Secure Operations

IE59000

Credit Hours:

Learning Objective:

This course will provide you with a better understanding of how security principles should be integrated into operations once an application or cyber system has been deployed into production.

Description:

To begin, we will provide an overview of the cyber threat landscape and discuss general frameworks for conceptualizing intrusions and defenses. Topics include both proactive (e.g., monitoring, patching) and reactive (e.g., incident response) processes, as well as approaches to end-of-life processes such as decommissioning and disposal. As part of the course, you will also learn about the current legislative and regulatory environment within which production systems operate, such as laws governing data privacy and security controls. While we focus primarily on the United States, companies increasingly operate across national boundaries, so we will also discuss relevant international regulations, directives, and agreements. Finally, we will examine risk assessment and risk management as a framework for navigating the economic tradeoffs associated with securing operations.

Topics Covered:

By the end of the course, students should be able to: - identify weaknesses in hypothetical security protocols and recommend improvements - summarize the similarities and differences in various approaches to monitoring, patching, and incident response - assess the implications of security-related policies, laws, and norms on system operations - evaluate what changes would be required to comply with proposed new policy requirements - structure an analysis of economic impacts associated with best practices and regulatory compliance

Prerequisites:

Applied / Theory:

50 / 50

Web Address:

https://engineering.purdue.edu/SecureDesign/Courses/secure-operations

Web Content:

Anatomy of an Intrusion, and the Cyber Kill Chain Framework, Defense-in-Depth, Red Teams, Blue Teams, Threat Actors, Legal and Regulatory Environment, Risk Analysis and Economic Decision-Making

Textbooks:

J. Sherwood, A. Clark, D. Lynas. 2005. Enterprise Security Architecture: A Business-Driven Approach. San Francisco, CA: CMP Books. D. Clark, T. Berson, and H. S. Lin, editors. 2014. At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues. National Academies Press.

Computer Requirements:

ProEd Minimum Requirements:

view

About Us

WHY PURDUE UNIVERSITY

LEARN MORE

OUR TEAM & RESOURCES

Online Programs & Courses

MASTER'S DEGREES

GRADUATE CERTIFICATIONS

PROFESSIONAL CERTIFICATIONS

Online Programs & Courses

PROFESSIONAL COURSES

COURSES

What’s Next for Prospective Students

APPLY

MASTER'S DEGREE APPLICANTS

GRADUATE CERTIFICATE & NON-DEGREE ADMISSIONS INFORMATION

Student Resources

QUICK RESOURCES

YOUR COURSES

EXAMS