Please enable JavaScript to view this page.

Information Security

CST 266

Information Security

CST 266

Course Description

Prerequisites: Prerequisites: CST 164 and one of the following: CST 262, 263 or 265.

Analyzes, designs, defines, and troubleshoots security policies and procedures to maintain information integrity, confidentiality and availability. (60-0)

Outcomes and Objectives

Describe network security abilities.

Objectives:

  • Implement security configuration parameters on network devices and other technologies.
  • Given a scenario, use secure network administration principles.
  • Explain network design elements and components.
  • Given a scenario, implement common protocols and services.
  • Given a scenario, troubleshoot security issues related to wireless networking.

Illustrate compliance and operational security practices in a network environment.

Objectives:

  • Explain the importance of risk related concepts.
  • Summarize the security implications of integrating systems and data with third parties.
  • Given a scenario, implement appropriate risk mitigation strategies.
  • Given a scenario, implement basic forensic procedures.
  • Summarize common incident response procedures.
  • Explain the importance of security related awareness training.
  • Compare and contrast physical security and environmental controls.
  • Summarize risk management practices.
  • Given a scenario, select the appropriate control to meet the goals of security.

Explain threat and vulnerability awareness in a network environment.

Objectives:

  • Explain types of malware.
  • Summarize various types of attacks.
  • Summarize social engineering attacks and the associated effectiveness with each attack.
  • Explain types of wireless attacks.
  • Explain types of application attacks.
  • analyze a scenario and select the appropriate type of mitigation and deterrent techniques.
  • Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities.
  • Explain the proper use of penetration testing versus vulnerability scanning.

Describe application, data, and host security.

Objectives:

  • Explain the importance of application security and controls and techniques.
  • Summarize mobile security concepts and technologies.
  • Given a scenario, select the appropriate solution to establish host security.
  • Implement the appropriate controls to ensure data security.
  • Compare and contrast alternative methods to mitigate security risks in static environments.

Use access control and identity management functions.

Objectives:

  • Compare and contrast the function and purpose of authentication services.
  • Given a scenario, select the appropriate authentication, authorization or access control.
  • Install and configure security controls when performing account management.

Use cryptography in a network security system.

Objectives:

  • Given a scenario, utilize cryptography concepts.
  • Given a scenario, use appropriate cryptographic methods.
  • Given a scenario, use appropriate PKI, certificate management and associated components.