CS150 Class Purpose

This class provides you with an introduction to Computer Security, but it should be called Introduction to Cyber Security and Information Assurance (CSIA). Information Assurance is the big picture process of ensuring that computers and networks are available for authorized users while at the same time protected from attack or unauthorized access, coming up with processes to manage risks, and having plans in place in case disaster does strike. Computer Security refers to an essential part of Information Assurance, ensuring that computers are secure, but in this class you will learn about other aspects of Information Assurance as well. These terms might seem a little confusing now, but they are something that you’ll learn about in this class and as you take other Cyber Security and Information Assurance classes.

So what will you learn in this class? The easy answer is that you will learn about Cyber Security and Information Assurance (CSIA). But as I’m sure you know Cyber Security encompasses a wide variety of subjects, for example protecting systems from different types of attacks and threat vectors, to encryption and cryptology, to digital forensics, to incident response and lots more. And even though I’ve been told that I’m a good teacher, and I’m sure that you’re an intelligent individual who is eager to learn, there’s obviously way too much in Cyber Security and Information Assurance for you to learn it all in one single class. This is why CBC has a 4 year degree and several CSIA classes. But you have to start somewhere so this class was designed as a “starter” class and it’s meant to provide you with an overview and an introduction to many of the subjects that you’ll learn about in-depth in later classes. As part of the overview of CSIA in this class you will learn about the following.

Chapter 1: Introduction to Security
Chapter 2: Malware and Social Engineering Attacks
Chapter 3: Basic Cryptography
Chapter 5: Networking and Server Attacks
Chapter 9: Client and Application Security
Chapter 10: Mobile and Embedded Device Security
Chapter 11: Authentication and Account Management
Chapter 12: Access Management
Chapter 13: Vulnerability Assessment and Data Security
Chapter 14: Business Continuity

As you progress through the class please keep in mind that there is no expectation that you will have mastered these subjects by the end of the class. You’re just being introduced to the concepts, and starting to learn the terminology that you’ll build on in later classes. If you are interested in learning more about any of these subjects rest assured that CBC offers additional classes which will go into greater depth on each subject, and where you will gain further knowledge and experience.

Personal and Professional Security

Another way to look at what you’re going to learn in this class is how you can apply it. That is, a lot of the basic security principles that you will learn in this class will help you with your home computers and networks, and personal devices, but will also be applied when you start working for an organization and protecting their computers, networks, and other devices. Hopefully you’re already doing the essential security basics on your home devices, like making backups and installing updates . But in this class you’ll also learn about using tools such as rootkit scanners or programs to help locate missing or stolen devices. When you’re done with the class, even if you don’t go into a career in Cyber Security, your personal security should be more robust.

Certification

The last thing that I think is important for you to understand is the relationship between this class and the Security+ Certification. In the past the official class description said that this class would help prepare you for the CompTIA Security+ Certification Test, which is a good basic certification. That course description was changed because it’s more than a little deceptive. While the material in the class will help you begin to prep for the Security+ exam, there is a lot, lot more you will need to know to pass the exam. Unless you already have a few year’s experience with Cyber Security and Information Assurance just taking this class isn’t going to be near enough to pass the certification exam.

But passing the exam is a good long term goal as most employers give much more consideration to certifications than they would to your grade in this class. (I’ve never seen a job description that says you need at least a 3.0 in Mr. Sako’s class; but I’ve seen plenty of job descriptions that list Security+ or other certifications as a requirement.)

Another possible point of confusion is the book. During the class you’ll be using a book that is designed to help individuals with the Security+ Certification test. However we’re just using the book, and only a portion of it at that. The book was chosen because it is well written, has relevant hands on exercises, and is a great resource … but regardless of the title you are not expected to pass the Security+ test. Even though the book says Security+ in the title you don’t have to pass the certification exam. You aren’t even expected to take it.

Hopefully you understand that certification exams are meant to be used by individuals who already have a few year’s experience with a product or in an industry. Once you have that experience, using a book like this can help you prepare for the certification exam by identifying and filling any holes you may have in your knowledge and experience. But it would be very difficult, maybe even impossible, to just read this book and then pass the Security+ test. You’ll be ready to take the certification test when you can read the book and say “I completely understand what the book is saying, I already know that … ” for every chapter and on every review question. In other words, you’ll be ready to take the test when you don’t need the book.

So … I’m going to repeat myself just to be clear. You do not have to pass or even take the Security+ exam for this class. If you do choose to try the Security+ exam please note that passing any certification test requires additional study and work on the student’s part. In other words, this class will be a good starting point for you if you want to take the Security+ test, but it’s not the only thing you should do if you want to pass the test.

On the other hand; if you already have your Security+ Certification, make sure and get in touch with the instructor as soon as possible as you may be eligible to receive Non-Traditional Credit for the class without having to take it. You should do this right away; because if you qualify for the credit, you can get your tuition $$$ back and hopefully still have enough time to sign up for another class.