Building a 2 2 Polytechnic Information Assurance Program

1
Building a 2 2 Polytechnic Information
Assurance Program

• October 14, 2004
• Mt San Antonio College
• John Blyzka
• Cal Poly Pomona
• Dan Manson

2
Strategic Planning

• 2 2 Articulation agreements
• Modification of existing courses
• Information Assurance AS Degree
• Increase RISSC consortium
• CSU Los Angeles
• Other community colleges
• CNSS/NSA IA Curriculum Certification (NSTISSI
  4011 and 4012)
• Brand programming courses with Secure Coding
  concepts

3
2 2 NASM BSIT Mt. San Antonio College and Cal
State Fresno

• Required 25 units core courses for proposed Mt.
  SAC
• CIS24Telecommunications
• CIS37 Microsoft Network System Administration
• CIS57 Cisco Networking Fundamental Routing
• CIS86 Network Security and Firewalls
• CIS87 Network Analysis - NIDS
• CIS88 Network Vulnerability Countermeasures
• SL2 Service Learning (1 unit)
• Select 1 elective course (4 units)
• CIS10A Computer Information System
• CIS19   Windows Operating System
• CIS27   Novell NetWare System Administration
• CIS53   Linux Operating System
• CIS54   Linux Networking and Security

• Lower Division Fresno (Core 6 units)
• IT 74 Manufacturing Processes
• IT 92 Industrial Safety Management
• Upper Division Core Fresno (31 semester units)
• IT 102 Industrial Computer Concepts and Apps
• IT 104 Product Design
• IT 114 Industrial Materials
• IT 115 CAD Principles and Methods
• IT 199 Senior Problems
• IT 196 Senior Seminar (1 unit)
• IT 107 Facility Plan. and Materials Handling
• IT 117 Quality Assurance
• IT 118 Production Operations
• IT 148 Project Management and Control
• IT 137 International Quality Standards

4
Steps Toward a 2 2 in Information AssuranceMt.
San Antonio College Cal Poly Pomona

• Modification of existing courses
• New CANs
• BUSA 7 Principles of Accounting - Financial
• BUSA 8 Principles of Accounting Managerial
• BUSL 18 Business Law
• COMP 16 Microcomputer Applications
• XP Firewall Security Center
• Ethics
• Email Security
• CIS 62 Web Programming
• Cross-site scripting
• User interface security
• CIS 20 Systems Analysis and Design
• CIS 51 Programming in Java
• Secure coding techniques

5
2 2 Business Degree in IA

• First 2 years can be taken at Mt. Sac
• Next 2 years can be taken at Cal Poly (and other
  CSUs)
• New General Education Course Personal
  Information Security
• Change three CSU Required Business Courses to add
  Security Components

6
New GE Course Personal Information Security

• Provides a basic introduction to personal
  information security so that non-computer experts
  will understand the key threats to security and
  the actions they need to take to protect their
  personal computers and their personal information
  on the Internet. Covers topics such as basic
  security issues, common computer attacks,
  passwords, encryption, and data backup and
  recovery.

7
California Articulation Number (CAN)

• Discipline-based bilateral articulation
  agreements for CSU, UC and CCs
• Reviewed by faculty on four-year campuses on two
  and four year cycles
• CAN BUS 4 Managerial Accounting
• CAN BUS 6 Introduction to Business Computing
• CAN BUS 12 Business Law

8
Changed Managerial Accounting CAN Course
Description

• Fundamental managerial accounting concepts,
  classifications, cost systems, and budgeting for
  the analysis and reporting of accounting
  information for planning, control, and decision
  making. Legal and ethical issues.

9
Changed Introduction to Business Computing CAN
Description

• A basic computer literacy course which includes
  computer hardware, software, systems analysis and
  design, and information assurance. Students will
  become proficient in the use of operating
  systems, word processing, spreadsheets, database
  management systems and personal information
  security

10
Changed Business Law CAN Description

• Law and its relationship to business. Concepts
  and cases involving the legal system, dispute
  resolution, torts, contracts and other areas of
  commercial law. Information security and privacy
  legal and policy issues.

11
Current Upper Division CIS Curriculum

• 4 Undergraduate Upper Division Tracks
• Application Development No IA Courses
• Business Systems Analysis No IA Courses
• Telecommunications Analysis No IA Courses
• Internet Programming and Security Two IA Courses

12
Future Upper Division IA Curriculum

• Integrate IA throughout the CIS curriculum
• Eliminate existing tracks
• Create two new tracks
• Secure Coding
• Secure Infrastructure

13
Secure Coding Track

• Client/Server Applications Development changed to
  Secure .Net Programming
• Java Programming for Business changed to Secure
  Coding
• Rapid Systems Development changed to Team
  Software Process
• Advanced Object Oriented Analysis Design
  changed to Threat Modeling
• Web Site Development changed to Secure Web Site
  Development
• Internet Security (current course)

14
Secure Infrastructure Track

• Local Area Networks and Wide Area/Voice Networks
  in Business changed to Secure Business Networks
• Mobile Communications and Wireless Networks
  changed to Secure Mobile Communications and
  Wireless Networks
• Network Management changed to Secure Network
  Management
• Multi-vendor Inter/Intra Networking changed to
  Secure Multi-vendor Inter/Intra Networking
• Network Analysis and Design changed to Secure
  Network Analysis and Design
• Computer Forensics (current course)

15
Conclusion

• There is nothing more difficult to take in hand,
  more perilous to conduct or more uncertain in its
  success than to take the lead in the introduction
  of a new order of things Niccolo Machiavelli