Introduction to IA for Non-Technical Managers Information is at the heart of modern business and managers in all departments are realizing that they need to understand the basic principles and vocabulary of the increasingly important field of information assurance (IA). This class is for every manager who has wondered about the fundamental attributes of information that IA experts do their best to protect. If you want to work more smoothly and effectively with your technical colleagues, this course is for you because everyone needs to know the fundamentals of information security. This online course introduces the basic terminology and ideas underlying today's view of IA. It includes the history and mission of information system, a history of computer crime, introduction to the six fundamental attributes of information that must be protected, an introduction to encryption, a systematic way of discussing breaches of security, and an insightful discussion of the psychology of computer criminals and of insider crime. You will learn about penetration techniques and countermeasures, malicious and mobile code, denial of service, social engineering, and physical or facilities security. There are non-technical introductions to operating system security, securing local area networks, firewalls and proxy servers, vulnerability analysis, and intrusion detection. You will study the principles and vocabulary of identification, authentication and authorization; ways that your organization should be protecting your Web sites; and antimalware technologies. The course ends with a review of data backups, archives, and protecting stored data. The online course starts with sessions of slides and phone conferences from 10am to 5pm Eastern Time on Saturday and on Sunday (you get an hour for lunch) and is followed by four three-hour sessions from 7pm to 10pm Eastern Time on Monday through Thursday evenings. All students keep all the PowerPoint and PDF files and also receive a copy of the industry-standard Computer Security Handbook , 5 th Edition edited by Bosworth, Kabay & Whyne and published by Wiley in 2009. Students can ask questions at any time using the teleconferencing system or by instant messaging and receive a response as part of the lecture discussions. Each course has an associated discussion group for threaded messaging. The sessions are recorded and the recordings are freely available to all participants for download and review. Class Price: $1,995   Time: 10am -4:00pm Sat & Sun 7pm-9pm Mon-Tues- Wed-Thurs Location: online schedule Prerequisites: none CPE Credits: 24 Instructor: M. E. Kabay, PhD, CISSP-ISSMP, Assoc Prof of Information Assurance at Norwich University, Technical Editor of the Computer Security Handbook 4 th and 5 th editions, and writer of the Network World Security Strategies column. Inducted into the ISSA Hall of Fame in 2004. Learning Level: Introductory Target Audience Chief Information Officers, Chief Operating Officers non-technical managers at all levels software developers programmers operations staff helpdesk members everyone concerned with improving security and working more effectively with security specialists. You will learn about: penetration techniques and countermeasures, malicious and mobile code denial of service social engineering and physical or facilities security. Non-technical introduction to operating system security securing local area networks firewalls and proxy servers vulnerability analysis intrusion detection. You will study the principles and vocabulary of identification authentication and authorization ways that your organization should be protecting your Web sites antimalware technologies Course Ends with: After presenting practical guidelines and techniques for effective security-awareness campaigns the course applies the principles of social and organizational psychology to implementing security policies.guidance on setting up security policies review of data backups, archives and protecting stored data The course is given during the day Sat/Sun (10:00am to 4:00pm) and it is necessary for the student to work and prepare during the evening. Attendance at the trainings and at different workshops is obligatory in order to obtain an attestation or certification following the training. Curriculum Day 1: Introduction, class plan, SQR, Instant Messaging for questions during class, Yahoo group for offline discussion History and mission of information system security The Parkerian Hexad Crypto (1) Introduction & History Crypto (2) Stronger Crypto & PKC Day 2: Taxonomy of computer security breaches Psychology of computer criminals & insider crime Information warfare Penetrating computer systems and networks Malicious code & mobile code Denial of service Day 3: Social engineering, spam, phishing & Trojans Physical Security Operating systems security Day 4: Lan Security Firewalls and proxy servers VAS & IDS Intrusion detection & intrusion prevention Day 5: Identification & authentication (I&A) Protecting Internet-visible systems & Web sites Crypto (3) PKI Certificate Authorities Day 6: Antivirus Technology Data backups, archives & securing stored data Students looking for in-depth study of information security at the Master's degree level should visit the Norwich University MSIA Web site for full information about the highly regarded 18-month online degree program focusing on the management of information assurance.