| Course Name: CISSP (Certified Information Systems Security Professional) |
Term and Session: |
| Course ID: CTS 3128C |
Reference Number: |
Faculty Contact Information
| Instructor Name: | Victor Arenas |
| BC Online Phone: | 954-201-6165 |
| Fax: | 954-201-7937 |
| Email: | Please use the D2L email tool. Use my BC email ONLY if you are unable to access the course email: varenas@broward.edu |
| Online Office Hours: | Day(s)/Time(s): Tuesdays, Wednesday, Thursday 3:00 PM to 6:00 PM Meeting Location: Chat, Discussion, Pager, or outside program such as Skype. I will be online during these days and hours. |
| BC Safety Phone #: | 954-201-HELP (4357) |
Course Description
This course supports the Certified Information Systems Security Professional (CISSP) exam, an ISO/IEC 17024 ANSI accredited, internationally recognized benchmark information security certification designed for information security professionals. Students will explore an internationally accepted common body of knowledge encompassing eight (8) security domains which include Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, and Software Development Security.
General Course Outcomes
By the end of the course, students will be able to understand and/or demonstrate:
1.0 Security and Risk Management, addresses a broad spectrum of general information security and risk management topics beginning with coverage of the fundamental security principles of confidentiality, availability and integrity upon which all information security functions are based. The Security and Risk Management Domain then builds upon these concepts in the areas of security governance and compliance and candidates will be tested on both.
2.0 Asset Security addresses the collection, handling and protection of information throughout its lifecycle. The classification of information and supporting assets forms the basis for all covered topics within this domain and candidates are expected to be well versed in this area. Ownership, as it relates to information, systems, and business processes, goes hand in hand with classification and is the second covered topic in the asset security domain.
3.0 Security engineering may be defined as the practice of building information systems and related architecture that continue to deliver the required functionality in the face of threats that may be caused by malicious acts, human error, hardware failure and natural disasters. It is the natural expression of the underlying security principles of confidentiality, integrity and availability in systems engineering and involves the incorporation and integration of security controls, behaviors and capabilities into information systems and enterprise architecture.
4.0 The communication and network security domain encompasses the network architecture, transmission methods, transport protocols, control devices, and the security measures used to maintain the confidentiality, integrity and availability of information transmitted over both private and public communication networks.
5.0 Identity and access management involves provisioning and managing the identities and access used in the interaction of humans and information systems, of disparate information systems, and even between individual components of information systems.Compromising an identity or an access control system to gain unauthorized access to systems and information also happens to be the net goal of almost all attacks involving the confidentiality of data so it is an area where information security professionals should invest a considerable amount of time.
6.0 Security assessment and testing involves the evaluation of information assets and associated infrastructure using various tools and techniques for the purposes of identifying and mitigating risk due to architectural issues, design flaws, configuration errors, hardware and software vulnerabilities, coding errors, and any other weaknesses that may affect an information system’s ability to deliver its intended functionality in a secure manner.
7.0 The security operations domain represents a broad range of topics involving the application of information security concepts and best practices to the operation of enterprise computing systems. It is practical in nature and intended to cover the tasks andsituations that information security professionals are expected to perform or are presented with on a daily basis.
8.0 The last domain of the CISSP examination, software development security, involves the application of security concepts and best practices to production and development software environments.
Methods of Instruction
This is a 3-credit hour fully online course with a proctored final exam: (ISC)2 certification exam. In this class, you will engage in structured online activities. See the course schedule for a detailed description of activities. This course uses the uCertify platform. You will work in uCertify to review content and complete Exercises. There are no on-campus meetings. Students are responsible for regularly reviewing the course schedule and completing all required assignments. To proceed through this course, you will should log on to BC Online and use the link in this course to access uCertify. This way you will see all course announcements, the course calendar, your grades, and any e-mails from your instructor.
Textbook and Materials
| Required Text
Title: CISSP – CERTIFIED INFO SYSTEMS SECURITY PROFESSIONAL Books for online courses are available at the Central Campus bookstore: |
Class Activities
Read and refer to this section regularly. It will tell you what assignments you should complete, and how to complete them. Deadlines for assignments, assessments, discussions, quizzes, tests, and all other graded and non-graded activities are posted in the course schedule. Submitting work late will be permitted only under extenuating circumstances and only with prior notification and documentation (original funeral notice, original doctor note, etc.).
