INSE 405 Internet Security
The Internet enables communication over vast distances and allows us to share ideas in ways we couldn’t before. From e-commerce to the arts and mass media, the Internet has become an invaluable resource for collaboration. With this unprecedented opportunity comes new risks to our privacy and security. This class provides an overview of the risks, vulnerabilities, and threats exposed by the Internet and its applications. It provides mitigations to both infrastructure and applications that rely on the Internet for their function. Specific focus on web application data and computer security is provided.
Cross Listed Courses
None
Prerequisite
All Technology Core courses
Corequisite
None
Washington Technology University
Syllabus
INSE 405 : Internet Security
5 Credits
Approved: 3/10/2021 9:36:46 PM
Course Description
The Internet enables communication over vast distances and allows us to share ideas in ways we couldn’t before. From e-commerce to the arts and mass media, the Internet has become an invaluable resource for collaboration. With this unprecedented opportunity comes new risks to our privacy and security. This class provides an overview of the risks, vulnerabilities, and threats exposed by the Internet and its applications. It provides mitigations to both infrastructure and applications that rely on the Internet for their function. Specific focus on web application data and computer security is provided.
Course Required Resources
- Harwood, M. (2016). Internet Security: How to Defend Against Attackers on the Web. Burlington, Massachusetts: Jones & Bartlett Learning.
- Samani, R., Honan, B., Reavis, J., In Jirasek, V., & CSA (Organization),. (2015). CSA guide to cloud computing: Implementing cloud privacy and security.
Course Outcomes
Describe the nature of highly available and secure Web site hosting
Discuss the process of social engineering and explain threats that exist when connecting to the Internet
Understand the role of cloud computing, and list the reasons why cloud computing is not secure
Understand Web applications and best practices for mitigating Web application vulnerabilities
Understand various Web site attacks
Demonstrate the use of Web site monitoring and assessment tools for Web site vulnerability
Course Keywords
Auditing, Client-server, Cloud computing, HTML, HTTP, Packet switching, Virtualization, VPN, Clickjacking, Malware, Pretexting, Ransomware, Social Engineering, Advanced Encryption Standard (AES), Digital Certificate, JavaScript, Web application, Vulnerability management, PCI, Resource pooling, Elasticity, Private Cloud, IaaS, PaaS, SaaS, STARS, Service level agreements, Integration testing, Security testing, Stress testing, Security assessment, Nmap, OS fingerprint, Nessus, Vulnerability assessment, Web server application, Data leakage, Client-side injection, VoIP, Active server pages (ASP), Business intelligence, Deep web, Computer incident response team, Common Vulnerabilities and exposures (CVE) List, Honeypot, Cloud threat landscape, Notorious nine, Provider vulnerability, Malicious insiders, CSA framework, ISO/IEC 27001, FISMA, FedRAMP
Assignment Summary
25% Project – Social Media Attack Analysis and PII Assessment
In this project, students will analyze a given web incident as well as follow a procedure to identify risks in an website. Finally, students will also lock down a website to prevent it from attack. In this project students will analyze risks, threats and vulnerabilities to a hypothetical information systems environment. Students will then apply countermeasures and audit the system once the countermeasures are in place. The project will be divided into four parts. In the first part of, students will assess areas vulnerable for attack for a system employed by the hypothetical company. In the second part students will create a detailed plan to conduct a gap analysis and perform a risk assessment. In the third section of the project the students will harden a representative system and perform an audit. In the last section, students will reflect on the project and record their lessons learned.
25% Instructor Determined Assignments, Collaboration and Participation (attendance and online activities)
The instructor will evaluate participation in the course and in online discussions. The instructor may also include other assignments. The instructor-determined assignments and discussions will be distributed and evaluated such that the total point value reflects the weighting given in the rubrics. The instructor will provide the grading criteria, rubrics, and directions for completing these assignments.
25% Mid Term Exam
Students should be prepared to answer a variety of types of questions pertinent to the concepts covered in or suggested by the course materials, assignments and activities. The instructor may provide additional information about the content, style, and grading criteria of this exam. The test will cover all concepts covered since the first day of class.
25% Final Exam
Students should be prepared to answer a variety of types of questions pertinent to the concepts covered in or suggested by the course materials, assignments and activities. The instructor may provide additional information about the content, style, and grading criteria of this exam. The exam will be limited to concepts covered since the mid-term.