ISDA 120-10
Information Security
Spring 2022 Syllabus
Dr. David J. Meske
E-mail
Office Hours: Virtual office hours. Telephone and in-person advising by appointment
| Syllabus Links Textbooks CLOs Program Learning Outcomes (PLOs) |
Resources Canvas Login and Tutorials iSchool eBookstore |
Canvas Information: Courses will be available beginning January 26, 2022, at 6 am PT unless you are taking an intensive or a one-unit or two-unit class that starts on a different day. In that case, the class will open on the first day that the class meets.
You will be enrolled in the Canvas site automatically.
Course Description
Topics include compliance and operational security, psychological approaches to social engineering attacks, Web application attacks, penetration testing, data loss prevention, cloud computing security, application programming development security, firewalls, and intrusion detection systems.
Assignments
This schedule and related dates/readings/assignments is tentative and subject to change with fair notice. Any changes will be announced in due time in class and on the course’s website in the Canvas Learning Management System. The students are obliged to consult the most updated and detailed version of the reading material and syllabus, which will be posted on the course’s website.
Detailed information on assignments, including the research paper grading rubric, will be provided on the course Canvas site.
Quizzes (15% of grade)
Chapter comprehension quizzes will be due weekly covering content found in each chapter. Quiz questions will include multiple-choice, true/false, and content matching questions. CLO #1-7
Discussion Board Participation (15% of grade)
There will be various thought-provoking discussion board posts that students will have to post an initial opinion on based on material learned in the module. Initial posts should include a thoughtful analysis of the question and utilize supportive material from the module to support their position. CLO #1-7
Midterm (20% of grade)
A midterm exam will be administered prior to the spring recess to evaluate the student's knowledge of information security threats and vulnerabilities that affect organizations today. The midterm exam will also evaluate students' knowledge of access controls, business continuity, security operations, and risk management. The exam will be administered using questions requiring essay-style answers. CLO #1, CLO #2, CLO #3.
Project (25% of grade)
A research-based project will be required for this course. The project will be centered around creating a business continuity plan for a fictitious organization. Students will utilize the information learned throughout the course to research, evaluate, analyze, and write a business continuity plan. CLO #1, CLO #3, CLO #4, CLO #5, CLO #6, CLO #7
Final Exam (25% of grade)
A final exam will be administered at the end of the semester to evaluate the student's knowledge of cryptography, computer networks, the anatomy of an information security attack as well as common information security standards. The exam will be administered using a combination of multiple-choice questions as well as those requiring essay-style answers. CLO #4, CLO #5, CLO #6, CLO #7
Course Calendar
| Module/Dates | Topic | Assignments |
| 1 (Jan 26- 30) | Introductions, Course Overview | N/A |
| 2 (Jan 31-Feb 6) | Information Systems Security Overview |
Chapter 1 Quiz (due 2/6/22) Discussion Board Response (due 2/6/22) |
| 3 (Feb 7-13) | The Internet of Things |
Chapter 2 Quiz (due 2/13/22) Discussion Board Response (due 2/13/22) |
| 4 (Feb 14-20) | Malicious Attacks, Threats, and Vulnerabilities |
Chapter 3 Quiz (due 2/20/22) Discussion Board Response (due 2/20/22) |
| 5 (Feb 21-27) | The Drivers of the Information Security Business |
Chapter 4 Quiz (due 2/27/22) Discussion Board Response (due 2/27/22) |
| 6 (Feb 28 - Mar 6) | Access Controls |
Chapter 5 Quiz (due 3/6/22) Discussion Board Response (due 3/6/22) |
| 7 (Mar 7-13) | Security Operations and Administration | Chapter 6 Quiz (due 3/13/22) |
| 8 (Mar 14-20) | Auditing, Testing, and Monitoring | Chapter 7 Quiz (due 3/20/22) |
| 9 (Mar 21-27) | Risk, Response, and Recovery |
Chapter 8 Quiz (due 3/27/22) Midterm (due 3/27/22) |
| 10 (Mar 28-Apr 3) | Spring Recess – No classes March 28th – April 2nd. Cesar Chavez Day March 31st. | N/A |
| 11 (Apr 4-10) | Cryptography | Chapter 9 Quiz (due 4/10/22) |
| 12 (Apr 11-17) | Networks and Telecommunications | Chapter 10 Quiz (due 4/17/22) |
| 13 (Apr 18-24) | Malicious Code and Activity |
Chapter 11 Quiz (due 4/24/22) Project Draft (due 4/24/22) |
| 14 (Apr 25-May 1) | Information Security Standards | Chapter 12 Quiz (due 5/1/22) |
| 15 (May 2-8) | U.S. Compliance Laws | Chapter 15 Quiz (due 5/8/22) |
| 16 (May 9-16) | Final Exam Preparation |
Final Exam (due 5/16/22) Project Final Draft (due 5/16/22) |
Course Workload Expectations
Success in this course is based on the expectation that students will spend, for each unit of credit, a minimum of forty-five hours over the length of the course (normally 3 hours per unit per week with 1 of the hours used for lecture) for instruction or preparation/studying or course related activities including but not limited to internships, labs, clinical practica. Other course structures will have equivalent workload expectations as described in the syllabus.