Discussions
Respond to the discussion question and then react to at least 2 posts from fellow students. Your main post must be at least 150 words in length, and it must thoughtfully address the question asked. Include examples and links resources if appropriate. Please make your original post early. However you must make the initial post prior to the due date. Initial posts made on the due date will lose points for being late.
Use the general discussion thread to post questions that might be of interest to all students such as questions about assignments, tests, etc. Feel free to respond to other students with thoughtful responses. Proofread the content of your posts before making them public; proper grammar and sentence structure are expected. Remember that the discussion tool is public – all enrolled students will be able to view posts and responses. Please follow proper netiquette. Grades for discussion postings will be posted within five working days after the discussion has closed. If you need general information and support for the discussion tool visit the discussion tutorial page.
Assignments
Assignments may be submitted only during the availability dates as specified in your syllabus. The submission of an assignment is the sole responsibility of the student. Students should not leave assignment preparation until the last minute and must plan their workloads so as to be able to meet the deadlines. Assignments submitted after the due date and time will only be accepted if prior arrangements have been made with the instructor. Assignments should not be mailed, faxed or emailed directly to your instructor unless otherwise directed. You should keep an electronic copy of all assignments. Grades for assignments will be posted within five working days of the closing date of the assignment. If you need general information and support with assignments visit the assignment tutorial page.
Assessments
Assessments may be taken only during the availability dates as specified in the course schedule. The submission of an assessment is the sole responsibility of the student. Please allow ample time to complete assessments and be observant of the time limit. Make sure you have a solid internet connection. Most online quiz and exam grades will be available after finishing the quiz or exam. If you need general information and support with assessments visit the assessment tutorial page.
It is at the discretion of the instructor to offer a make-up exam. Make-up exams will only be considered under extenuating circumstances, and with prior notification and documentation (original funeral notice, original doctor note, etc.). Scheduling conflicting appointments and vacations are not valid reasons for requesting a make-up exam.
Students will have the choice to take either the Proctored Final Exam here in D2L using Proctortrack OR taking the OPTIONAL Final Proctored Certification Exam.
Proctored Final Exam
A student taking a proctored Exams and/or Quizzes will do so using Proctortrack. Proctortrack is a free service that allows you the student to take an exam from a remote location using his/her own webcam and microphone while being proctored.
How It Works
- Review Proctortrack’s technical requirements page to make sure your computer, webcam, and microphone meet the minimum requirements.
- Complete the Proctortrack onboarding during the orientation period. Directions on completing the onboarding can be found in the Proctortrack module in the course.
Notify your instructor at the beginning of the course if you have questions, or have documentation requiring special accommodations for exams.
OPTIONAL Final Proctored (ISC)2 Certification Exam
You will take your OPTIONAL final exam in a Pearson VUE testing center. There is a Pearson VUE testing center on Central Campus.
Please notify your instructor at the beginning of the course if you have documentation requiring special accommodations for exams, as you must make an accommodation request directly with Pearson VUE, and it takes some time (https://home.pearsonvue.com/test-taker/Test-accommodations.aspx). You can visit the (ISC)2 site to find out more information, and see an overview of a (ISC)2 exam as well as other helpful tips by clicking here.
Class Schedule
See it in D2L
Grades
How your Grade will be Determined
|
Assessment |
Percent of Final Grade |
|
Course Overview Module (3 grades) |
5% |
|
Lesson Quizzes and Practice Exams (25 grades) |
15% |
|
Discussions (9 grades) |
15% |
|
Module Lab Grades (18 grades) |
15% |
|
Online Training CISSP Certificates (7 grades) |
20% |
|
Kaplan IT Practice Exam Exercises (1 grade) |
10% |
|
Proctored Final Exam (1 grade) |
20% |
|
OPTIONAL: Students may sit for the (ISC)2 CISSP Certification Exam. (ISC)2 does not offer vouchers. Students choosing this option must pay for the exam, and depending on your results can submit for reimbursement. A passing score will be reimbursed at 100%, a failing score will be reimbursed at 50%. Passing score results in an Automatic A for the course, a failing score will result in a grade of 70 and will be weighted as 20% in the final grade calculation. This is completely optional, students are not required to sit for the Certification Exam as part of this course. |
|
| Total | 100% |
|
Grading Scale |
|
|
Grades |
Percentage |
|
Grade = A |
90-100+% |
|
Grade = B |
80-89% |
|
Grade = C |
70-79% |
|
Grade = D |
60-69% |
|
Grade = F |
0- 59% |
Policies and Procedures
You are responsible for being familiar with all BC Online policies and procedures related to your activity in this course.
