CIS 376 Stw Security,Practices,Policies & Standa

This course gives the students the insides of the best security coding practices as well understanding of the role the policies and standards play in modern information security. The topics include an introduction to the goals of secure coding, an overview and comparison of evidence-based security and code access security, authentication methods to system resources and services, and data encryption between systems and services. After completion of the coursework, the participants are able to develop and test a simple application that uses systems services to encrypt a data stream, send it to a different system, and decrypt the data stream. Also the class team works on performing a security audit of the code of an existing system, identifying problems that violate best security coding practices, and making recommendations to fix each problem. In addition, the participants are able to develop a set of policies that implement a specified organizational objective and satisfy the current standards for industry and justify why each policy is necessary to meet a specific objective. Prerequisite: CIS200.