Course Content Summary ITN 267 Legal Topics in Network Security (3 Credits)



Similar documents
Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Course Content Summary ITN 262 Network Communication, Security and Authentication (4 Credits)

Information Security Program

Law & Ethics, Policies & Guidelines, and Security Awareness

Information Security Law: Control of Digital Assets.

The Importance of Privacy & Data Security in a Changing World

Information Systems and Tech (IST)

(Instructor-led; 3 Days)

Computer Forensics US-CERT

Getting Executive Buy-in. Tips & Strategies

ipatch System Manager - HIPAA Compliance

Syllabus: Law and Ethics

SINO-RUSSIAN BUSINESS: FIVE TIPS ON RUSSIAN INTELLECTUAL PROPERTY LAW

Title of Course: Cyberlaw New Course: 10/25/02

An Overview of Cybersecurity and Cybercrime in Taiwan

Master of Science in Information Systems & Security Management. Courses Descriptions

SCAC Annual Conference. Cybersecurity Demystified

CYBERBOK Cyber Crime Security Essential Body of Knowledge: A Competency and Functional Framework for Cyber Crime Management

Guidelines Applicability Guidelines Statements Guidelines Administration Management Responsibility... 4

Research Topics in the National Cyber Security Research Agenda

Applying IBM Security solutions to the NIST Cybersecurity Framework

Bellevue University Cybersecurity Programs & Courses

Cybersecurity Definitions and Academic Landscape

Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY

CHAPTER Committee Substitute for Committee Substitute for Committee Substitute for House Bill No. 1033

Certified Cyber Security Analyst VS-1160

I. U.S. Government Privacy Laws

THE WORLD IS MOVING FAST, SECURITY FASTER.

IBM Internet Security Systems October FISMA Compliance A Holistic Approach to FISMA and Information Security

Cloud Forensics: an Overview. Keyun Ruan Center for Cyber Crime Investigation University College Dublin

e-discovery Forensics Incident Response

Data Security and Privacy Principles for IBM SaaS How IBM Software as a Service is protected by IBM s security-driven culture

Information Security Program Management Standard

OCIE Technology Controls Program

CONSULTING IMAGE PLACEHOLDER

ARMA: Information Governance: A Revenue Source Potential

PRINCIPLES AND PRACTICE OF INFORMATION SECURITY

DATA SECURITY AGREEMENT. Addendum # to Contract #

Business Law and Ethics, , Page 1 of 5

Capacity Building in Cyber Security Literacy: An Inter-disciplinary Approach

Security in Fax: Minimizing Breaches and Compliance Risks

plantemoran.com What School Personnel Administrators Need to know

Information Security Policy

State Agency Cyber Security Survey v October State Agency Cybersecurity Survey v 3.4

Data Breach Reporting: Summary of Governing Bodies with Reporting Requirements in the United States

Understanding the Business Risk

South Australia Police POSITION INFORMATION DOCUMENT

Cyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime?

TECHNOLOGY SECURITY AUDIT

Logging In: Auditing Cybersecurity in an Unsecure World

Bridging the HIPAA/HITECH Compliance Gap

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder

Identity Theft Security and Compliance: Issues for Business

EMR: Electronic Medical Records Security: International Law Review

Rogers Insurance Client Presentation

AAS Paralegal Program Student Survey

Security Information Lifecycle

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

South Australia Police POSITION INFORMATION DOCUMENT

COMPUTER FORENSICS (EFFECTIVE ) ACTIVITY/COURSE CODE: 5374 (COURSE WILL BE LISTED IN THE CATE STUDENT REPORTING PROCEDURES MANUAL)

1/23/2015. MSBO Technology Committee January 22, Examples of Online Educational Services

Purpose. Service Model SaaS (Applications) PaaS (APIs) IaaS (Virtualization) Use Case 1: Public Use Case 2: Use Case 3: Public.

University Information Technology Security Program Standard

Information security due diligence

MASSIVE NETWORKS Online Backup Compliance Guidelines Sarbanes-Oxley (SOX) SOX Requirements... 2

IT Security Management 100 Success Secrets

Governmental Oversight and Accountability Committee

Impact of Legal and Regulatory Compliance on Higher Education Information Security Management. Dan Han Virginia Commonwealth University

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements

Computer and Information Science

Cyber Exposure for Credit Unions

PREPARE YOUR INCIDENT RESPONSE TEAM

Certified Cyber Security Analyst VS-1160

Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH)

Department of Management Services. Request for Information

Clients Legal Needs in HIPAA Security Compliance

787 Wye Road, Akron, Ohio P F

Information Technology Career Cluster Advanced Cybersecurity Course Number:

