GASTRONOMY AND CULINARY ARTS | |||||
Bachelor | TR-NQF-HE: Level 6 | QF-EHEA: First Cycle | EQF-LLL: Level 6 |
Course Code | Course Name | Semester | Theoretical | Practical | Credit | ECTS |
COP4456 | BGA- Information Security | Spring Fall |
3 | 0 | 3 | 6 |
This catalog is for information purposes. Course status is determined by the relevant department at the beginning of semester. |
Language of instruction: | English |
Type of course: | Non-Departmental Elective |
Course Level: | Bachelor’s Degree (First Cycle) |
Mode of Delivery: | Face to face |
Course Coordinator : | Dr. Öğr. Üyesi GÖRKEM KAR |
Course Objectives: | This course is designed to teach students how to engage all functional levels within the enterprise to deliver information system security. To this end, the course addresses a range of topics, each of which is vital to securing the modern enterprise. These topics include inter alia plans and policies, enterprise roles, security metrics, risk management, standards and regulations, physical security, and business continuity. Each piece of the puzzle must be in place for the enterprise to achieve its security goals; adversaries will invariably find and exploit weak links. |
The students who have succeeded in this course; 1) Assess the current security landscape, including the nature of the threat, the general status of common vulnerabilities, and the likely consequences of security failures 2) Critique and assess the strengths and weaknesses of general cybersecurity models, including the CIA triad 3) Appraise the interrelationships among elements that comprise a modern security system, including hardware, software, policies, and people 4) Assess how all domains of security interact to achieve effective system-wide security at the enterprise level. 5) Compare the interrelationships among security roles and responsibilities in a modern information-driven enterprise—to include interrelationships across security domains (IT, physical, classification, personnel, and so on) 6) Assess the role of strategy and policy in determining the success of information security; 7) Estimate the possible consequences of misaligning enterprise strategy, security policy, and security plans, 8) Assess the role of good metrics and key performance indicators (KPIs) in security assessment and governance, 9) Create a good set of information security metrics 10) Evaluate the trends and patterns that will determine the future state of cybersecurity. |
The Security Environment ,Principles of Cybersecurity,Cybersecurity Management Concepts, Cybersecurity Management Concepts, Enterprise Roles and Structures, Strategy and Strategic Planning, Security Plans and Policies, Security Standards and Controls, Risk Management, Security Metrics and Key Performance Indicators (KPIs), Security Education Awareness, Training, Physical Security and Environmental Events, Contingency Planning , Security Education, Training, and Awarenes, The future of cybersecurity |
Week | Subject | Related Preparation |
1) | The Security Environment Threats, vulnerabilities, and consequences Advanced persistent threats The state of security today Why security matters to TSE | |
2) | "Principles of Cybersecurity • Cybersecurity models (the CIA triad, the star model, the Parkerian hexad) • Variations on a theme: computer security, information security, and information assurance " | |
3) | "Cybersecurity Management Concepts: Security governance Management models, roles, and functions | |
4) | " Enterprise Roles and Structures: Information security roles and positions Alternative enterprise structures and interfaces | |
5) | " Strategy and Strategic Planning: • Strategy • Strategic planning and security strategy • The information security lifecycle • Architecting the enterprise " | |
6) | " Security Plans and Policies: • Levels of planning • Planning misalignment • The System Security Plan (SSP) • Policy development and implementation | |
7) | "Security Standards and Controls: • Security standards and controls • Certification and accreditation (C&A) | |
8) | " Risk Management : • Principles of risk • Types of risk • Risk strategies • The Risk Management Framework (RMF) | |
9) | " Security Metrics and Key Performance Indicators (KPIs) : • The challenge of security metrics • What makes a good metric • Approaches to security metrics • Metrics and FISMA " | |
10) | " Security Education Awareness, Training: • Human factors in security • Developing and implementing a security training plan • Cross-domain training (IT and other security domains) | |
11) | " Physical Security and Environmental Events : • Physical and environmental threats • Physical and environmental controls | |
12) | " Contingency Planning Developing a contingency plan • Understanding the different types of contingency plan • Responding to events " | |
13) | "Security Education, Training, and Awarenes • Human factors in security • Developing and implementing a security training plan • Cross-domain training (IT and other security domains) | |
14) | "The future of cybersecurity • Key future uncertainties • Possible future scenarios • How to apply what you’ve learned |
Course Notes / Textbooks: | Information Security: Principles and Practice - Jon Erickson |
References: |
Semester Requirements | Number of Activities | Level of Contribution |
Quizzes | 2 | % 10 |
Homework Assignments | 3 | % 15 |
Project | 1 | % 15 |
Midterms | 1 | % 20 |
Final | 1 | % 40 |
Total | % 100 | |
PERCENTAGE OF SEMESTER WORK | % 45 | |
PERCENTAGE OF FINAL WORK | % 55 | |
Total | % 100 |
Activities | Number of Activities | Duration (Hours) | Workload |
Course Hours | 14 | 3 | 42 |
Study Hours Out of Class | 14 | 3 | 42 |
Homework Assignments | 3 | 7 | 21 |
Midterms | 1 | 15 | 15 |
Final | 1 | 25 | 25 |
Total Workload | 145 |
No Effect | 1 Lowest | 2 Low | 3 Average | 4 High | 5 Highest |
Program Outcomes | Level of Contribution | |
1) | - Possess advanced level theoretical and practical knowledge supported by textbooks with updated information, practice equipments and other resources. | 2 |
2) | Use of advanced theoretical and practical knowledge within the field. -Interpret and evaluate data, define and analyze problems, develop solutions based on research and proofs by using acquired advanced knowledge and skills within the field. | 4 |
3) | Inform people and institutions, transfer ideas and solution proposals to problems in written and orally on issues in the field. - Share the ideas and solution proposals to problems on issues in the field with professionals and non-professionals by the support of qualitative and quantitative data. -Organize and implement project and activities for social environment with a sense of social responsibility. -Monitor the developments in the field and communicate with peers by using a foreign language at least at a level of European Language Portfolio B1 General Level. -Use informatics and communication technologies with at least a minimum level of European Computer Driving License Advanced Level software knowledge. | 5 |
4) | Evaluate the knowledge and skills acquired at an advanced level in the field with a critical approach. -Determine learning needs and direct the learning. -Develop positive attitude towards lifelong learning. | 3 |
5) | Act in accordance with social, scientific, cultural and ethic values on the stages of gathering, implementation and release of the results of data related to the field. - Possess sufficient consciousness about the issues of universality of social rights, social justice, quality, cultural values and also, environmental protection, worker's health and security. | 3 |
6) | Conduct studies at an advanced level in the field independently. - Take responsibility both as a team member and individually in order to solve unexpected complex problems faced within the implementations in the field. - Planning and managing activities towards the development of subordinates in the framework of a project | 3 |