strengthen its advocacy for
green ICT for social transformation
and development

INSTRUCTOR’S INFORMATION
Name Al-kadra A. Antao Contact Number 09457740873
Email Address Kadrabanana1994@gmail.com Consultation Hours
COURSE INFORMATION
Course Code ITE185 Course Title Information Assurance and Security Credit Units 3
This course examines fundamentals of network security involved in creating and managing secure computer network environments. Both
Course Description hardware and software topics are considered, including authentication methods, remote access, network security architectures and devices,
cryptography, forensics and disaster recovery plans.

Course Requisites Course Schedule and Venue

COURSE OUTCOMES

Learning Outcomes
LO1. Grasping the security of the
different components of
information systems,
encryption techniques and
their applications in
security.
LO2. Analyze the issues in
managing the security of
Information Systems.
LO3. Analyze the risks and
vulnerabilities in systems.
LEARNING PLAN
Content/topic Learning strategies and Week Learning Resources Assessment Tools and
activities Methodologies
I. Course overview
II. Setting class expectations Week 1
III. Assigning of reading
materials
Introduction and overview of Principles of Long quiz
Information Assurance and Security Information
 Define information and Security, 4th Edition
computer security Michael E.
 Recount the history of Whitman – Ph. D.,
computer security, and CISM, CISSP \
explain how it evolved into Herbert J. Mattord
information security Class discussion – MBA, CISM, CISSP
Research Assignment Week 2
 Define key terms and critical .
concepts of information
security
 Enumerate the information
security roles of
professionals within an
organization
Denial of service (DOS) attacks Applied Long quiz
 Explain denial of service Information
(DOS) attacks Security
 Identify the major Week 3 Randy J Boyle
components used in a Class discussion
distributed denial of service Research Assignment
(DDOS) attack
Program Security Principles of Reaction paper about
 Explain how a computer Information the topic
virus works and what it does Security, 4th Edition
(sources of viruses) Michael E.
  Non malicious program Week 4 Whitman – Ph. D., Long quiz
errors and; Class discussion CISM, CISSP \
 kinds of malicious codes Research Assignment Herbert J. Mattord
Types of malicious codes – MBA, CISM, CISSP

Applied
Information
Security
Randy J Boyle

LO4. Determine the basic Operating System Security Principles of Long quiz
elements of encryption and  Models of operating system Information
their use in digital security Security, 4th Edition
signature and  Design and secure operating Week 5 Michael E.
authentication. systems Whitman – Ph. D.,
 Models of security CISM, CISSP \
 User authentication Class discussion Herbert J. Mattord
Research Assignment – MBA, CISM, CISSP

Applied
Information
Security
Randy J Boyle

LO5. Grasping basic IP and Web Threats in Network Applied Long quiz
security protocols.  What makes a network Information
vulnerable Security
 Threats precursors Randy J Boyle
 Message integrity threats / Week 6
Message confidentiality Class discussion Cryptography and
threats Research Assignment Network Security–
 Network security controls by A. Kahate–TMH.

LO6. Determine the various risk Database Security and Integrity Principles of Long quiz
mitigation strategy options.  Overview and policies for Information
database security Security, 4th Edition Reaction paper
 Models for database access Week 7-8 Michael E.
control Whitman – Ph. D.,
  Authorization techniques CISM, CISSP \
auditing control Herbert J. Mattord
Class discussion – MBA, CISM, CISSP
Research Assignment
Applied
Information
Security
Randy J Boyle

Security in
Computing–
(3rdEdition)
Charles P.Pfleeger,
Shari
LawrencePfleeger.
PHI.
Cryptography and
Network Security–
by A. Kahate–TMH.

Database Security and Integrity Principles of Long quiz

 Overview and policies for
database security
 Models for database access
control
 Authorization techniques
auditing control
Week 9-10
Class discussion
Research Assignment
Information
Security, 4th Edition Reaction paper
Michael E.
Whitman – Ph. D., Midterm examination
CISM, CISSP \
Herbert J. Mattord
– MBA, CISM, CISSP

Applied
Information
Security
Randy J Boyle

Security in
Computing–
(3rdEdition)
Charles P.Pfleeger,
Shari
LawrencePfleeger.
 PHI.
Cryptography and
Network Security–
by A. Kahate–TMH.