Attendance Verification
You are expected to participate in an academic activity to be considered “present” in the course. You must complete an academic activity during the first week of the course, so that it is done before the attendance verification date. The academic activity is usually the syllabus or orientation quiz or a discussion post. Just logging into the course or sending an email to your instructor will not satisfy the attendance requirement. Like your on-campus courses, if you are reported for non-attendance in an online course and then withdrawn, you are still responsible for paying for the course. If for any reason you cannot complete the attendance verification requirement before the deadline, make certain to drop the course by the official drop/add deadline or you will still have to pay for the course.
Participation
You must regularly and actively participate in class activities if you want to succeed in this course. You must log in multiple times throughout the week to check your email, the announcements, and class discussions, or you may miss critical course information. Communication with your professor is very important and plays a vital role in your success.
Withdrawal policy
Keep in mind that it is your responsibility to withdraw from this course. If you stop participating and do not withdraw by the deadline, you may receive an F.
Academic Honesty
Upon gaining access to access to D2L you are expected to keep your username and password confidential. Sharing access or passwords to D2L is considered a breach of the academic honesty policy and could result in you being removed from your class. When you log-in to D2L, you do so with the understanding and agreement that you will produce your own work, complete class assignments and discussions yourself, and to take class exams, tests or quizzes without the assistance of others.
Your academic work must be the result of your own thought, research, or self-expression. Academic misconduct includes, but is not limited to the following: cheating, plagiarism, unacceptable collaboration, falsification of data, aiding and abetting dishonesty, unauthorized or malicious interference, hacking computer property or software, and online disturbances. Please refer to the Student Code of Conduct Policy and the Student Code of Conduct section located in the Student Handbook for more information.
All required class activities are subject to submission to Turnitin.com for the detection of plagiarism. All submitted papers will be included as source documents in the Turnitin.com reference database solely for the purpose of detecting plagiarism of such papers.
Types of Academic Dishonesty:
- Cheating: Is defined as obtaining or attempting to obtain, or aiding another to obtain credit for work by dishonest or deceptive means.
- Plagiarism: The use of words or ideas of the original creator without attribution as if they were your own. Plagiarism ranges from copying someone else’s work verbatim and elaborating on or altering someone else’s work.
- Self-Plagiarism: Submitting or reusing parts of a previous paper without referencing source it was first submitted. This includes retaking a course and turning in previously submitted papers and data.
- Unacceptable Collaboration: Using answers, solutions, or ideas that are the results of collaboration without citing the fact of the collaboration is improper.
- Falsification of Data: Making up or falsifying information and data. Examples include making up or altering data for an experiment or citing reference to sources you did not actually use.
- Pay Services: Employing an assignment writing service or having another write the paper for you.
- Enabling: Aiding and abetting another student in an act of academic dishonesty. Examples include giving someone a paper to copy and allowing someone access to your account.
- Unauthorized or malicious interferences: If one person deliberately interferes with the work or activities of another person on purpose to cause the other harm or irreparable damages.
Academic honesty violations are considered a breach of policy and may result in academic penalties (zero points on the assignment/test in question, and/or a failing grade for the class), disciplinary action, and/or referral to the Dean of Student Affairs.
Student Grievance
Procedures for student grievances are found in the student handbook. In attempting to resolve any student grievance regarding grades, evaluations, or other fulfillments of academic responsibility, it is your obligation to make an effort to resolve the matter with your instructor. If the matter is not resolved with your instructor, then you may contact academic affairs associate dean.
