CS3670 Secure Management of Systems

This course provides students with a security manager's view of the diverse management concerns associated with administering and operating an automated information system facility with minimized risk. Students will learn how to operate a computer facility securely, legally and efficiently, with emphasis on DOD policies. This course is one of a set of courses that can earn a student the Cyber Security Fundamentals academic certificate.

Prerequisite

CS3600

Lecture Hours

3

Lab Hours

2

Course Learning Outcomes

  • Describe the content and benefits of a Security Plan, and the available resources for developing such a plan.
  • Describe the issues associated with securing an Operating System, including its initial secure configuration, centralized management of configuration changes, password configuration issues, applying the Principle of Least Privilege, virtualization, and cloud computing.
  • Describe the issues of log management, the functionality available from logging software, and be able to configure a variant of syslog.
  • Describe the following tools, technologies and principles that can help maintain a secure enterprise network: NAT, imaging, integrity checkers, patching, configuration management, INFOCON.
  • Discuss the security issues behind personnel security, including hiring, training, certifying, and terminating employees.
  • Discuss how legal requirements affect the proper management of an enterprise network, to include the 4th Amendment of the Constitution and acts of Congress (e.g., Computer Fraud and Abuse Act, Electronic Communications Privacy Act, Stored Communications Act, Economic Espionage Acts).
  • Describe the principles and technologies that support the proper execution of a backup plan.
  • Describe the threats, vulnerabilities and security controls related to mobile devices.
  • Describe the basic physical controls for a computer room, including their advantages and disadvantages.