Computer Science (COMP)
Provides background of topics that are necessary to the foundation of Information System security. Topics covered are the NIST Security Framework, security and risk management; asset security; security engineering; communications and network security; identity & access management; security assessment and testing; recovery and business continuity planning and implementation; security operations; and software development security.
Investigates ways in which attackers can infiltrate systems to obtain secured data, including stealing an identity, using an IP address to gather information through port scanning, sniffing and attacking password files. Covers worms, viruses and the tools used to attack systems. Also covered will be countermeasures to protect sensitive information, including firewalls, authentication measures, encryption methodologies, biometric devices and hardening of system installations. Laboratory work will be accomplished with use of online resources.
Provides a foundation in conducting a computer forensics investigation. Covers issues of digital evidence preservation and evaluation; also covers the steps involved in data acquisition; explores the use of various forensic tools; reviews the recovering of deleted and partial files, methodology for network investigations, email investigations, and cell phone and mobile devise forensics. Analysis of hard disks, file systems, and removable storage media will be covered.
Develops the skills necessary to assist organizations in securing their online presence. Hands-on ethical (white hat) hacking, penetration testing, detection of intrusion attempts, and the application of tools and technologies (open source and freeware) are covered in this course. Students will be able to assess the results of their testing to determine steps to be taken to lock down a network. Laboratory work will be accomplished with use of online resources.