| Assignment:
1 - Privacy Issues 2003 |
15% |
| This assignment
requires you to find an example in the media (online, or offline). It is
suggested that you look through stories in the National Post and Globe
& Mail to find a scenario where a company was compromised on a Privacy
topic. Discuss what the problem was. Could it have been prevented? What
follow-up might there be to make sure this situation did not happen again.
What is the key thing(s) that could be learned about how this situation
was handled - which you could apply to a company you work with? |
|
|
|
| Assignment:
2 - IT attacks - current threats |
15% |
| The purpose
of this asignment is to make you personally aware of several of the most
current IT theats and by doing so, provide you with an awareness which
may allow you to be better prepared to deter a threat, and/or respond to
a breach. You are required to identify 3 specific threats, eg a current
social engineering threat, a current virus and its specific threat, an
email worm, a corrupted patch. Describe what the threat is. Explain what
damage could be caused by ignoring the threat. Determine how the threat
could be identified by your organization, and propose how you might respon |
|
|
|
| Assignment:
3 - Risk Assessment & Risk Management and Security Policies |
20% |
| One of
the reasons people do not have appropriate security is because they
do not know what their vulnerabilities are - that is they do not have an
accurate assessment of what is at risk. In this assignment you are required
to briefly describe a company that has an operational risk (you create
what the risk might be), then consider how you might manage the risk by
making SOPs (Standard Operating Procedures) to prevent the vulnerability
existing. It can be helpful to piggyback on existing examples of any real-life
companies you might know. If you use a real-life company as a model, make
sure you clearly explain the difference between your writing, and your
reference. |
|
|
|
| Assignment:
4 - Firewalls, Policy and Procedures |
20% |
| Firewalls
cannot protect you from determined attacks, but the abscence of any firewall
will surely put you in a vulnerable situation, just as leaving your keys
in your unlocked car in Toronto will see your vehicle stolen. This assignment
requires you to investigate the publically available marketing info on
several commercially available Firewalls for corporate use. Using a created
scenario of a company that has particular risks, pick a firewall product
and match it to the vulnverabilities in your scenario. Write a short set
of procedures that you provide to fellow office workers, once the firewall
is installed - to make sure they adhere to practices which make the firewall
operationally effective. This is a "policy" oriented assignment not a technically
oriented assignment. |
|
|
|
| Class
Participation |
15% |
| Participation
is defined as regularly attending class (not just for filling a seat) and
asking and answering useful questions which further contribute to
the subjects discussed in each session. To this end, it is strongly recommended,
that participants do indeed read the assigned chapters and WWW pages
BEFORE class, so that questions may be asked and good discussions takes
place. Program Participants should make an effort to contribute useful
information on regular occasions
Contributions can also be
made by identifying resources on the WWW that would be useful to the class.
These contributions can be made in the form or emailing information to
the professor, or bringing to class various articles and documents. If
you do send an email, DO NOT just send the URL - you should make a summary,
in your own words, as to why the article is useful and how it contributes
to what we are discussing in class. Really good emails could be worth 2,
3 or possibly even 4 marks.
Class participation / contribution
will be calculated on a per incident basis so students should plan on trying
to have something useful to say, or contribute at least once
every second or third class.
Do not leave class participation
to the end of the course. All class participation marks will be finalized
1st week in April |
|
|
|
| TEST |
15% |
| There
will be several quizzes throughout the course (which will be in lieu of
a short/medium answer test in the middle of the course), for the purpose
of evaulating your understanding of the key concepts up to that point.
In order to prepare for these quizzes, simply do the required readinsg
commensurate with the course outline dates/topics. |
|
