SYLLABUS

INFORMATION TECHNOLOGY EDUCATION

Course Title and Number: Instructor:

Designing Secure Software CIS2615 Debbie Reid
Year and Term: Course Credits: Office Location:
2015 Spring 3 N211
Office Phone: Office Hours: Class Location:
352.395.4402 See instructor page online
Meeting Time/Days: Email Address:
N/A online course debbie.reid@sfcollege.edu
Web Page Address: Fax Number:
http://home.ite.sfcollege.edu/~debbie.reid 352.395.4154

Course Description This course is designed to involve security in the planning and delivery of
(as it appears in the approved software systems. This extends from the management of a project to the
College Course Outline) implementation of projects primarily or partially comprised of software.
From basic terminology to an understanding of the situation that security
professionals and developers face in the current climate of cybercrime and
rampant malicious software will be covered.
Prerequisites  NO, prerequisite for this course.
 YES, prerequisite information:
COP2000 and CTS1131 are prerequisites for this course. If you did not pass
these courses with a "C" or higher, you may be administratively withdrawn
from this course within the refund period. This withdraw could affect your
financial aid and/or academic standing. If you are uncertain about whether
you have passed COP2000 and CTS1131 with a "C" or higher, check eSantaFe
or with your advisor within the first week of class to ensure you have met
the course prerequisites.

Course Objectives After completing this course, students will be able to:
Reflecting Expected  Identify threat agents in the software environment.
Student Learning  Identify where security policies need to be established.
Outcomes  Determine necessary training for personnel.
 Define weaknesses in the current system in preparation for new
development.
 Identify threats to network communication.
 Identify proper applications and cryptosystems to the protection of
network traffic.
 Assess the needs of a message in transit.
 Plan the network communication structure to meet business
objectives.
 Describe common security flaws applicable to operating systems.
 Apply disaster and recovery techniques to operating systems.
 Identify common attacks against programming languages.
 Identify mitigation techniques to prevent malicious input.
 Determine the highest risks to the use of an API or library.
 Identify how to secure existing requirements.
  Identify and prioritize system vulnerabilities.
 Identify security issues in a given architecture.
 Perform variable and data tracking throughout the software system.
 Identify objectives for penetration testing in a system.
 Perform a code review.
 Identify where input is likely to be forged in the system.
 Properly apply input validation.
 Understand the access points into a system.
 Mitigate the security vulnerabilities of browsers and client-side
systems.
 Build security into a web application.

Grading
Students who need reasonable accommodation should contact the
instructor or call the Disability Resources Center at 352-395-4400.

Grading Scale and Standards:

Grade Components Grade Scale

Hands-on Labs 30% 90 - 100 A
Exams 30% 85 - 89 B+
Assignments 30% 80 - 84 B
Final Exam 10% 75 - 79 C+
70 - 74 C
65 - 69 D+
60 - 64 D
0 - 59 F

Disclaimer Regarding Grade Changes:

Grading will be based on objective standards as well as such
subjective criteria as overall impression, thoroughness, attention to
detail, and extra effort. Completing the minimum requirements
does not guarantee an A grade for projects and assignments.
Excellent grades are reserved for outstanding work. Also, it is your
instructor’s prerogative not to accept sloppy or incomplete
assignments.

Text(s) Required Text(s), Title(s), Author(s) and Edition(s):

Secure Software Design by Theodor Richardson, PhD
Jones and Barlett Publishing
ISBN: 978-1-449-62632-7

Required External storage may be needed to store class projects when working in K-
Course Materials bldg labs. For this purpose, we recommend all students have a 16+ GB
external USB drive or USB flash drive.

Policies on Missed This is a self-paced, competency based course. Students should follow the
Exams and Late Work: schedule as indicated in the course syllabus and course calendar to ensure
they stay on track for successful completion of the course. All assignments
must be completed before the last day of the course. Any assignments
completed after that date will not be included in your grade calculation.
The on campus final exam or (ISC)2 SSCP exam is required to pass the course.
Please check the course schedule for the date and time of the final exam.
Recommended Course
Materials
Final Exam The on campus final exam is required to pass the course. See the class
calendar below for date, time & location.
The final exam grade will be recorded as the students score divided by the
required passing score. Students passing the certification exam will be
guaranteed a “C” in the course, any grade above “C” will be based on the
grading formula outlined in the course syllabus.

Policies and Guidelines

Cell Phone Use Policy

Given the disruptive potential posed by cell phones, students are required to keep cell phones off during
class lectures. Use of cell phones during lab exercises are permissible, but please consider those around
you.
Time Commitment:
When taking a college level course you should expect to spend two to three hours per credit hour outside
of class on homework, reading and studying. This includes attending open lab to work on class
assignments. Use the following chart as a guide for expected time allocation. Note: this formula is based on
a 15 week semester, for 6 week summer semesters you must multiply the weekly commitment by 2.5.
Class Load Time Commitment
3 credit class 6-9 hours per week 3 credit on-line class 9-12 hours total per week
(includes class time +
study time) 12 credit full load
schedule 24 - 36 hours per week (total commitment 36-48
hours per week)

Student Lab Responsibility:

