Dec 21, 2024  
2017-2018 
    
2017-2018 [ARCHIVED CATALOG]

Add to Portfolio (opens a new window)

CST 266 - Information Security

Credits: 4
Covers network security, compliance and operation security, threats and vulnerabilities, as well as, application data and host security.  Also included are access control, identity management and cryptography.

Prerequisite(s): CST 164  and one of the following: CST 262 , CST 263  or CST 265 .
Corequisite(s): None
Lecture Hours: 60 Lab Hours: 0
Meets MTA Requirement: None
Pass/NoCredit: Yes

Outcomes and Objectives
  1. Describe network security abilities.
    1. Implement security configuration parameters on network devices and other technologies.
    2. Given a scenario, use secure network administration principles.
    3. Explain network design elements and components.
    4. Given a scenario, implement common protocols and services.
    5. Given a scenario, troubleshoot security issues related to wireless networking.
  2. Illustrate compliance and operational security practices in a network environment.
    1. Explain the importance of risk related concepts.
    2. Summarize the security implications of integrating systems and data with third parties.
    3. Given a scenario, implement appropriate risk mitigation strategies.
    4. Given a scenario, implement basic forensic procedures.
    5. Summarize common incident response procedures.
    6. Explain the importance of security related awareness training.
    7. Compare and contrast physical security and environmental controls.
    8. Summarize risk management practices.
    9. Given a scenario, select the appropriate control to meet the goals of security.
  3. Explain threat and vulnerability awareness in a network environment.
    1. Explain types of malware.
    2. Summarize various types of attacks.
    3. Summarize social engineering attacks and the associated effectiveness with each attack.
    4. Explain types of wireless attacks.
    5. Explain types of application attacks.
    6. analyze a scenario and select the appropriate type of mitigation and deterrent techniques.
    7. Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities.
    8. Explain the proper use of penetration testing versus vulnerability scanning.
  4. Describe application, data, and host security.
    1. Explain the importance of application security and controls and techniques.
    2. Summarize mobile security concepts and technologies.
    3. Given a scenario, select the appropriate solution to establish host security.
    4. Implement the appropriate controls to ensure data security.
    5. Compare and contrast alternative methods to mitigate security risks in static environments.
  5. Use access control and identity management functions.
    1. Compare and contrast the function and purpose of authentication services.
    2. Given a scenario, select the appropriate authentication, authorization or access control.
    3. Install and configure security controls when performing account management.
  6. Use cryptography in a network security system.
    1. Given a scenario, utilize cryptography concepts.
    2. Given a scenario, use appropriate cryptographic methods.
    3. Given a scenario, use appropriate PKI, certificate management and associated components.



Add to Portfolio (opens a new window)