ISDA 120-10
Information Security
Spring 2022 Syllabus

Dr. David J. Meske
E-mail
Office Hours: Virtual office hours. Telephone and in-person advising by appointment


Syllabus Links
Textbooks
CLOs
Program Learning Outcomes (PLOs)
Resources
Canvas Login and Tutorials
iSchool eBookstore
 

Canvas Information: Courses will be available beginning January 26, 2022, at 6 am PT unless you are taking an intensive or a one-unit or two-unit class that starts on a different day. In that case, the class will open on the first day that the class meets.

You will be enrolled in the Canvas site automatically.

Course Description

Topics include compliance and operational security, psychological approaches to social engineering attacks, Web application attacks, penetration testing, data loss prevention, cloud computing security, application programming development security, firewalls, and intrusion detection systems.

Assignments

This schedule and related dates/readings/assignments is tentative and subject to change with fair notice. Any changes will be announced in due time in class and on the course’s website in the Canvas Learning Management System. The students are obliged to consult the most updated and detailed version of the reading material and syllabus, which will be posted on the course’s website.

Detailed information on assignments, including the research paper grading rubric, will be provided on the course Canvas site.

Quizzes (15% of grade)

Chapter comprehension quizzes will be due weekly covering content found in each chapter. Quiz questions will include multiple-choice, true/false, and content matching questions. CLO #1-7

Discussion Board Participation (15% of grade)

There will be various thought-provoking discussion board posts that students will have to post an initial opinion on based on material learned in the module. Initial posts should include a thoughtful analysis of the question and utilize supportive material from the module to support their position. CLO #1-7

Midterm (20% of grade)

A midterm exam will be administered prior to the spring recess to evaluate the student's knowledge of information security threats and vulnerabilities that affect organizations today. The midterm exam will also evaluate students' knowledge of access controls, business continuity, security operations, and risk management. The exam will be administered using questions requiring essay-style answers. CLO #1, CLO #2, CLO #3.

Project (25% of grade)

A research-based project will be required for this course. The project will be centered around creating a business continuity plan for a fictitious organization. Students will utilize the information learned throughout the course to research, evaluate, analyze, and write a business continuity plan. CLO #1, CLO #3, CLO #4, CLO #5, CLO #6, CLO #7

Final Exam (25% of grade)

A final exam will be administered at the end of the semester to evaluate the student's knowledge of cryptography, computer networks, the anatomy of an information security attack as well as common information security standards.  The exam will be administered using a combination of multiple-choice questions as well as those requiring essay-style answers. CLO #4, CLO #5, CLO #6, CLO #7

Course Calendar

Module/Dates Topic Assignments
1 (Jan 26- 30) Introductions, Course Overview N/A
2 (Jan 31-Feb 6) Information Systems Security Overview

Chapter 1 Quiz (due 2/6/22)

Discussion Board Response (due 2/6/22)

3 (Feb 7-13) The Internet of Things

Chapter 2 Quiz (due 2/13/22)

Discussion Board Response (due 2/13/22)
4 (Feb 14-20) Malicious Attacks, Threats, and Vulnerabilities

Chapter 3 Quiz (due 2/20/22)

Discussion Board Response (due 2/20/22)

5 (Feb 21-27) The Drivers of the Information Security Business

Chapter 4 Quiz (due 2/27/22)

Discussion Board Response (due 2/27/22)

6 (Feb 28 - Mar 6) Access Controls

Chapter 5 Quiz (due 3/6/22)

Discussion Board Response (due 3/6/22)
7 (Mar 7-13) Security Operations and Administration Chapter 6 Quiz (due 3/13/22)
8 (Mar 14-20) Auditing, Testing, and Monitoring Chapter 7 Quiz (due 3/20/22)
9 (Mar 21-27) Risk, Response, and Recovery

Chapter 8 Quiz (due 3/27/22)

Midterm (due 3/27/22)
10 (Mar 28-Apr 3) Spring Recess – No classes March 28th – April 2nd. Cesar Chavez Day March 31st. N/A
11 (Apr 4-10) Cryptography Chapter 9 Quiz (due 4/10/22)
12 (Apr 11-17) Networks and Telecommunications Chapter 10 Quiz (due 4/17/22)
13 (Apr 18-24) Malicious Code and Activity

Chapter 11 Quiz (due 4/24/22)

Project Draft (due 4/24/22)
14 (Apr 25-May 1) Information Security Standards Chapter 12 Quiz (due 5/1/22)
15 (May 2-8) U.S. Compliance Laws Chapter 15 Quiz (due 5/8/22)
16 (May 9-16) Final Exam Preparation

Final Exam (due 5/16/22)

Project Final Draft (due 5/16/22)

Course Workload Expectations

Success in this course is based on the expectation that students will spend, for each unit of credit, a minimum of forty-five hours over the length of the course (normally 3 hours per unit per week with 1 of the hours used for lecture) for instruction or preparation/studying or course related activities including but not limited to internships, labs, clinical practica. Other course structures will have equivalent workload expectations as described in the syllabus.

