COMPUTER COMMUNICATION DEVELOPMENT INSTITUTE

Sorsogon Campus

PHILOSOPHY
Excellent Education is best attained through QUALITY and AFFORDABILITY.
COURSE SYLLABUS
VISION
In
CCDI envisions of providing a service of leadership through excellent
instructions that will produce empowered and word-class I.T. graduates. INFORMATION ASSURANCE AND SECURITY 1
1stSemester S/Y 2017-2018
MISSION
We empower the lives we touch! COURSE INFORMATION
CORE VALUES
 EXCELLENT I. COURSE CODE :
 INTEGRITY
II. COURSE TITLE : Information Assurance and Security 1
 LEADERSHIP
 SERVICE III. DEGREE PROGRAM : Bachelor of Science in Information Technology (BSIT)
IV. DEPARTMENT : Higher Education Department
V. COURSE DESCRIPTION : This course explores the best practices, basic policies and procedures, ethics, and
fundamental legal issues related to information security. Risk Management and Disaster Recovery as applied to
Information Assurance/Security will be investigated. Ethics and vulnerability issues will be also be covered
VI. CREDIT :3 units
VII. HOURS PER WEEK :Three(3) hours Lecture/ week
VIII. PRE-REQUISITE :None
COURSE OBJECTIVES (CO):On the completion of the course, student is expected to be able to do the following:
i. Examine the relationship between threats, vulnerabilities, countermeasures, attacks, compromises, and remediation
throughout the system life cycle.
ii. Explain the factors involved in authentication and how they are used to verify, identify and grant access to the system.
iii. Describe the legal and ethical considerations related to the handling of information and management of enterprise information assets

IX. LEARNING OUTCOMES (LO) :As evidence of attaining the above learning outcomes, the student has to do and submit the following:

Effectivity Date: June 2016 Rev 1.0 Page 1 of 7

This study source was downloaded by 100000789512489 from CourseHero.com on 06-30-2022 00:58:43 GMT -05:00
 COMPUTER COMMUNICATION DEVELOPMENT INSTITUTE
Sorsogon Campus

1 Learning Output Description and other Details Course Outcomes it

represents
LO1 Individual Project Assigned Projects will represent 20% of the course grade. Each student, each week will be responsible for CO1, CO2, CO3
reporting in class regarding a recently identified security breach or concern. Each student should keeping a
notebook of the security breaches and concerns that they reported throughout the semester. Before the end of the
semester, each student should submit a report listing each reported security breach or concern along with a
discussion of controls which could be established to either prevent similar breaches from occurring in the future or
controls which could be used to mitigate the damage caused be similar breaches.

LO2 Group Term Paper A term paper is required. The term paper should be 5 to 7 pages double spaced and should focus on some issue CO1, CO2, CO3
related to computer security and information assurance. The paper should be based on at least three references.
The references should be listed at the end of the paper and those references should be cited appropriately within
the body of the text. An oral report on the topic selected for the term paper will be presented in class

X. RUBRIC TO ASSESS LEARNING OUTPUTS (R):

XI. GRADING SYSTEM:The final grade in this course will be composed of the following items and their weights in the final grade computation:

Class Standing - 40%

Quizzes - 10%
Recitation - 5%
Assignment - 5%
Activities - 20%
Periodical Test - 40%
Projects - 20%

TOTAL 100%

Effectivity Date: June 2016 Rev 1.0 Page 2 of 7

This study source was downloaded by 100000789512489 from CourseHero.com on 06-30-2022 00:58:43 GMT -05:00
 COMPUTER COMMUNICATION DEVELOPMENT INSTITUTE
Sorsogon Campus

XII. LEARNING PLAN:

COURSE INTENDED LEARNING TOPICS WEEK LEARNING ACTIVITIES ASSESSMENT ACTIVITIES
OUTCOME OUTCOMES (ILO) S
CO1 Understand the key terms and Introduction to Information 1-3 Concept Diagnosis Students will design their own
critical concepts of information Security: What is security? CNSS Class Discussion security model.
security as presented in the chapter. (NSTISSI-4011) Lecture
1. Security Model.
2. Components of an
Information System.
3. Approaches to Information
Security Implementation.
The system Development
Life Cyle.
4. The Security Systems
Development Life Cycle.
5. Security professionals and
the Organization

CO1, CO2 Describe simple steps to take to The Need for Security 4-5 Group Discussion The students will be tasked to
minimize the possibility of an 1. Business Needs First, Case Studies create a multimedia presentation
attack on a system 2. Threats, about the need for security
3. Attacks,
4. Secure Software
Development.

CO2 Understand a successful Legal, Ethical, and Professional 5 Construction of personal Students will complete a quiz.
information security program is the Issues in Information Security: vision/mission
responsibility of an organization’s Mapping
1. Laws and Ethics in
general management and IT
management. Information Security.
2. Relevant Philippine Laws.

