CS406: Information Security

Welcome to CS406: Information Security

Specific information about this course and its requirements can be found below. For more general information about taking Saylor Academy courses, including information about Community and Academic Codes of Conduct, please read the Student Handbook.

Course Description

Learn the principles of information security to protect the confidentiality, integrity, and availability of information. Discuss the modes of threats and attacks on information systems, threat mitigation, cryptography, user identification and authentication, access control, privacy laws, and more.

Course Introduction

The first network was invented in the late 1960s with the birth of ARPAnet, a project launched by the US Department of Defense (DoD). That network advanced into what is now known as the Internet and has grown into a global phenomenon to become an integral part of our daily lives. The Internet connects the world on a social, business, and governmental level. So much information is stored and transferred online that the Internet has become a target for criminals. Any devices connected to the Internet must be protected from unauthorized disclosure using tools prescribed by the discipline of information security. 

This course covers information security principles, an area of study that engages in protecting the confidentiality, integrity, and availability of information. Information security continues to grow with advancements in technology – as technology advances, so do threats, attacks, and our efforts to mitigate them. In this course, we discuss the modes of threats and attacks on information systems. We also discuss an important area of threat mitigation that saw rapid development in the twentieth century: cryptography. Information security is concerned with user identification and authentication and access control based on individual or group privileges. The basic access control models and the fundamentals of identification and authentication methods are included in this course. 

Without networks, our focus would primarily be on controlling unauthorized physical access. Instead, networks are the way we keep data in motion, making information security a more complex task. We discuss methods to design secure networks using firewalls, tunneling, and encryption, and we describe some tools to secure networks such as honeypots, network sniffers, and packet capturing. Operating systems that connect to a network must be hardened to prevent unauthorized disclosure. Methods and tools such as patching, logging, antivirus, and antimalware tools are discussed. 

The last topic in this course is global privacy laws. When unauthorized disclosure or a breach of information occurs, there are adverse effects and penalties placed on individuals or organizations depending on the area of jurisdiction. Laws are diverse and vary greatly throughout the world, and we are still trying to develop laws that will protect privacy globally.

In this course, you will learn the fundamentals of information security, security threats, modes of attack, and cryptographic models. Access control, identification, and authentication are also addressed. Network security and operating system (OS) hardening are explained along with intrusion detection and prevention. The course concludes with global privacy laws.

This course includes the following units:

• Unit 1: Introduction to Information Security
  
• Unit 2: Threats and Attack Modes
• Unit 3: Cryptographic Models
• Unit 4: Access Control
• Unit 5: Identification and Authentication
  
• Unit 6: Network Security
• Unit 7: Operating System (OS) Security
  
• Unit 8: Intrusion Detection and Prevention Systems
  
• Unit 9: Privacy Laws, Penalties, and Privacy Issues

Course Learning Outcomes

Upon successful completion of this course, you will be able to:

• explain the fundamental principles of information security;
• identify major information security threats and their modes of attack;
• describe cryptographic models and how they are used to provide security;
• explain the principles of access control models such as discretionary, mandatory, role, and rule-based;
• illustrate methods of identification and authentication such as passwords, pins, biometrics, and tokens;
  
• describe network security methods including network designs, firewalls, wireless encryption methods, tunneling, and network protection tools;
  
• describe operating system (OS) hardening, malware protection, firewalls, and security tools;
  
• explain intrusion detection systems (IDS) and intrusion prevention systems (IPS), and the advantages and disadvantages of each system; and
  
• synthesize current privacy laws and the implications of violations on organizations.
  

Throughout this course, you will also see learning outcomes in each unit. You can use those learning outcomes to help organize your studies and gauge your progress.

Course Materials

The primary learning materials for this course are readings, lectures, and videos.

All course materials are free to access, and can be found in each unit of the course. Pay close attention to the notes that accompany these course materials, as they will tell you what to focus on in each resource, and will help you to understand how the learning materials fit into the course as a whole. You can also see a list of all the learning materials in this course by clicking on Resources in the navigation bar.

Evaluation and Minimum Passing Score

Only the final exam is considered when awarding you a grade for this course. In order to pass this course, you will need to earn a 70% or higher on the final exam. Your score on the exam will be calculated as soon as you complete it. If you do not pass the exam on your first try, you may take it again as many times as you want, with a 7-day waiting period between each attempt. Once you have successfully passed the final exam you will be awarded a free Course Completion Certificate.

There are also end-of-unit assessments  in this course. These are designed to help you study, and do not factor into your final course grade. You can take these as many times as you want to, until you understand the concepts and material covered. You can see all of these assessments by clicking on Quizzes in the course's navigation bar.

Provide details about any other learning activities or projects here, as well.

Tips for Success

CS406: Information Security is a self-paced course, which means that you can decide when you will start and when you will complete the course. There is no instructor or set schedule to follow. We estimate that the "average" student will take 46 hours to complete this course. We recommend that you work through the course at a pace that is comfortable for you and allows you to make regular progress. It's a good idea to also schedule your study time in advance and try as best as you can to stick to that schedule.

Learning new material can be challenging, so we've compiled a few study strategies to help you succeed:

• Take notes on the various terms, practices, and theories that you come across. This can help you put each concept into context, and will create a refresher that you can use as you study later on.
• As you work through the materials, take some time to test yourself on what you remember and how well you understand the concepts. Reflecting on what you've learned is important for your long-term memory, and will make you more likely to retain information over time.

Technical Requirements

This course is delivered entirely online. You will be required to have access to a computer or web-capable mobile device and have consistent access to the internet to either view or download the necessary course resources and to attempt any auto-graded course assessments and the final exam.

• To access the full course including assessments and the final exam, you will need to be logged into your Saylor Academy account and enrolled in the course. If you do not already have an account, you may create one for free here. Although you can access some of the course without logging in to your account, you should log in to maximize your course experience. For example, you cannot take assessments or track your progress unless you are logged in.

For additional guidance, check out Saylor Academy's FAQ.

Fees

This course is entirely free to enroll in and to access. Everything linked in the course, including textbooks, videos, webpages, and activities, are all available for no charge. This course also contains a free final exam and course completion certificate.