Instructional time may include but is not limited to:
Working on posted modules or lessons prepared by the instructor; discussion forum interactions with the instructor and/or other students; making presentations and getting feedback from the instructor; attending office hours or other synchronous sessions with the instructor.

Student time outside of class:
In any seven-day period, a student is expected to be academically engaged through submitting an academic assignment; taking an exam or an interactive tutorial, or computer-assisted instruction; building websites, blogs, databases, social media presentations; attending a study group;contributing to an academic online discussion; writing papers; reading articles; conducting research; engaging in small group work.

Course Prerequisites

ISDA 20C, ISDA 20D, and ISDA 111

Course Learning Outcomes

Upon successful completion of the course, students will be able to:

  1. Identify and explain common information security threats faced today.
  2. Identify and explain the foundational theory behind information security.
  3. Identify and explain the basic principles and techniques when designing a secure system.
  4. Develop techniques to think in an adversarial way.
  5. Describe how today&$39;s attacks and defenses work in practice.
  6. Form strategies to assess threat significance.
  7. Articulate the protections and limitations provided by today's technology.

    SLOs & PLOs

    ISDA 120 supports:

  1. Information Science and Data Analytics SLO 6: Demonstrate an understanding of the fundamentals of network security, compliance, and risk mitigation by evaluating and applying appropriate technical, information assurance, ethics, and privacy solutions to specific security problems.
  1. SLO 6 supports the following Information and Data Science Program Learning Outcomes (PLOs):

  2. PLO 3: Demonstrate an understanding of professional and ethical responsibility in data ownership, security, sensitivity of data, and consequences and privacy concerns of data analysis.

Textbooks

Required Textbooks:

  • Kim, D., & Solomon, M.G. (2018). Fundamentals of information systems security (3rd ed.). Jones & Bartlett Learning. Available through Amazon: 128411645Xarrow gif indicating link outside sjsu domain

Grading Scale

The standard SJSU School of Information Grading Scale is utilized for all iSchool courses:

97 to 100 A
94 to 96 A minus
91 to 93 B plus
88 to 90 B
85 to 87 B minus
82 to 84 C plus
79 to 81 C
76 to 78 C minus
73 to 75 D plus
70 to 72 D
67 to 69 D minus
Below 67 F

 

In order to provide consistent guidelines for assessment for graduate level work in the School, these terms are applied to letter grades:

  • C represents Adequate work; a grade of "C" counts for credit for the course;
  • B represents Good work; a grade of "B" clearly meets the standards for graduate level work or undergraduate (for BS-ISDA);
    For core courses in the MLIS program (not MARA, Informatics, BS-ISDA) — INFO 200, INFO 202, INFO 204 — the iSchool requires that students earn a B in the course. If the grade is less than B (B- or lower) after the first attempt you will be placed on administrative probation. You must repeat the class if you wish to stay in the program. If - on the second attempt - you do not pass the class with a grade of B or better (not B- but B) you will be disqualified.
  • A represents Exceptional work; a grade of "A" will be assigned for outstanding work only.

Graduate Students are advised that it is their responsibility to maintain a 3.0 Grade Point Average (GPA). Undergraduates must maintain a 2.0 Grade Point Average (GPA).

University Policies

Per University Policy S16-9, university-wide policy information relevant to all courses, such as academic integrity, accommodations, etc. will be available on Office of Graduate and Undergraduate Programs' Syllabus Information web page at: https://www.sjsu.edu/curriculum/courses/syllabus-info.php. Make sure to visit this page, review and be familiar with these university policies and resources.

In order to request an accommodation in a class please contact the Accessible Education Center and register via the MyAEC portal.

icon showing link leads to the PDF file viewer known as Acrobat Reader Download Adobe Acrobat Reader to access PDF files.

More accessibility resources.