IT Security and Compliance
This course covers key bodies of knowledge and specializations in security, privacy, and compliance associated with enterprise information systems. The course explores the management of various technologies in emerging areas of information assurance including computer and network security, digital forensics, cryptography, and biometrics. Course concepts include cost/risk tradeoffs; technical, physical, and administrative methods of providing security and compliance; current privacy legislation; and technical means of providing privacy and IT compliance.
At the end of the course, students will be able to:
Describe threats to information security, and identify methods, tools and techniques for combating these threats.
Identify types of attacks and problems that occur when systems are not properly protected.
Explain integral parts of effective information security practices.
Identify and discuss issues related to access control.
Describe the need for, and development of, information security policies, and identify guidelines and models for writing policies.
Define risk management and assess its importance as a component of information security strategy and practice.
Describe types of contingency plans and the steps involved in developing them.
Identify security issues related to personnel decisions and the qualifications of security personnel.