|
|
JOHN CABOT UNIVERSITY
COURSE CODE: "MGT/CS 337"
COURSE NAME: "Cybersecurity and Data Privacy Management"
SEMESTER & YEAR:
Fall 2019
|
SYLLABUS
INSTRUCTOR:
Walter Arrighetti
EMAIL: [email protected]
HOURS:
MW 4:30-5:45 PM
TOTAL NO. OF CONTACT HOURS:
45
CREDITS:
3
PREREQUISITES:
OFFICE HOURS:
|
|
COURSE DESCRIPTION:
This course will introduce students to the key issues in Cybersecurity Management and Privacy and contribute to raising their awareness of related concerns. It will also cover the basics of Information Security, Business Continuity, and Risk Management. Students will be provided with fundamental knowledge of personal data protection, as well as confidentiality, integrity and availability of individuals’ and companies’ sensitive information and valuable assets. Classes will involve a mixture of lectures, seminar discussions, and in-class activities and labs. Each practical class will culminate in an assessed exercise.
|
SUMMARY OF COURSE CONTENT:
Course topics will include: Triads and principles in Information Security. Threats, vulnarabilities, risk, mitigation. Traditional vs Contemporary computing models (Cloud- and mobile-based). Cyberspace and Cybersecurity. Types of control mechanisms. Protecting your privacy and online content. Data Protection and Data Privacy: the European GDPR Regulation and the EU-US Privacy Shield. The eIDAS Regulation on electronic identification of citizens and ditial signatures. The European PSD3 Directive on electronic payment systems. The European Anti-Mony Laundering (AML) Directive. Principes of computer networks and their design (OSI layer, TCP/IP and the network stack; LAN, SAN, MAN, WAN, CDN types). Securing personal computers, mobile and IoT devices. Elements of Cryptography. EU laws concerning Security.
|
LEARNING OUTCOMES:
1. Increase individual awareness towards personal privacy concerns in the digital world;
2. Demonstrate knowledge and usage of basic Risk Management terminology;
3. Produce description of basic security controls as related to Network, Computer and Digital Identity;
4. Demonstrate knowledge of current threats, exposures and simplest mitigation tactics related to InfoSec.
5. Gain critical understanding of the main US and European norms regulating Cybersecurity and Privacy.
|
TEXTBOOK:
Book Title | Author | Publisher | ISBN number | Library Call Number | Comments | Format | Local Bookstore | Online Purchase |
Cyber Risk Management: Prioritize Threats, Identify Vulnerabilities and Apply Controls | Christopher Hodson | Kogan Page | 978-0749484125 | | | | | |
Wireshark for Security Professionals: Using Wireshark and the Metasploit Framework | Jessey Bullock | Wiley | 978-1118918210 | | | | | |
|
REQUIRED RESERVED READING:
Book Title | Author | Publisher | ISBN number | Library Call Number | Comments |
Cryptography and Network Security: Principles and Practice | W. Stallings | Prentice Hall | 978-0131873164 | | |
Cybersecurity – Attack and Defense Strategies: Infrastructure security with Red Team and Blue Team tactics | Yuri Diogenes, Erdal Ozkaya | Packt Publishing | 978-1788475297 | | |
RECOMMENDED RESERVED READING:
Book Title | Author | Publisher | ISBN number | Library Call Number | Comments |
Hacking: The Art of Exploitation, 2nd ed. | Jon Erickson | No Starch Press | 978-1593271442 | | |
|
GRADING POLICY
-ASSESSMENT METHODS:
Assignment | Guidelines | Weight |
Attendance and participation | | 20 |
Midterm exam | | 25 |
Final exam | | 40 |
In-class activities and lab exercices | | 15 |
-ASSESSMENT CRITERIA:
AWork of this quality directly addresses the question or problem raised and provides a coherent argument displaying an extensive knowledge of relevant information or content. This type of work demonstrates the ability to critically evaluate concepts and theory and has an element of novelty and originality. There is clear evidence of a significant amount of reading beyond that required for the course. BThis is highly competent level of performance and directly addresses the question or problem raised.There is a demonstration of some ability to critically evaluatetheory and concepts and relate them to practice. Discussions reflect the student’s own arguments and are not simply a repetition of standard lecture andreference material. The work does not suffer from any major errors or omissions and provides evidence of reading beyond the required assignments. CThis is an acceptable level of performance and provides answers that are clear but limited, reflecting the information offered in the lectures and reference readings. DThis level of performances demonstrates that the student lacks a coherent grasp of the material.Important information is omitted and irrelevant points included.In effect, the student has barely done enough to persuade the instructor that s/he should not fail. FThis work fails to show any knowledge or understanding of the issues raised in the question. Most of the material in the answer is irrelevant.