The student labs are provided so that our students can have hands-on access to the technologies they are
learning in their classes. It is very expensive to maintain these labs. It is your responsibility to ensure that
these labs stay in top condition so that they provide the best learning environment possible. When working
in lab, please respect other students, and the equipment, software and tools that have been provided to
you. Removable drives are delicate and should be handled with care to ensure they last as long as possible.
Treat them as if they were your own (they are!). Clean up after yourself. Return all supplies and equipment
to their proper locations when you are finished with them. Leave your workspace and your equipment so
that the next student has a positive learning experience. If you do experience any problems that need to
be repaired, please notify our technical support staff and/or your instructor. You can notify the technical
support staff by completing the on-line problem report.
This account will give you access to network services that will be utilized in your networking courses. This
account and password are for authorized student use only. It is your responsibility to protect this account
from unauthorized access, and to use this account only for completing class assignments and
learning the material presented in your courses. If you share this account with anyone you can expect to
have your account closed and lose your privilege to access the student practice servers. When using this
account follow courteous and ethical practices, and do not knowingly do anything that would alter
another student’s work or jeopardize the integrity of the server’s operation.

By agreeing to this course syllabus, you are acknowledging you have received, reviewed and agree to the
Networking Services Technology student network
policy and student network account agreement.
Availability of Tutoring, Learning Lab, Academic Support
All networking classes include lab assignments, which, may need to be completed during network ing open
lab hours. You should plan on 2-3 hours per week of lab time for each three credit hour class. When
registering for networking classes you are making a commitment you will arrange your schedule so that
you can attend lab to complete assignments. Regular Open Lab attendance is just as important as regular
classroom attendance, and is part of your scheduled course. The current lab schedule is posted at
http://home.ite.sfcollege.edu/hours.php (http://home.ite.sfcollege.edu/hours.php%20) .
Friday lab hours were designed to accommodate our traditional daytime students. Daytime classes are
scheduled for M/W or T/H with no scheduled Friday class meetings. This ensures there are no conflicting
classes and you can work uninterrupted in lab. Friday is considered a class day and a regular part of
your class schedule; it is NOT a free day off. Afternoon and Sunday hours are scheduled to accommodate
both our daytime, and our nighttime students.
Please arrange your schedule so that you can attend open lab hours as needed to be successful in your
course.

NST student network policy.

This account will give you access to network services that will be utilized in your networking courses. This
account and password are for authorized student use only. It is your responsibility to protect this account
from unauthorized access, and to use this account only for completing class assignments and learning the
material presented in your courses. If you share this account with anyone you can expect to have your
account closed and lose your privilege to access the student practice servers. When using this account
follow courteous and ethical practices, and do not knowingly do anything that would alter another
student’s work or jeopardize the integrity of the server’s operation.
*Children in the Classroom
Children represent a disruptive element for the classroom. They also increase the risk of accidents
occurring in the lab. For those reasons, children should not be brought to either the classroom or the
laboratory.
*Academic Honesty: Plagiarism And Cheating
Academic honesty is expected, and the instructor reserves the right to respond to cheating, plagiarizing, or
other forms of unethical behavior with penalties up to and including removal from the class and/or failure
in the course. The instructor also reserves the right to make necessary adjustments to the syllabus.
*Academic Ethics and Confidentiality
It is the responsibility of everyone engaged in the learning experience to respect the rights and feelings of
their fellow learners. Information gathered in the classroom and from on-line discussions and exercises is
to be considered confidential. At the same time, students must recognize that the instructor and the
College cannot guarantee the confidentiality of what the student may choose to disclose. Students must
use their own discretion when engaging in classroom discussion.
*Classroom Behavior
Instructors have the responsibility to set and maintain standards of classroom behavior appropriate to the
discipline and method of teaching. Students may not engage in any activity which the instructor deems
disruptive or counterproductive to the goals of the class. Students are required to keep cell phones off
during class lectures, unless there is permission in advance from the instructor. Instructors have the right
to remove offending students from class. Repetition of the offense may result in expulsion from the
course. Students are expected to be courteous to others and that includes coming to class on time.
*Student Conduct
Opt #1: Students must read and be familiar with the Code of Conduct as published in the Student
Handbook, policies and procedures as outlined in campus publications, Santa Fe policies.

Opt. #2: Students in this (or any) program of study should be especially aware of the severe consequences
of plagiarism. Students that submit work that is not their own will be dealt with quickly and severely.

Opt. #3: Students that have a concern regarding any inappropriate conduct should bring it to the attention
of their instructor or Department Chair immediately. Inappropriate conduct situations will be reviewed
immediately.

Opt. #4: Students taking this course should be aware of the potential diversity of the artistic perception of
the participants - particularly as applicable to violence, artistic statements, and nudity. Please keep your
material and remarks professional and appropriate and be sensitive to individuals that have views different
than your own.
*Americans with Disability Act – Disability Accommodation Statement
SFC recognizes the contribution that a diverse student body brings to the educational experience. If you
have a documented disability that may require assistance, you will need to contact the Disability Resources
Center for coordination of your academic accommodations. The Disability Resources Center Office is
located on Santa Fe’s NW campus in Student Support Services, Room 229. Please call the following
number for more information 352-395-4400.
*Discrimination/Harassment Policy
It is the policy of Santa Fe College that there will be no discrimination or harassment on the grounds of
race, color, gender, marital status, sexual orientation, religion, national origin, age, political affiliation,
parental status, veteran status or disability in any educational programs, activities or employment. Persons
having questions about equal opportunity and nondiscrimination should contact the Vice President of
Student Affairs in R-211E. Phone 352 395-5648. All other issues, concerns, and complaints should also be
directed to the Associate Vice President for referral to the appropriate administrator.