BRAC: BRAC: Preparation Partnership for Preparation Partnership for

Expanding Information Security Expanding Information Security Capacity in MarylandCapacity in Maryland

UPDATEUPDATESeptember 1, 2009September 1, 2009

AgendaAgendaIntroductions Project UpdatesIntroductions Project Updates

INFO.SEC.MGT.CERT INFO.SEC.MGT.CERT

CoursesCourses

Website Website

Kickoff and Orientation SessionsKickoff and Orientation Sessions

Connection with STEM Collegian Connection with STEM Collegian Center Center

Outreach Marketing Plan and Outreach Marketing Plan and Highlights – Lucinia MundyHighlights – Lucinia Mundy

PendingPending CoursesCourses

Outreach/Marketing IdeasOutreach/Marketing Ideas

MarylandOnline approval and MarylandOnline approval and marketing marketing

Next Face to Face Meeting IdeasNext Face to Face Meeting IdeasPrior to Oct 28th event?Prior to Oct 28th event?End of October?End of October?Early November?Early November?

OverviewOverview

Developing online format of courses for IS Developing online format of courses for IS cert programcert program

Developing an Information Security Developing an Information Security Management Certificate programManagement Certificate program developing courses for the IS Mgmt programdeveloping courses for the IS Mgmt program Developing the online formatDeveloping the online format

Marketing Marketing

OverviewOverview

Developing online format of courses for IS cert Developing online format of courses for IS cert programprogram F2F onlineF2F online

Maryland OnlineMaryland Online

Developing an Information Security Developing an Information Security Management Certificate ProgramManagement Certificate Program Internal approvalInternal approval MHEC approvalMHEC approval

Using what’s available Using what’s available developing PGCC courses for the IS Mgmt programdeveloping PGCC courses for the IS Mgmt program

F2F onlineF2F online Maryland OnlineMaryland Online

Deliverable #2: developInformation Security Management Certificate

This certificate will help meet the needs of technical and security staff for both This certificate will help meet the needs of technical and security staff for both managing and implementing information security projects.  Coursework may include managing and implementing information security projects.  Coursework may include basic computer operations, operating systems, security, cyber law, disaster recovery, basic computer operations, operating systems, security, cyber law, disaster recovery, project management and systems analysis. Students wishing to continue may apply project management and systems analysis. Students wishing to continue may apply these credits to the Information Security A.A.S. degree.  Students are also these credits to the Information Security A.A.S. degree.  Students are also encouraged to complete the Information Security Certificate and the Cisco CCNA encouraged to complete the Information Security Certificate and the Cisco CCNA Preparation Certificate offered by the Engineering Technology department.  Preparation Certificate offered by the Engineering Technology department. 

CIS 1010 Computer Literacy  3CIS 1010 Computer Literacy  3CIS 1700 Understanding Operating Systems 3CIS 1700 Understanding Operating Systems 3CIS 1620 Computer Security, Security+   3CIS 1620 Computer Security, Security+   3CIS 2840 Systems Analysis and Project Management 4CIS 2840 Systems Analysis and Project Management 4Choose one of the followingChoose one of the following

MGT 2860 Cyber Law  3MGT 2860 Cyber Law  3 MGT 1900 Introduction to Public Administration 3MGT 1900 Introduction to Public Administration 3 MGT 2880 Disaster Recovery and Risk Management  3   MGT 2880 Disaster Recovery and Risk Management  3                                             Total Required for Certificate                                                    16 creditsTotal Required for Certificate                                                    16 credits

INFO.SEC.MGT.CERT

Deliverable #1: convert to onlineDeliverable #1: convert to onlineIS Certificate ProgramIS Certificate Program

This certificate will help to prepare students for an entry-level This certificate will help to prepare students for an entry-level position in the field of information security. Upon completion of position in the field of information security. Upon completion of coursework, …… may be applied to the Information Security A.A.S. coursework, …… may be applied to the Information Security A.A.S. degree programdegree programCIS 1010 Computer Literacy . . . . . . . . . 3 (Bugg, Sullivan)CIS 1010 Computer Literacy . . . . . . . . . 3 (Bugg, Sullivan)CIS 1700 Understanding Operating Systems . . . . . . . 3 (Bugg)CIS 1700 Understanding Operating Systems . . . . . . . 3 (Bugg)CIS 1620 Computer Security, Security+ . . . . . . . . . . 3 CIS 1620 Computer Security, Security+ . . . . . . . . . . 3 (Sullivan,Burt)(Sullivan,Burt)CIS 1630 Securing the Infrastructure . . . . . . . . . . . . . 3CIS 1630 Securing the Infrastructure . . . . . . . . . . . . . 3CIS 1660 Network Defense and Countermeasures . . . 3CIS 1660 Network Defense and Countermeasures . . . 3Program Elective . . . . . . . . . . 3-4Program Elective . . . . . . . . . . 3-4