Communication and Faculty Response
Communication
Use the D2L email tool only for private, personal, one-to-one communication with a specific individual, or groups of individuals. Do not send class related emails to the instructor’s BC email address. In the event that the class communication tools are unavailable for more than 24 hours, the instructor will communicate with students (if necessary) via their BC email address.
Faculty Response
Class emails will be answered within 24 hours. It is recommended that you post class-related questions in the discussion area. Other students may have the same questions as you or may even be able to answer your questions. If you need information related to a test or assignment, plan ahead and submit your questions in advance of the due date.
Netiquette
In all online communication, it is expected that all students will follow rules of online “netiquette”. Netiquette is a set of rules for polite online behavior that all members of this class are expected to follow. Review some of the general netiquette rules.
Individuals who violate the netiquette policy or engage in disruptive online behaviors such as flaming (posting disrespectful or hostile comments), posting inappropriate comments, or shouting (posting messages using all capitals) may have their class access privileges revoked and/or they may be referred to the Student Dean. Students who continue to engage in unacceptable online behavior even after being warned, may be permanently denied access to the class and/or may receive an F for the class.
Please don’t use email short hand like ROTFLO (rolling on the floor laughing out loud) or BTW (by the way) – not everyone knows what these abbreviations mean. If you want to use emoticons (smileys) to convey feelings, please stick with the basics happy 🙂 sad 🙁 or wink ;-). Others are less well known and are subject to different interpretations. The idea is to be clear in your communications.
Privacy Notice
Broward College is committed to the privacy of all students. In accordance with institutional policy and the U.S. Family Education Rights and Privacy Act of 1974 (FERPA), Broward College protects the privacy of student education records. The college does not release private records of individual students, such as grades and class schedules, without prior written consent of the student. However, privacy and public records obligations of the college are governed by applicable Florida statutes and U.S. federal laws.
Course access records, quiz scores grades, email postings, discussion postings, file submissions, and chat room conversations are stored. This is a good reason to make sure that your communications adhere to proper netiquette. Please refer to the student handbook for more information.
Critical Event Procedures
The health, safety and welfare of our faculty, staff, and students are of utmost importance, and we want to ensure that students are aware of the steps Broward College takes in preparing for an emergency event or severe weather. The BC Alert system uses a layered approach to communication, reaching out to the College community with emails, text messages, phone calls and postings to the web. In addition to the information that will be available through BC Alert, there are several hotlines that will be updated with College status information in the event of a storm or other emergency:
Emergency Hotline: 954-201-4900
In the event of a school closing due to weather or other major event that might impact class schedules, the instructor will post an announcement and/or send an email indicating what changes, if any, the event will have on the course schedule and due dates.
Changes to the Syllabus
The instructor reserves the right to make changes to the class syllabus. The syllabus is a guide and every attempt is made to provide an accurate overview of the class. However, circumstances and events may make it necessary for the instructor to modify the syllabus during the semester which may depend on the progress, needs, and experiences of the students. Changes to the syllabus will be made with advance notice. In the event that changes become necessary, students will be notified through class email, the discussion board, and/or the announcements tool.
Disability Services
If you need academic accommodations and/or disability services support, you must contact the Office of Disability Services (ODS). It is your responsibility to contact the ODS to document disability prior to receiving services. You must notify the instructor that you have registered with the ODS and provide the instructor a copy of the ODS letter. Your documentation and any related communication with your instructor remain strictly confidential.
Technical Resources
When taking any online course, you should know how to use an internet browser, a word processing program, send and receive e-mail, and download and upload files. Some online courses use additional software. Refer to the Class Schedule and Assignments section below for additional details. Although the help desk strives to assist our students in the best way possible they cannot be held responsible for class hardware and/or software purchases that are found to be unsatisfactory, insufficient, defective, misused, or incompatible with current system setups.
Visit the technical requirements page for a complete list of system and software requirements.
- Password Reset
- If your password does not work or you forgot it, click this link to reset it: student password reset.
- If you need further support, please contact the BC help desk at 954-201-7521 or helpdesk@broward.edu.
- Technical Problems
- If you need help using D2L, you can review the step-by-step tutorials
Help Desk
For year-round, 24 hour technical assistance, please visit the 24/7 Help Desk page.
