CSC200 - Principles of Information Security

Outline info
Last revision date 2018-07-20 11:56:09.731
Last review date 2018-07-20 11:56:20.723

Subject Title
Principles of Information Security

Subject Description
This course provides students with a background in information security, security management, and the technical components of security. Students gain an overview of the entire field of information security: the history, the terminology, and the management aspects of information security programs with sufficient detail to facilitate an understanding of information security systems and their management.

Credit Status
One credit toward the Cyber Security Ontario College Graduate Certificate Program.

Learning Outcomes
Upon successful completion of this subject the student will be able to:

  1. Discuss the definition, key terms, concepts, and professional roles of Information Security.
  2. Identify organizational business needs, security program, threat and attack identification and issues facing software developers in Information Security.
  3. Describe the functions and relationships among laws, regulations, and professional organizations in Information Security with focus on how they apply to ethics in Information Security.
  4. Define the benefits of Risk Management including risk identification, risk control, risk mitigation and risk assessment.
  5. Describe the development, maintenance and enforcement of information security policy, standards, practices, procedures and guidelines and the integration with contingency, disaster recovery and business continuity planning.
  6. Identify the importance of Role of Access Control in information systems with a focus on firewall and VPN technology.
  7. Describe categories, operating models and methods of using intrusion detection, prevention systems, and honeypot technologies.
  8. Describe categories of scanning and analysis tools and various methods of access control.
  9. Describe the history of cryptography, the operating principles, and the behaviour of the dominant methods of attack.
  10. Discuss the relationship between information security and physical security with a focus on key physical security considerations and environmental considerations.
  11. Discuss considerations associated with the transitioning of an information security blueprint to a project plan.
  12. Describe the positioning of Information Security within organizations by addressing the concerns of staffing, enumerating credentials, supporting policies and practices and special requirements.
  13. Describe the need for ongoing maintenance of Information Security plans including recommended security management models, including key factors and procedure reviews.

Essential Employability Skills
Communicate clearly, concisely and correctly in the written, spoken and visual form that fulfils the purpose and meets the needs of the audience.

Respond to written, spoken, or visual messages in a manner that ensures effective communication.

Apply a systematic approach to solve problems.

Use a variety of thinking skills to anticipate and solve problems.

Locate, select, organize, and document information using appropriate technology and information systems.

Analyze, evaluate, and apply relevant information from a variety of sources.

Manage the use of time and other resources to complete projects.

Take responsibility for one's own actions, decisions, and consequences.

Cheating and Plagiarism
Each student should be aware of the College's policy regarding Cheating and Plagiarism. Seneca's Academic Policy will be strictly enforced.

To support academic honesty at Seneca College, all work submitted by students may be reviewed for authenticity and originality, utilizing software tools and third party services. Please visit the Academic Honesty site on for further information regarding cheating and plagiarism policies and procedures.

All students and employees have the right to study and work in an environment that is free from discrimination and/or harassment. Language or activities that defeat this objective violate the College Policy on Discrimination/Harassment and shall not be tolerated. Information and assistance are available from the Student Conduct Office at

Accommodation for Students with Disabilities
The College will provide reasonable accommodation to students with disabilities in order to promote academic success. If you require accommodation, contact the Counselling and Disabilities Services Office at ext. 22900 to initiate the process for documenting, assessing and implementing your individual accommodation needs.


Topic Outline

  • Intro to Information Security
  • The Need for Security
  • Legal, Ethical and Professional Issues in IT Security
  • Risk Management
  • Planning for Security
  • Security Technology: Intrusion Detection and Prevention Systems
  • Cryptography
  • Physical Security
  • Implementing Information Security
  • Security and Personnel
  • Information Security Maintenance

Mode of Instruction
This course is delivered online. This course may involve the use of digital materials and/or a text, group discussions, interaction with your instructor and online activities.

Prescribed Texts

Text book 1  
Title Principles of Information Security
Author Michael E. Whitman, Herbert J. Mattord
Publisher Nelson
Edition 5th Edition
ISBN 13:978-1-285-44836-7

  Textbook 2
Title Hands-on Information Security Lab Manual
Author Michael E. Whitman, Herbert J. Mattord
Publisher Nelson
Edition 5th Edition
13: 978-1-285-16757-2

Promotion Policy

Grading Policy
A+ 90%  to  100%
A 80%  to  89%
B+ 75%  to  79%
B 70%  to  74%
C+ 65%  to  69%
C 60%  to  64%
D+ 55%  to  59%
D 50%  to  54%
F 0%    to  49% (Not a Pass)
EXC Excellent
SAT Satisfactory
UNSAT Unsatisfactory

For further information, see a copy of the Academic Policy, available online ( or at Seneca's Registrar's Offices.

Modes of Evaluation
Grading is based on the following marking scheme:

Tests (2 x 15%) 30%
Assignments (2 x 15%) 30%
Final Examination* 40%

Please retain this course outline document for future educational and/or employment use.

Approved by: Robin Richardson