Information and Network Security Certificate Program

Transcription

1 Information and Network Security Certificate Program University of California, Irvine, P.O. Box 6050, Irvine, CA

2 PROGRAM DESCRIPTION Data security is critical and increasingly important for specialty courses. The Information and Network Security Certificate Program in Information and Network Security helps industry professionals to better understand the management and security of modern public, government and enterprise networks. The program will be of interest to technical and nontechnical professionals involved in the design, development, financing, administration and management of secured information systems and networks. CERTIFICATE REQUIREMENTS The certificate is awarded upon successful completion of 18 credit units (9 required and 9 elective credit units) with a grade point average of B or better. This program is discontinued effective FALL No new candidates will be accepted into the program. If you have questions, please contact Rogelio Rodriguez at or via at rcrodrig@uci.edu. The curriculum focuses on developing a comprehensive understanding of the underlying principles for designing, engineering, and managing secure information systems environments. The program includes current findings from academic and technological research and state-of-the art practice. WHO SHOULD ATTEND Engineers, management personnel and those in other technical and managerial disciplines that are involved in the engineering, administration and/or management of secured information systems environments. PROGRAM BENEFITS Gain a fundamental understanding of security and network management practices. Learn essential criteria for public, private, governmental and corporate network security. Perform an evaluation of available network management practices and technology applications. Identify best practices for network hardware and security optimization. Design a secure network and perform effective data management and network configuration. CERTIFICATE CANDIDACY Bachelor's degree in engineering, computer science, business or management and two years of relevant experience; OR a relevant associate degree with at least four years work experience in the related fields of management, engineering or computer science, and the consent of the program manager. CURRICULUM 2

3 PREREQUISITE COURSE Introduction to Communications and Networking EECS X490 (3 units) Familiarize yourself with a "systems analysis approach" to the design and development of modern enterprise networks and systems. Learn how to analyze requirements and technical goals using the latest methods, technologies and tools. A typical communications system design process is discussed including identifying your customer's needs, goals and network configurations; transmission media and technology alternatives, e.g. copper wire, coaxial cable, fiber optics, wireless; system test and reliability; cost and performance analysis; leased versus private facilities; and regulatory and administrative considerations. Prerequisite: Basic understanding of mathematics and computers. REQUIRED COURSES (9 units) Essentials of Information Security EECS X490.6 (3 units) Learn how to build a concrete foundation on information systems security and successfully organize a secured environment. This course focuses on two subsections of IT Security: Managerial Security and Technical Security. Examples of each subsection are defined and explained. Topics include: History of IS Security, Security Attacks, Hacker Methods and Motivation, Legal Aspects of IS Security, Developing an effective Security Policy, IT Risk Assessment, Firewalls, Encryption and Hashing, Intrusion Detection, and Operating System Security. Communications and Networking OR equivalent Network Systems Security EECS X (3 units) Gain insight on how to deter intrusions into high-profile networks and information systems. Learn about the many software "tools" available to increase security against hackers and other unwelcome "guests." Increase your knowledge on how to secure your network by learning how to use these "tools" and configure them. Practical, hands-on instruction provides participants a thorough knowledge of NAT (Network Address Translation), PAT (Port Address Translation), Firewalls, Reflexive Access Lists, CHAP (Challenge Handshake Authentication Protocol), MD5 Hashing, and VLAN's (Virtual LAN's). Communications and Networking, or equivalent Advanced Security Management: Risk Assessment, Security, Policy Development, and Legal Aspects of Information Security EECS X (3 units) Learn how to perform a security risk and vulnerability assessment; create standards and a security policy appropriate to your needs; and explore legal aspects of security. Become expert in identifying threats and countermeasures via threat modeling, and utilizing monitoring tools and techniques for intrusion detection. Participants will engage in interactive discussions regarding information security, cyber-security, and other security issues associated with electronic mediums. Key policy issues addressed include the Sarbanes-Oxley Act, Gramm Leach Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), and ISO standards. Communications and Networking OR equivalent ELECTIVE COURSES (Candidates choose 9 units) Essentials of TCP/IP EECS X (3 units) Increase your understanding on how IP works, how upper layer protocols (TCP, ICMP, etc.) use underlying IP transport mechanisms to provide useful network services and how IP addressing and routing allows data to be exchanged in a global network. Learn practical IP design and troubleshooting techniques including analyzing network traces and network performance analysis. Participants benefit from this course by expanding their knowledge of TCP/IP network design and become more proficient in designing and implementing IP addressing and routing schemes. Communications and Networking, or equivalent Essentials of Client-Server Applications and Protocols EECS X (3 units) Today's networks are now recognized as the most important component in information processing. This has led to a style of computing called client/server, where the power of an individual computer is only limited by the network to which it is connected. This course provides an introduction to client/server computing and discusses its benefits as well as the advantages it offers over time-sharing 3

