SRA111: Introduction to Security and Risk Analysis
SRA 111 is an introductory course with a broad focus, spanning the areas of security, risk and analysis. In addition to familiarizing the student with basic security terminology, it will also touch upon social and legal issues, risk analysis and mitigation, crime intelligence and forensics, and information warfare and assurance.
This course will motivate students to understand the requirements for security in any government agency or business organization through the use of case studies. Included in this segment are cases related to cyberterrorism, bioterrorism, and critical infrastructure protection. Some concepts to be covered in the area of information security are: confidentiality, integrity, availability, and non- repudiation. Various methods of safeguarding these security concerns will be discussed, such as: single- and multi-factor authentication, encryption, digital signatures, prevention of denial of service attacks, and so forth. This course also covers social and legal issues related to security, in particular identity theft and social engineering. Topics in this section include identity theft, spam, spyware, and adware. This course also covers the basic principles and the approaches to risk analysis. Here students study vulnerability analysis, crime and intelligence analysis, forensics, techniques for risk assessment and risk mitigation.
The course will prepare students for more in-depth courses such as SRA 211, SRA 221 and SRA 311. This course will incorporate collaborative and action-learning experiences wherever appropriate. Emphasis will be placed on developing and practicing writing and speaking skills through application of the concepts that define the course.
Course Objectives Upon completion of the course, the student will:
Understand basic security concepts, terminology and possible solutions.
Develop an understanding of the social and legal issues of security and privacy.
Understand the basics of crime intelligence and forensics analysis.
Be able to apply risk analysis, evaluation and mitigation methods.
Understand information warfare and information assurance.
Have an awareness of current and future trends in information and cyber security.