-ATTENDANCE REQUIREMENTS:
ATTENDANCE REQUIREMENTS AND EXAMINATION POLICY
You cannot make-up a major exam (midterm or final) without the permission of the Dean’s Office. The Dean’s Office will grant such permission only when the absence was caused by a serious impediment, such as a documented illness, hospitalization or death in the immediate family (in which you must attend the funeral) or other situations of similar gravity. Absences due to other meaningful conflicts, such as job interviews, family celebrations, travel difficulties, student misunderstandings or personal convenience, will not be excused. Students who will be absent from a major exam must notify the Dean’s Office prior to that exam. Absences from class due to the observance of a religious holiday will normally be excused. Individual students who will have to miss class to observe a religious holiday should notify the instructor by the end of the Add/Drop period to make prior arrangements for making up any work that will be missed.
|
|
ACADEMIC HONESTY
As stated in the university catalog, any student who commits an act of academic
dishonesty will receive a failing grade on the work in which the dishonesty occurred.
In addition, acts of academic dishonesty, irrespective of the weight of the assignment,
may result in the student receiving a failing grade in the course. Instances of
academic dishonesty will be reported to the Dean of Academic Affairs. A student
who is reported twice for academic dishonesty is subject to summary dismissal from
the University. In such a case, the Academic Council will then make a recommendation
to the President, who will make the final decision.
|
STUDENTS WITH LEARNING OR OTHER DISABILITIES
John Cabot University does not discriminate on the basis of disability or handicap.
Students with approved accommodations must inform their professors at the beginning
of the term. Please see the website for the complete policy.
|
|
SCHEDULE
|
|
|
Session | Session Focus | Reading Assignment | Other Assignment | Meeting Place/Exam Dates |
| | | | |
06 Dec 2018 | Week 14: Post-mortem on outstanding data breaches | | | |
04 Dec 2018 | | | | |
29 Nov 2018 | Week 13: GDPR Regulation, NIS Directive and more | | | |
27 Nov 2018 | | | | |
20 Nov 2018 | | | | |
15 Nov 2018 | | | | |
13 Nov 2018 | Weeks 11 & 12: Cryptography and applications to electronic signatures | | | |
09 Nov 2018 | | | | |
08 Nov 2018 | | | | |
06 Nov 2018 | | | | |
30 Oct 2018 | Weeks 9 & 10: Security for Cloud and the IoT | | | |
25 Oct 2018 | | | | |
23 Oct 2018 | Week 8: Administrative security and Governance | | | |
18 Oct 2018 | | Midterm exam | | |
16 Oct 2018 | | | | |
11 Oct 2018 | | | | |
09 Oct 2018 | | | | |
04 Oct 2018 | Weeks 6 & 7: Security controls | | | |
02 Oct 2018 | | | | |
27 Sep 2018 | | | | |
25 Sep 2018 | | | | |
21 Sep 2018 | Weeks 4 & 5: Computer and OS architectures | | | |
20 Sep 2018 | | | | |
18 Sep 2018 | Week 3: Boolean logic and Computer Science principles | | | |
13 Sep 2018 | | | | |
11 Sep 2018 | | | | |
06 Sep 2018 | | | | |
04 Sep 2018 | Weeks 1 & 2: Terminology and classifications | | | |
|