Legal, Privacy, and Ethical Issues in Ethics in

Computer Security information Long quiz
 Protecting program and technology
Data, Patents Trade secrets, Week 11 George W.
Copyrights Reynolds
 Computer Crime
Ethical Issues in Computer Class discussion Applied
Research Assignment Information
Security
Randy J Boyle

Security in
Computing–
(3rdEdition)
Charles P.Pfleeger,
Shari
LawrencePfleeger.
PHI.
Cryptography and
Network Security–
by A. Kahate–TMH.

Encryption Techniques Long quiz

 Block & stream encryption Applied
 Advance Encryption Week 12-13 Information
Class discussion Security
Standard
Research Assignment Randy J Boyle
Key distribution & random
number generation Cryptography and
Network Security–
by A. Kahate–TMH.

Threat Analysis Principles of Long quiz

 Define risk management, Information
 risk identification, and risk Security, 4th Edition
control Michael E.
 Describe how risk is Whitman – Ph. D.,
Week 14-15 CISM, CISSP \
identified and assessed
Herbert J. Mattord
 Assess risk based on – MBA, CISM, CISSP
probability of occurrence
and likely impact Class discussion Applied
 Explain the fundamental Research Assignment Information
aspects of documenting risk Security
Randy J Boyle
via the process of risk
assessment
Security in
 Describe the various risk Computing–
mitigation strategy options (3rdEdition)
 Identify the categories that Charles P.Pfleeger,
can be used to classify Shari
controls LawrencePfleeger.
PHI.
 Recognize the existing
Cryptography and
conceptual frameworks for Network Security–
evaluating risk controls and by A. Kahate–TMH.
formulate a cost benefit
analysis
 Describe how to maintain
and perpetuate risk controls

IP Web and Security Week 16 Principles of Final written

 Authentication protocols Class discussion Information examination
 IP security architecture Research Assignment Security, 4th Edition
 Secure electronic Michael E.
transactions Whitman – Ph. D.,
Web security considerations CISM, CISSP \
Herbert J. Mattord
– MBA, CISM, CISSP

Applied
Information
Security
 Randy J Boyle

Security in
Computing–
(3rdEdition)
Charles P.Pfleeger,
Shari
LawrencePfleeger.
PHI.
Cryptography and
Network Security–
by A. Kahate–TMH.

COURSE REQUIREMENTS AND POLICY

Course Requirements

1. Your instructor may or may not explicitly check attendance every day. How-ever, if you are caught exceeding your
Class Policy allowable cuts for the semester, you may be given a grade of 5.
2. In case you cut, it will be your responsibility to know the material covered for the day. The instructor reserves the right
to give unannounced quizzes or graded lab exercises at any time.
3. No makeup tests will be given unless you can present a medical certificate or an immediate member of your family
died. Make up tests will solely be on the teacher’s discretion.
4. Playing games is strictly prohibited during class hours. Web browsing and doing email are also prohibited, unless done
in connection with the current lecture or lab topic and allowed by the teacher.
5. Use of communication devices is prohibited during class hours. Please turn them off during class.
6. Class requirements are due during class hours, unless otherwise specified. Late submission will merit
deductions as specified by the teacher.
7. Cheating will not be tolerated. Cheating in any requirement will result in a minimum penalty of having a grade of 0 for
that requirement. Duplicated projects/lab exercises will merit penalties for both the student who copied and the
student from whom the work was copied.
8. Additional policies, with due consultation with the students, may be implemented by the teacher to adapt to the class
environment. Students are advised to be aware of such updates, and to ask their instructor if anything is unclear.
 GRADING SYSTEM TEXBOOK & SUPPLEMENTARY READINGS
th
Principles of Information Security, 4 Edition
Activity Weight in Michael E. Whitman – Ph. D., CISM, CISSP \ Herbert J. Mattord – MBA, CISM, CISSP
Final grade ISBN-13: 9781111138219

Applied Information Security

A. Overall participation in lecture and 40% Randy J Boyle
discussions, report presentation
ISBN-10: 0136122035
ISBN-13: 9780136122036

Publisher: Prentice Hall

B. Quizzes/Homework Assignments 30% Copyright: 2010
Format: Paper 300 pp
Published: 07/16/2009
C. Exams 30%
Overall 100% http://www.stlcc.edu/Student_Resources/Bookstores.html

Security in Computing–(3rdEdition) Charles P.Pfleeger, Shari LawrencePfleeger. PHI.

Cryptography and Network Security–by A. Kahate–TMH.

Prepared by: Checked by: Approved:

___________________________________________ ___________________________________________
Department Chairperson College Dean