INFORMATION SECURITY & PRIVACY INSURANCE WITH BREACH RESPONSE SERVICES

$194 per record lost* 3/15/2013. Global Economic Crime Survey. Data Breach Costs. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP

Enhancing Cyber Security in Europe Dr. Cédric LÉVY-BENCHETON NIS Expert Cyber Security Summit 2015 Milan 16 April 2015

Cyber, Security and Privacy Questionnaire

Cybersecurity and Insurance Companies

U. S. Attorney Office Northern District of Texas March 2013

TUSKEGEE CYBER SECURITY PATH FORWARD

Covered California. Terms and Conditions of Use

Applying LT Auditor+ to Address Regulatory Compliance Issues

Cyber intelligence exchange in business environment : a battle for trust and data

Keeping watch over your best business interests.

HIPAA/HITECH Privacy and Security for Long Term Care. Association of Jewish Aging Services 1

Breaches in the News. Check out Privacy Association site for latest news in PII data breaches to see the latest in the news

JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc.

CYBERCRIME AND INFORMATION GOVERNANCE ARE YOU PREPARED?

ICANWK616A Manage security, privacy and compliance of cloud service deployment

HIPAA/HITECH Compliance Using VMware vcloud Air

INTERNATIONAL ASSOCIATION OF CHIEFS OF POLICE. Guiding Principles on Cloud Computing in Law Enforcement

IIA/ISACA Bermuda 2014 Annual Conference Cyber Security. Legal Considerations of Cyber Security For Bermuda Based Organizations

Transcription:

Page 1 of 5 Course Content Summary ITN 267 Legal Topics in Network Security (3 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Conveys an in-depth exploration of the civil and common law issues that apply to network security. Explores statutes, jurisdictional, and constitutional issues related to computer crimes and privacy. Includes rules of evidence, seizure and evidence handling, court presentation and computer privacy in the digital age. Lecture 3 hours per week. Statement of Purpose: This course is designed to train the student on legal, regulatory, and policy standards that impact his or her role as a network administrator or security professional. The course emphasizes common concepts in information security, privacy, the law, and how these concepts affect government and private organizational thinking about information security. The course also provides insight into the creation of an information security program that complies with the laws pertaining to information security. This course also includes content, as indicated below in parenthesis behind each learning objective that directly maps to DHS/NSA s Center of Academic Excellence 2 Year (CAE2Y) criteria. Course Prerequisites / Corequisites: ITN 260. Required Text: Legal Issues in Information Security, latest edition. Author: Grama, J. L. Publisher: Jones & Bartlett Learning.

Page 2 of 5 COURSE OBJECTIVES Upon completion of this course, the student will have a working knowledge of: A. The fundamental concepts of information security, privacy, and the American legal system B. The security and privacy of government, corporate, and individual information C. Contracts, intellectual property law, and criminal and tort law D. Information security governance, risk analysis, incident response, and contingency planning E. Computer forensics and investigations STUDENT LEARNING OUTCOMES 1.0 Information Security Overview 1.1 Describe the key concepts associated with information security. 1.2 Describe information security goals and provide examples. 1.3 Describe common information security concerns. 1.4 Describe mechanisms used to protect information security. 2.0 Privacy Overview 2.1 Describe basic privacy principles. 2.2 Explain the difference between information security and privacy. 2.3 Describe threats to privacy. 2.4 Explain the important issues regarding workplace privacy. 2.5 Describe the general principles for privacy protection in information systems. 3.0 The American Legal System 3.1 Describe the American legal system. (PL7) 3.2 Explain sources of law. (PL8) 3.3 Distinguish between different types of law. 3.4 Explain the role of precedent. 3.5 Describe the role of regulatory authorities. (PL8) 3.6 Explain the difference between compliance and audit. 3.7 Describe how security, privacy, and compliance fit together.

