Analyzes the information system audit process, provision and evaluation of controls in all aspects of information system operation, and the provision and maintenance of computer security. Stresses internal controls while examining specific controls and security. Prerequisite: CIS 303.
Learning Objectives
- Use modern analysis tools to evaluate vulnerabilities, threats, and attack vectors to design a computer system with appropriate defense mechanisms.
- Answer written and/or oral questions to demonstrate formal reasoning and principles of computer security issues for traditional systems and emerging systems such as cyberphysical systems.
- Develop a secure computer system that demonstrates understanding of the key challenges and trade-offs in systems security, and systems performance/ cost.
- Answer written and/or oral questions to demonstrate how theory is applied to practical designs for securing computer systems.
- Explain the ramifications of computer security to how computer systems are accessed and used to maintain security.
- Evaluate current protocols and design new ones for specific security services like authentication, access control, forensics, network security, integrity and service availability, and conduct detailed analysis on inherent tradeoffs.
- Be able to effectively rationalize orthogonal trade-offs in designing secure computing systems from orthogonal perspective like legal issues, economics, ethical considerations and cost, and find best designs.