Dec 18, 2024  
2022 - 2023 Catalog 
    
2022 - 2023 Catalog [ARCHIVED CATALOG]

Add to Portfolio (opens a new window)

CST 266 - Information Security

Credits: 4
Instructional Contact Hours: 4

Covers network security, compliance and operation security, threats and vulnerabilities, as well as, application data and host security.  Also included are access control, identity management and cryptography.

Prerequisite(s): CST 152 , CST 153 , and CST 163  
Corequisite(s): None
Lecture Hours: 60 Lab Hours: 0
Pass/NoCredit: Yes

Outcomes and Objectives  

  1. Describe network security abilities.
    1. Implement security configuration parameters on network devices and other technologies.
    2. Given a scenario, use secure network administration principles.
    3. Explain network design elements and components.
    4. Given a scenario, implement common protocols and services.
    5. Given a scenario, troubleshoot security issues related to wireless networking.
  2. Illustrate compliance and operational security practices in a network environment.
    1. Explain the importance of risk related concepts.
    2. Summarize the security implications of integrating systems and data with third parties.
    3. Given a scenario, implement appropriate risk mitigation strategies.
    4. Given a scenario, implement basic forensic procedures.
    5. Summarize common incident response procedures.
    6. Explain the importance of security related awareness training.
    7. Compare and contrast physical security and environmental controls.
    8. Summarize risk management practices.
    9. Given a scenario, select the appropriate control to meet the goals of security.
  3. Explain threat and vulnerability awareness in a network environment.
    1. Explain types of malware.
    2. Summarize various types of attacks.
    3. Summarize social engineering attacks and the associated effectiveness with each attack.
    4. Explain types of wireless attacks.
    5. Explain types of application attacks.
    6. analyze a scenario and select the appropriate type of mitigation and deterrent techniques.
    7. Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities.
    8. Explain the proper use of penetration testing versus vulnerability scanning.
  4. Describe application, data, and host security.
    1. Explain the importance of application security and controls and techniques.
    2. Summarize mobile security concepts and technologies.
    3. Given a scenario, select the appropriate solution to establish host security.
    4. Implement the appropriate controls to ensure data security.
    5. Compare and contrast alternative methods to mitigate security risks in static environments.
  5. Use access control and identity management functions.
    1. Compare and contrast the function and purpose of authentication services.
    2. Given a scenario, select the appropriate authentication, authorization or access control.
    3. Install and configure security controls when performing account management.
  6. Use cryptography in a network security system.
    1. Given a scenario, utilize cryptography concepts.
    2. Given a scenario, use appropriate cryptographic methods.
    3. Given a scenario, use appropriate PKI, certificate management and associated components.



Add to Portfolio (opens a new window)