Instructional time may include but is not limited to:
Working on posted modules or lessons prepared by the instructor; discussion forum interactions with the instructor and/or other students; making presentations and getting feedback from the instructor; attending office hours or other synchronous sessions with the instructor.
Student time outside of class:
In any seven-day period, a student is expected to be academically engaged through submitting an academic assignment; taking an exam or an interactive tutorial, or computer-assisted instruction; building websites, blogs, databases, social media presentations; attending a study group;contributing to an academic online discussion; writing papers; reading articles; conducting research; engaging in small group work.
Course Prerequisites
ISDA 120 has no prequisite requirements.
Course Learning Outcomes
Upon successful completion of the course, students will be able to:
- Identify and explain common information security threats faced today.
- Identify and explain the foundational theory behind information security.
- Identify and explain the basic principles and techniques when designing a secure system.
- Develop techniques to think in an adversarial way.
- Describe how today&$39;s attacks and defenses work in practice.
- Form strategies to assess threat significance.
- Articulate the protections and limitations provided by today's technology.
- Information Science and Data Analytics SLO 6: Demonstrate an understanding of the fundamentals of network security, compliance, and risk mitigation by evaluating and applying appropriate technical, information assurance, ethics, and privacy solutions to specific security problems.
SLOs & PLOs
ISDA 120 supports:
- SLO 6 supports the following Information and Data Science Program Learning Outcomes (PLOs):
- PLO 3: Demonstrate an understanding of professional and ethical responsibility in data ownership, security, sensitivity of data, and consequences and privacy concerns of data analysis.
Textbooks
Required Textbooks:
- Kim, D., & Solomon, M.G. (2018). Fundamentals of information systems security (3rd ed.). Jones & Bartlett Learning. Available through Amazon: 128411645X
Grading Scale
The standard SJSU School of Information Grading Scale is utilized for all iSchool courses:
| 97 to 100 | A |
| 94 to 96 | A minus |
| 91 to 93 | B plus |
| 88 to 90 | B |
| 85 to 87 | B minus |
| 82 to 84 | C plus |
| 79 to 81 | C |
| 76 to 78 | C minus |
| 73 to 75 | D plus |
| 70 to 72 | D |
| 67 to 69 | D minus |
| Below 67 | F |
In order to provide consistent guidelines for assessment for graduate level work in the School, these terms are applied to letter grades:
- C represents Adequate work; a grade of "C" counts for credit for the course;
- B represents Good work; a grade of "B" clearly meets the standards for graduate level work or undergraduate (for BS-ISDA);
For core courses in the MLIS program (not MARA, Informatics, BS-ISDA) — INFO 200, INFO 202, INFO 204 — the iSchool requires that students earn a B in the course. If the grade is less than B (B- or lower) after the first attempt you will be placed on administrative probation. You must repeat the class if you wish to stay in the program. If - on the second attempt - you do not pass the class with a grade of B or better (not B- but B) you will be disqualified. - A represents Exceptional work; a grade of "A" will be assigned for outstanding work only.
Graduate Students are advised that it is their responsibility to maintain a 3.0 Grade Point Average (GPA). Undergraduates must maintain a 2.0 Grade Point Average (GPA).
University Policies
Per University Policy S16-9, university-wide policy information relevant to all courses, such as academic integrity, accommodations, etc. will be available on Office of Graduate and Undergraduate Programs' Syllabus Information web page at: https://www.sjsu.edu/curriculum/courses/syllabus-info.php. Make sure to visit this page, review and be familiar with these university policies and resources.
In order to request an accommodation in a class please contact the Accessible Education Center and register via the MyAEC portal.
Download Adobe Acrobat Reader to access PDF files.
More accessibility resources.