Home iSchool Social Networking Subscribe to our RSS Feeds

CAS in Information Security Management: Curriculum

Program Requirements

The certificate requires 15 graduate credit hours. Students are required to take classes in the following areas:

  1. Certificate Core (3 credits)
  2. Management Security (3 credits)
  3. Technology Security (3 credits)
  4. Elective Courses (6 credits)

All courses are 3 graduate credits unless specified otherwise.

I. Certificate Core: 3 credits


IST 623: Introduction to Information Security
Basic concepts and technologies of information security. Students who successfully complete this course will have a comprehensive overview of information security with some hands-on experience.


II. Management Security: at least 3 credits required


IST 600: Digital Forensics
This course will introduce students to how forensic science, computer science, and information security all blend into digital forensics. The students will learn the fundamentals of the forensic process, evidence handling, and quality assurance as they apply to digital forensics. The course will culminate in a moot court testimony which will emphasize the concepts and principles covered in the class.

IST 600 Homeland Security

IST 625: Risk Management
This course takes a multi-disciplinary perspective of risk assessment, modeling, and management. Topics discussed include concepts of personal accountability versus governance and policy, how organizations define and measure risk and loss, and planning for contingencies.

IST 629: Organizational Information Security
Personnel/organizational skills for information security managers and officers: staffing, training, certification, incentives, and evaluation of information security personnel, non-security IT personnel, etc.; organization development related to security awareness threats and responses; ethics/codes of behavior in information security.

IST700: IT Security Architecture
Principles and techniques of building an enterprise-wide Security Architecture (SA) framework, using the concepts of enterprise architecture (EA) as context. The goal of this course is to present an integral set of risk-adjusted security solutions in response to the threats that would arise from security concerns.

IST 728: Information Security Policy
This course is designed for business, law, and technology students interested in information security as it impacts the management and operations of business and government. Provides an in-depth examination of information security policy and best business practices.


III. Technology Security: at least 3 credits required


IST 522: Applied Information Security
Applications of information security including hands-on experience. Students who successfully complete this course will understand how information security technology is applied to real systems.

IST 634: Security in Networked Environments
Practical and theoretical knowledge of network security. Topics covered include security policies and their place in information technology (IT) and business plans, virtual private networks (VPNs), firewalls, public key infrastructures (PKI), and intrusion detection.

IST724: Database Security
Database security lifecycle, fraud detection through the use of audit tables & triggers and obscurity through the use of encryption, views & virtual private databases. Case studies and lab exercises with database access controls, database intrusion detection, data obscurity, and physical database security. 

CIS/CSE 643: Computer Security


CIS/CSE 644: Internet Security 
Architectural model. IP addressing, TCP/IP network protocol security, network layer and application layer security, firewalls, router security, denial of service attacks, and domain name server attacks.

CIS/CSE 774: Principles of Access Control
Specification, verification, and design of secure networks using formal logic. Includes cryptographic algorithms and reasoning about key distribution protocols, delegation, access control, electronic mail, and certification authorities.


IV. Elective Courses: an additional 6 credits are required from the above course lists or the following list


IST 552: Information Systems Analysis
Concepts and methods of systems analysis through decomposition and modeling. Extensive practice with structured methodologies. Systems analysis project management techniques. Introduction to automated tools and technology. Group project to apply skills.

IST 555: Enterprise Technologies
Coverage of management and technical architecture issues that comprise enterprise computing environments. In depth focus on identifying and solving large complex problems and using large computing systems to deploy enterprise scale solutions. Hands –on development on enterprise systems.

IST 618: Survey of Telecommunications and Information Policy
Public policy issues of the digital environment, including freedom of expression, intellectual property, economic regulations, privacy, security, access, standards, and dissemination of public information. Application of economic, legal, and political science concepts to policy analysis.

IST 642: Electronic Commerce
Current developments in information systems and networks for electronic business transactions. Includes electronic data interchange, secure financial transactions, and evolving marketplace mechanisms. Social impacts and opportunities are discussed.

IST 645: Managing Information Systems Projects
Project management as a professional discipline in information and communication technology. Introduction to roles, activities, methods, and tools. Critical review and application of principles. Additional work required of graduate students.

IST 656: Telecommunication and Information Network Technology
Essential elements, hardware and software technologies in telecommunication and information networks. Design, maintenance and management considerations.

IST 659: Data Administration Concepts and Database Management
Definition, development, and management of databases for information systems. Data analysis techniques, data modeling, and schema design. Query languages and search specifications. Overview of file organization for databases. Data administration concepts and skills. Note: Credit cannot be given for both IST 659 and IST 658.

IST 679: Electronic Commerce Technologies
Overview of e-commerce technologies and applications such as EDI, XML, JAVA, middleware, firewalls, encryption, payment systems, database integration, shopping-cart applications, cookies, transaction analysis, and application service providers. Programming experience recommended.

IST 690: Independent Study
Independent Study in the area of information security under the supervision of a faculty advisor. Up to three credits are considered for the certificate program.

IST 971: Internship
Participation in a supervised and evaluated field experience in the area of information security. Requires contract approved by faculty supervisor and field agency before registration. Up to three credits are considered for the certificate program.


For an information packet with complete admissions and curriculum information, please use our online information request form.

More information on the Information Security Management graduate certificate:
School of Information Studies
Syracuse University
114 Hinds Hall
Syracuse NY 13244-4100
Phone 315-443-2911
Fax: 315-443-5673
Email: ismcert@syr.edu

Syracuse University fans turn out in tens of thousands to support the NCAA Division I sports teams at the Carrier Dome and other impressive athletic facilities on campus.
The Syracuse University campus features 170 collegiate buildings and 200-acres of landscaped grounds.
Headlines