Effectivity Date: June 2016 Rev 1.0 Page 3 of 7

This study source was downloaded by 100000789512489 from CourseHero.com on 06-30-2022 00:58:43 GMT -05:00
 COMPUTER COMMUNICATION DEVELOPMENT INSTITUTE
Sorsogon Campus

3. International Laws and

Legal Bodies.
4. Ethics and Information
Security. Codes of Ethics
and Professional
organizations.

CO2, CO3 Identify the different risks and Risk Management: 6-7 Case Studies Students will present a paper
strategies to mitigate the impact of 1. Overview, Discussion of current events examining the risks in a chosen
these risks. information system, and
2. Risk identification,
recommend possible risk
3. Risk Assessment,
management solutions.
4. Risk Control Strategies,
Quantitative vs. Qualitative
Risk Control Practices.
5. Risk Management.

CO2, CO3 Classify incident response, disaster Planning for Security: 8-9 Lecture, Discussion, Recitation, Students will prepare their own
recovery, and business continuity 1. Information Security Multimedia Presentation security plan.
planning as components of Planning and Governance,
contingency planning 2. Information Security Policy
Standards, and Practices,
3. The Information Security
Blueprint, Security
education, Training, and
Awareness program,
4. Continuity Strategies.

CO1, CO3 Describe firewall technology and Security Technology: 10-11 Lecture, Discussion, Recitation, Students will do a research about
the various approaches to firewall 1. Firewalls and VPNs: Reporting, Multimedia firewalls and VPNs.

Effectivity Date: June 2016 Rev 1.0 Page 4 of 7

This study source was downloaded by 100000789512489 from CourseHero.com on 06-30-2022 00:58:43 GMT -05:00
 COMPUTER COMMUNICATION DEVELOPMENT INSTITUTE
Sorsogon Campus

implementation 2. Access Control, Presentation, Internet Sourcing

3. Firewalls,
4. protecting remote
connections
CO3 Recognize the important role of Security Technology: 12-13 Lecture, Discussion, Recitation, Students will complete a quiz.
access control in computerized Intrusion Detection, Internet Sourcing, Multimedia
information systems, and identify 1. Access Control, and other Presentation
and discuss widely-used Security Tools:
authentication factors 2. Intrusion Detection and
Prevention Systems,
3. Honeypots, Honeynets, and
Padded Cell Systems,
4. Scanning and Analysis
Tools, Biometric Access
Controls.

CO2, CO3 Discuss the Threats to information Physical Security: 14-15 Lecture, Discussion, Recitation, Students will create their own
security that are unique to 1. Physical Access Controls, Multimedia Presentation physical security model.
physical security 2. Fire Security and safety,
3. Failure of Supporting
Utilities and Structural
Collapse,
4. Interception of Data, Mobile
and Portable Systems.

CO3 List and recommend security Security and Personnel: 16 Lecture, Discussion, Recitation, Students will formulate their
management models 1. Positioning and Staffing the Multimedia Presentation own policies and practices and
security Function, security considerations on the
2. Credentials of Information use of information technology.
Security Professionals,

Effectivity Date: June 2016 Rev 1.0 Page 5 of 7

This study source was downloaded by 100000789512489 from CourseHero.com on 06-30-2022 00:58:43 GMT -05:00
 COMPUTER COMMUNICATION DEVELOPMENT INSTITUTE
Sorsogon Campus

3. Employment Policies and

Practices, Security
Considerations for
Nonemployees,
4. Internal Control Strategies,
5. Privacy and the security of
Personnel Data.

Effectivity Date: June 2016 Rev 1.0 Page 6 of 7

This study source was downloaded by 100000789512489 from CourseHero.com on 06-30-2022 00:58:43 GMT -05:00
 COMPUTER COMMUNICATION DEVELOPMENT INSTITUTE
Sorsogon Campus

XIII. REFERENCES:
Books:
1. Michael E. Whitman and Herbert J. Mattord. Principles of Information Security, 5th Edition. Course Technology CENGAGE Learning. ISBN 1-111-13821-4

Other Sources:
i. Information Assurance for the Enterprise, Schou and Shoemaker, McGraw-Hill Irwin, 2012
ii. Australian Cyber Security Survey (2016) https://www.acsc.gov.au/publications/ACSC_Cyber_Security_Survey_2016.pdf

PREPARED BY: VERIFIED BY: Noted by: APPROVED BY:

ELVIN MANUEL R. LUCES EDWARDO G. REYES, MIT EDGAR C. BALASTA

Instructor BSIT Chairperson Dean of Academics Administrator/RMO

Effectivity Date: June 2016 Rev 1.0 Page 7 of 7

This study source was downloaded by 100000789512489 from CourseHero.com on 06-30-2022 00:58:43 GMT -05:00
Powered by TCPDF (www.tcpdf.org)