Choose one course from the following:Choose one course from the following:FOS 2600 Computer Forensics IFOS 2600 Computer Forensics IENT 2190 Wireless LANsENT 2190 Wireless LANsCIS 2760 UNIX/Linux System AdministrationCIS 2760 UNIX/Linux System Administration

Total Required for Certificate . . . . . . . . . . 18-19 CreditsTotal Required for Certificate . . . . . . . . . . 18-19 Credits

KEY: Yellow-already offered online/ Red BRAC grant conversion

CIS 1660CIS 1660

Network Defense and Network Defense and Countermeasures Online CourseCountermeasures Online Course

Michael BurtMichael Burt

FOS 260FOS 260Computer Forensics I Computer Forensics I

Jim Chen Jim Chen (also Trang Nguyen & Laura R. Ellsworth)(also Trang Nguyen & Laura R. Ellsworth)

Crafted by The Dark Side of The MoonCrafted by The Dark Side of The Moon

using public files and self-authored.using public files and self-authored.

Evidence ImageEvidence Image

Note the date and time of the folders created for the forensic analysis.

File SignaturesFile Signatures

Students use file signature analysis to identify the file type/extension.Note the file type/extension – dot.xyz.

Hacking and MalwareHacking and Malware

Students identify the type of attack (automated – note the upload date/time).The compromised host becomes a distribution point for KPorn and Malware.

Students are warned before hand about bare skin content in the KPorn folder.

KPorn ExposedKPorn Exposed

You can’t say that I didn’t warn you before hand (clue?) about the bare skin.King Prawn – What do you expect?

Deleted and Secure EraseDeleted and Secure Erase

Students recover deleted files.Delete: Normal, secure erase, duplicate name, duplicate name content differs.

Spoofed eMailSpoofed eMail

Ok Bill…. Your yatch or mine?

Damaged File HeaderDamaged File Header

Students reconstruct damage file header to recover the evidence.

Hidden Data and MetadataHidden Data and Metadata

Students examine files for hidden data.Example: The original TVShow.mp3 had been extended with one minute of

silence to simulate the ending before playing the hidden audio message.

CIS 1700CIS 1700Understanding Operating SystemsUnderstanding Operating Systems

Barry Bugg Barry Bugg

CIS 1700CIS 1700

14 in Summer pilot class14 in Summer pilot class

Fall 09 18Fall 09 18

Students mailed a CD with software to Students mailed a CD with software to allow them to run lab exercises from their allow them to run lab exercises from their home computer. home computer.

CD allows for 3 different operating CD allows for 3 different operating systems—Vista, Linux and XP—VM playersystems—Vista, Linux and XP—VM player—virtual machines—virtual machines

WebsiteWebsitehttp://www.edtechpolicy.org/BRAC/http://www.edtechpolicy.org/BRAC/

Kickoff/Orientation SessionsKickoff/Orientation Sessions

Next Orientation SessionNext Orientation Session

IS Management Certificate Program IS Management Certificate Program

Orientation Orientation 

Wednesday, October 28, 2009Wednesday, October 28, 2009

Marlboro Hall, #1097Marlboro Hall, #1097

2:30pm ~ 4:00pm2:30pm ~ 4:00pm

Light Refreshments Will Be Served!Light Refreshments Will Be Served!

Connection with STEM Connection with STEM Collegian Center Collegian Center

Christine BarrowChristine Barrow

Outreach Marketing Plan Outreach Marketing Plan and Highlightsand Highlights

Lucinia MundyLucinia Mundy

Pending ActivitiesPending Activities

CIS 2840 Systems Analysis to CIS 2840 Systems Analysis to Systems Analysis and Systems Analysis and Project Management Project Management - Michael Burt (October)- Michael Burt (October)CW 225 - Hardening the Infrastructure– Paul Derdul CW 225 - Hardening the Infrastructure– Paul Derdul (October)(October)Management DepartmentManagement DepartmentOther Outreach IdeasOther Outreach Ideas

Events/Activities/Organizations we should know about- include?Events/Activities/Organizations we should know about- include? Ideas for PR materialsIdeas for PR materials

MarylandOnline approval and marketing through websiteMarylandOnline approval and marketing through website—offered through other partner campuses —offered through other partner campuses

Transition ProgramTransition Program

Capital CollegeCapital College

Next Face to Face Meeting Next Face to Face Meeting IdeasIdeas

Prior to Oct 28th event?Prior to Oct 28th event?

End of October?End of October?

Early November?Early November?