Projects
I. Risk Assessment. Conduct a risk assessment of the information systems in your workplace (or other facility that you may access - i.e., a local library). You must describe the information system as well as providing the assessment. The student will use the NIST framework to perform the Risk Assessment.
II. Security Issues with Emerging Technologies: Students will choose from a number of emerging technologies and prepare a paper that discusses security. I will offer several topics, but you are also free to chose your own (with instructors approval). 4 pages not including title and references.
Suggestions:
A Honeynet Project white papers. You can access the papers here [login to view URL]
Select one of the papers and write about what you discovered from reading the paper. There are papers here that explain the concept of "Know Your Enemy." The "hacker" community operates a lot like warfare; defending against them requires an understanding of how they operate. This site is a great place to gather that type of information.
B Cryptography. This paper can be on an algorithm, protocol or a white paper on Cryptography. At a minimum your paper should describe the following: history, security considerations (i.e.,: has it been hacked, cracked, or is it a concept), where is it being applied, or planned to be applied.
C Digital Millenium Copyright Act (DMCA). The DMCA has made quite an impact on Internet Security. Your paper should at a minimum contain the following: Introduce the DMCA; When can a program be reverse engineered; IAW the DMCA security considerations with respect to the DMCA, ie: how does it affect an organization today? Comments: DMCA fair? Why or why not? How would you change it given the opportunity?
D Mobile Code. Mobile Code is something that security professionals have to deal with on a daily basis. Your paper should address the following: Definition of Mobile Code; types of Mobile Code; security considerations with respect to allowing Mobile Code into your internal network; comments: Mobile Code friend or foe?
E Intrusion-Detection Methods. Research the various types of intrusion-detection systems that are available to organizations. Discuss the various types and describe the circumstances in which each type should be used. Feel free to use specific examples and products to provide the reader with a complete understanding of the subject.