Papers
Network Security is a complicated course to teach requiring extensive hands-on experience to fully develop the students knowledge base. To help facilitate comprehensive lab exercises, NYU-Poly developed VITAL – a Xen-based, remotely accessible, open source virtualization platform designed around the classroom environment.
The need to use a practice and application oriented approach in information security education is paramount. A security education curriculum that does not give the students the opportunity to experiment in practice with security techniques cannot prepare them to be able to protect efficiently the confidentiality, integrity, and availability of computer systems and assets. In this paper, first we discuss security issues with stateless basic packet filtering, and the concepts of stateful TCP, UDP and ICMP packet filtering. Then, we describe a comprehensive hands-on lab exercise implementation about how to identify whether a given firewall performs stateless or stateful packet filtering.
HIPAA is an example of full-featured security regulation that is also concerned with privacy. Exposing students to this real-world regulation helps students to realize that the security that they are learning is actually required by law. It also provides them useful knowledge for when they interview, and enter the workforce. The Health First Case Study enables students to work with a hypothetical Doctor’s office, which must adhere to HIPAA. Through the case study exercises, students continually refer to the HIPAA regulation, to ensure that they are in compliance.
Information security programs teach dangerous skills to their students. Despite our best efforts as instructors and mentors, some students will use these skills in inappropriate, and sometimes illegal, ways. As a result, students jeopardize their careers, hurt others, and put their institution’s entire information security program at risk. In this article, we present results from interviews with information security instructors from academic and government information security education programs. This article includes analysis of real-world incidents where students crossed the line in using their skills, and suggests best practices for deterring student misbehavior as well as techniques for mitigating damage and maximizing learning when an incident does occur.
The Colloquium™ recognizes that the protection of information and infrastructures that are used to create, store, process, and communicate information is vital to business continuity and security. The goal of The Colloquium™ is to work together to define current and emerging requirements for information assurance education and to influence and encourage the development and expansion of information assurance curricula, especially at the graduate and undergraduate levels.
If you value our mission of service, please consider making a donation, or supporting the organization through charitable pledges.
Recent Posts
28th Colloquium - Writers Workshop
CISSE's next Writers Workshop is scheduled for April 25, 2024. This series is tailored for professionals and academics seeking to enhance their publication skills and amplify the impact of their research. This webinar is complimentary and will be hosted by CISSE's Editorial Committee.
28th Colloquium - Opportunities
The Colloquium for Information Systems Security Education™ offers a distinctive platform for showcasing your organization with precision, targeting not just cybersecurity enthusiasts, but the educators in cybersecurity.
Copyright © 2024 CISSE™. All rights reserved.