Page 3 of 5 4.0 Security and Privacy of Consumer Financial Information 4.1 Describe the business challenges facing financial institutions. 4.2 Define a financial institution and consumer financial information. 4.3 Explain the main parts of the Gramm-Leach-Bliley Act. (PL4) 4.4 Explain the role of the Federal Financial Institutions Examination Council. 4.5 Describe the Federal Trade Commission Red Flags Rule. (PL8) 4.6 Describe the Payment Card Industry Standards. (PL6) (PL8) 5.0 Security and Privacy of Information Belonging to Children and in Educational Records 5.1 List some of the challenges with protecting children on the internet. 5.2 Identify the purpose and scope of COPPA, and describe its main requirements and oversight responsibilities. (PL5) (PL8) 5.3 Identify the purpose and scope of CIPA, and describe its main requirements and oversight responsibilities. (PL8) 5.4 Identify the purpose and scope of FERPA, and describe its main requirements and oversight responsibilities. (PL1) (PL8) 6.0 Security and Privacy of Health Information 6.1 Describe the business challenges facing the health care industry. 6.2 Explain why health care information is sensitive. 6.3 Explain the main parts of the Health Insurance Portability and Accountability Act. (PL1) 6.4 Describe the role of state law in protecting the confidentiality of medical records. (PL8) 7.0 Corporate information Security and Privacy Regulation 7.1 Describe the difference between public and private companies. 7.2 Explain the history behind the Sarbanes-Oxley Act. (PL3) 7.3 Discuss the main requirements of the Sarbanes-Oxley Act. (PL3) 7.4 Explain the role of the Public Company Accounting Oversight Board. 7.5 Describe how Section 404 internal control requirements impact information security. 7.6 Discuss frameworks used to guide Sarbanes-Oxley internal control requirements. (PL3) 8.0 Federal Government information Security and Privacy Regulations 8.1 Describe the federal government s information security challenges. (PL2) 8.2 Explain the main requirements of FISMA. (PL8) 8.3 Describe the role of the National Institute of Standards and Technology in creating information security standards. 8.4 Describe how the U.S. federal government protects privacy in information systems. (PL7) 8.5 Describe how the U.S. Patriot Act impacts privacy in information systems. (PL9) 8.6 Explain import and export control laws. (PL7) 8.7 Describe how the Americans with Disabilities Act section 508, impacts the federal government information security and privacy challenges. (PL11)

Page 4 of 5 9.0 State Laws Protecting Citizen Information and Breach Notification Laws 9.1 Describe state approaches to protecting the security of personal information. (PL7) 9.2 Describe laws that protect certain types of data. (PL8) 9.3 Describe state breach notification laws. (PL7) 9.4 Describe the differences between state breach notification laws. (PL7) 10.0 Intellectual Property Law 10.1 Describe the importance of intellectual property law. 10.2 Explain the basic concept of legal ownership. 10.3 Explain how patents are used and what they protect. 10.4 Explain how trademarks are used and what they protect. 10.5 Explain how copyrights are used and what they protect. 10.6 Describe intellectual property concerns with respect to internet use. 10.7 Describe the Digital Millennium Copyright Act and what it protects. 11.0 The Role of Contracts 11.1 Describe traditional contract law principles. 11.2 Describe the main differences between contracting on paper and contracting online. 11.3 Describe shrinkwrap, clickwrap, and browserwrap agreements. 11.4 Describe end-user license agreements. 11.5 Discuss why it s important to include information security provisions in contracts. 12.0 Criminal Law and Tort Law Issues in Cyberspace 12.1 Discuss common criminal law concepts. 12.2 Describe the common criminal laws used to prosecute cybercrimes. 12.3 Discuss common tort law concepts. 12.4 Describe common tort principles used in cyberspace. 12.5 Explain the difference between criminal and tort law. (PL8) 13.0 Information Security Governance 13.1 Describe the key concepts and terms associated with information security governance. 13.2 Describe the goals of different information security governance documents. 13.3 Describe the different types of policies that can be used to govern information security. 14.0 Risk Analysis, Incident Response, and Contingency Planning 14.1 Describe the risk assessment process. 14.2 Describe how to create an incident response plan. 14.3 Describe the business continuity planning process. 14.4 Describe how to create a disaster recovery plan. 14.5 Explain the differences between risk assessment, incident response, business continuity planning, and disaster recovery.

Page 5 of 5 15.0 Computer Forensics and Investigations 15.1 Define computer forensics. 15.2 Explain the role of a computer forensics examiner. 15.3 Explain why digital evidence must be carefully handled. 15.4 Describe why chain of custody is important. 15.5 Explain the laws that affect the collection of digital evidence. 15.6 Describe concerns regarding the admissibility of digital evidence. CAE2Y Knowledge Unit Domain Index Course Content KU Indicator BD BS CD CT FS IA IC IT NC PL SA CAE2Y KU Full Domain Name Basic Data Analysis Basic Scripting Cyber Defense Cyber Threats Fundamental Security Design Principles Information Assurance Fundamentals Introduction to Cryptography Information Technology System Components Networking Concepts Policy legal Ethics and Compliance Systems Administration NOTE: the number following the KU Indicator represents the KU Domain topic as shown in the KU mapping matrix (Excel file).

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information