Page 307 - 2016-2018 Graduate Catalog (Revised)
P. 307

examines the process of planning, developing, and managing integrated
               enterprise-wide  systems.  It  matches  the  various  domains  of  IT
               enterprise  architecture  (infrastructure,  data,  applications,  services)
               with  the  implementation  dimensions  (process  change,  portfolio
               management, IT processes). The focus is on the alignment of IT and
               organizational  objectives  through  the  integration  of  business
               architectures,  data  and  information  architecture,  application
               architecture,  technology  architecture,  interfaces  and  infrastructure.
               Students  develop  analytical  skills  in  decision-making  and  strategy
               design  for  integrating  IT  components  into  the  information  system
               architecture.

               INSS   777     ADVANCED INFORMATION AND NETWORK SECURITY
               Prerequisite: INSS 735
               Credit 3
               This course provides an in-depth study of network security monitoring
               protocols,  critical  network  security  challenges,  advanced  security
               architectures, as well as tools and techniques for tuning networks to
               optimize  their  performance.  Network  infra-structure  security  issues
               explored include perimeter security defense, firewalls, virtual private
               networks, wireless security, network security auditing tools and ethical
               considerations.  Students  develop  and  evaluate  strategies  for
               deployment  of  “Defense-in-Depth”  mechanisms  in  an  enterprise
               computing  environment.  A  Web-related  network  security  project  is
               required.

               INSS   778     INFORMATION   SECURITY   RISK   MANAGEMENT

               Prerequisite: INSS 735
               Credit 3
               This course addresses the perspective of information security as a risk
               to be managed. The risks, costs, and other issues involved in planning
               for business continuity and developing secure operations in information
               systems  and  networks  are  studied.  Topics  covered  include  disaster
               recovery, outsourcing issues, service level agreements, contingency and
               business  continuity  planning,  qualitative/quantitative  risk  analysis,
               audit procedures, financial integrity, cost/benefit analyses, back-up and
               recovery  provisions,  as  well  as  insurance  protection,  information
               security risk management standards, and security awareness programs.
               Relevant  organizational  procedures  and  public  policies  are  also



                                                                      306
   302   303   304   305   306   307   308   309   310   311   312