4 and networked PCs. Topics include: GUI (Graphical User Interface), Application Servers, Database Servers, Application Maintenance, and Application Integrity and Security. Prerequisite: EECS X490, Intro to Communications and Networking, or equivalent Theory and Applications of Cryptography in Computer Networks and Communications EECS X The rapid development of digital technology has lead to increased use of electronic encryption and the need for secured communications. Increase your familiarity of the mathematics behind cryptology and basic cryptographic algorithms. Learn real and practical cryptographic systems that are used for communications such as IPSec, Secure Sockets Layer Security (SSL), Transport Layer Security (TSL), and virtual private networks (VPN), as well as methods for securing information, digital signatures, and DRM (Digital Rights Management). Further your understanding of the technical issues of implementation and proper use of cryptography. Prerequisite: Familiarity with engineering mathematics, communications and networking technologies. Secured Networking and Cryptographic Systems EECS X (2.5 units) Today information is more accessible than ever. Our world is inescapably connected, and all businesses increasingly depend on digital communications. However, open communications and exchange of information exposes businesses to various security threats. This course provides a comprehensive study on different types of attacks on computers, computer networks, smart cards, set top boxes, wireless networks, and other communication systems. Develop strategies against theft of services and information. Increase your understanding of basic cryptographic algorithms such as AES and DES, along with algorithms for authentications such as MD5 and SHA-1, and algorithms for key exchange and public key cryptography such as RSA and Diffie-Hellman. Expand your knowledge on practical hardware and software implementation of the cryptographic algorithms. Participants also learn real and practical cryptographic systems that are used for communications such as IPSec, SSL/TLS, and VPN, as well as methods for securing information, and digital signatures. QUARTERLY SCHEDULE OF CLASSES Wireless Network Analysis and Security ENGRECE X (1.5 units) Increase your professional network troubleshooting skills in wireless networks. Learn to use protocol analysis and troubleshooting tools to identify, diagnose, and correct performance and security issues in wireless networks. Get hands-on training in (Ethernet) wireless technologies and related technologies. A series of lectures and lab exercises address all the skills you need to correctly implement and maintain wireless networks. Gain valuable hands-on experience in a wireless networked environment utilizing the Network Instruments Observer 9 protocol analyzer. Prerequisite: EEXS X490, Introduction to Communications and Networking OR equivalent Advanced Security Lab: Firewalls and VPN Design and Configuration EECS X (3 units) Update your security design skills and learn how to plug holes in firewall architectures. Increase your knowledge on packet filtering (stateless classification) and stateful (flow processing) firewall design and configuration using the Firewall Feature Set imbedded in Cisco Routers. Learn why Virtual Private Networks (VPN's) have become so popular and how to configure and test them. This hands-on lab includes "challenges" from other course participants posing as hackers to test the effectiveness of the security controls. Implementing Disaster Recovery and Business Continuity Plans for Secured Systems EECS X (3 units) Learn the justification for disaster recovery programs and planning strategies for facility protection and recovery. Examine the differences between a centralized system, a decentralized system, and end user recovery disaster recovery methodologies. Prepare for the unexpected by implementing and executing a test scenario. COURSE # PREREQUISITE COURSE W SP SU F 4

5 EECS_X490 Introduction to Communications and Networking (3 units) EECS_X Essentials of TCP/IP (3 units) COURSE # REQUIRED COURSES (9 units) W SP SU F EECS_X490.6 Essentials of Information Security (3 units) EECS_X Network Systems Security (3 units) EECS_X Advanced Security Management: Risk Assessment, Security Policy Development, and Legal Aspects of Information Security (3 units) COURSE # ELECTIVE COURSES (9 units) W SP SU F EECS_X Essentials of Client/Server Applications and Protocols (3 units) EECS_X Theory and Applications of Cryptography in Computer Networks and Communications (2.5 units) EECS_X Wireless Network Analysis and Security (3 units) EECS_X Advanced Security Lab: Firewall and VPN Design and Configuration (3 units) EECS_X Implementing Disaster Recovery and Business Continuity Plans for Secured Systems (1.5 units) For the most current schedule of classes, please go online to the UCI Extension catalog at extension.uci.edu Note: Schedules are subject to change O=Online, W=Winter, SP=Spring, SU=Summer, F=Fall 5

6 APPLICATION FOR CANDIDACY This form must be submitted, along with a filing fee of $125, after the completion of the third course. NAME Mr. Mrs. Ms. HOME ADDRESS CITY STATE ZIP PHONE: DAY EVENING SOCIAL SECURITY NUMBER JOB TITLE EMPLOYER EMPLOYER ADDRESS Payment must be included with application. CHECK ENCLOSED (MADE PAYABLE TO REGENTS OF THE UNIVERSITY OF CALIFORNIA) CHARGE TO VISA MASTERCARD AMERICAN EXPRESS ACCOUNT NUMBER: EXP DATE: AUTHORIZATION SIGNATURE: Mail To: UNIVERSITY OF CALIFORNIA, IRVINE UNIVERSITY EXTENSION PO BOX 6050, IRVINE, CA OR FAX TO: (949)

7 REQUEST FOR CERTIFICATE DATE: University of California, Irvine Extension Programs in Engineering & Science Technologies P.O. Box 6050 Irvine, CA FAX (949) The course in which I am now enrolled* is the last one to be completed before I am eligible to receive the certificate in: I have submitted my Application of Candidacy. Names: Certificate to be mailed to: Name to be inscribed on certificate- PLEASE PRINT Number and Street City State Zip Daytime Phone Social Security Number Signature * Name of course in which you are now enrolled: PLEASE DO NOT SUBMIT THIS FORM UNLESS YOU ARE ACTUALLY ENROLLED IN YOUR FINAL COURSE AND IT HAS STARTED. 7