Provide a reflection of at least 500 words (or 2 pages double spaced) of how the knowledge, skills, or theories of this course have been applied, or could be applied, in a practical manner to your current work environment. If you are not currently working, share times when you have or could observe these theories and knowledge could be applied to an employment opportunity in your field of study. 


This assignment is a written assignment where students will demonstrate how this course research has connected and put into practice within their own career (Software Engineer).

Provide a reflection of at least 500 words (or 2 pages double spaced) of how the knowledge, skills, or theories of this course have been applied, or could be applied, in a practical manner to your current work environment. If you are not currently working, share times when you have or could observe these theories and knowledge could be applied to an employment opportunity in your field of study.


Provide a 500 word (or 2 pages double spaced) minimum reflection.

Use of proper APA formatting and citations. If supporting evidence from outside resources is used those must be properly cited.

Share a personal connection that identifies specific knowledge and theories from this course.

Demonstrate a connection to your current work environment. If you are not employed, demonstrate a connection to your desired work environment.

You should NOT, provide an overview of the assignments assigned in the course. The assignment asks that you reflect how the knowledge and skills obtained through meeting course objectives were applied or could be applied in the workplace.

SBlue 0-59-112

School of Computer & Information Sciences COURSE SYLLABUS

Course Name: ISOL 631 – Operations Security Section – 06 Summer 2020– Second Bi-term – Asynchronous Online Course Residency Session Date: no residency    Residency Session Course Site: N/A
Professor: Dr. Jacquelyne L. Lewis
Contact Information: Office Hours: By appointment


Online Support (IT) and I-Learn Policy: All members of the University of the Cumberlands’ community who use the University’s computing, information or communication resources must act responsibly.
Course Website: Access to the course website is required via the iLearn portal on the University of the Cumberlands website:
Course Description: The course includes a discussion on security policies that can be used to help protect and maintain a network, such as password policy, e-mail policy, and Internet policy. The issues include organizational behavior and crisis management.
Course Objectives/Learner Outcomes: Course Objectives/Learner Outcomes:

Upon completion of this course, the student will:

· Recognize the activities involved in securing the operations of an enterprise and identify the technologies used to maintain network and resource availability.

· Identify the effects of various hardware and software violations on the system, and recognize how different types of operational and life-cycle assurance are used to secure operations.

· Determine the effects of different attacks on the network and identify the consequences of those effects.

· Recognize how different auditing and monitoring techniques are used to identify and protect against system and network attacks.

· Recognize the need for resource protection, distinguish between e-mail protocols, and identify different types of e-mail vulnerability.

· Identify basic mechanisms and security issues associated with the Web, and recognize different technologies for transferring and sharing files over the Internet.

· Recognize key reconnaissance attack methods and identify different types of administrative management and media storage control.

· Identify the appropriate security measures and controls for creating a more secure workspace.

Prerequisites: There are no prerequisites for this course.
Books and Resources: Required Text

Johnson, Rob. Security Policies and Implementation Issues, 2nd ed. Burlington, MA: Jones & Bartlett, 2015

Student Lab Manual

Recommended Materials/Resources

· Sandy Bacik

Building an Effective Information Security Policy Architecture (Chapters 1 and 7)

· Seymour Bosworth, et al.

Security Handbook, 5th ed. (Chapters 3, 21, and 26)

· Debra S. Herrmann

Complete Guide to Security and Privacy Metrics: Measuring Regulatory Compliance, Operational Resilience, and ROI (Chapters 3, 4, and 5)

· Ronald L. Krutz, et al.

The CISM Prep Guide: Mastering the Five Domains of Information Security Management (Chapters 2 and 5, and Appendix B)

· William C. Nicholson

Homeland Security Law And Policy

· Harold F. Tipton, et al.

Information Security Management Handbook, 6th ed. (Chapters 2, 5, 7, 14, 16, 41, and 42)

· John R. Vacca

Computer and Information Security Handbook (Chapter 15)

· Barry L. Williams

Information Security Policy Development for Compliance: ISO/IEC 27001, NIST SP 800-53, HIPAA Standard, PCI DSS V2.0, and AUP V5.0

· Kenneth A. Bamberger

“Technologies of Compliance: Risk and Regulation in a Digital Age,” Texas Law Review, March 2010, Vol. 88 Issue 4 (Pages 669-739)

· S. Vydrin “Theoretical aspects of information security”, Journal of Mathematical Sciences, January 2009, Vol. 156 Issue 2 (Pages 261-275)

Professional Associations

• International Association of Privacy Professionals (IAPP) – This Web site provides opportunity to interact with a community of privacy professionals and to learn from their experiences. This Web site also provides valuable career advice.

• International Information Systems Security Certification Consortium, Inc., (ISC)²® – This Web site provides access to current industry information. It also provides opportunities in networking and contains valuable career tools.

• ISACA – This Web site provides access to original research, practical education, career-enhancing certification, industry-leading standards, and best practices. It also provides a network of likeminded colleagues and contains professional resources and technical/managerial publications.

Course Expectations

Course Activities and Experiences: Students are expected to:

• Review any assigned reading material, complementary materials, and weekly lectures and prepare responses to homework assigned.

• Actively participate in activities, assignments, and discussions.

• Evaluate and react to each other’s work in a supportive, constructive manner.

• Complete specific assignments and exams when specified and in a professional manner.

• Utilize learned technologies for class assignments.

• Connect content knowledge from core courses to practical training placement and activities.

Academic Integrity: Academic Dishonesty Policy


As a Christian liberal arts university committed to the pursuit of truth and understanding, any act of academic dishonesty is especially distressing and cannot be tolerated. In general, academic dishonesty involves the abuse and misuse of information or people to gain an undeserved academic advantage or evaluation.


The common forms of academic dishonesty include:

1. cheating – using deception in the taking of tests or the preparation of written work, using unauthorized materials, copying another person’s work with or without consent, or assisting another in such activities;

2. lying – falsifying, fabricating, or forging information in either written or spoken presentations;

3. plagiarism – using the published writings, data, interpretations, or ideas of another without proper documentation.


Episodes of academic dishonesty are reported as appropriate to the Vice President for Academic Affairs. The potential penalty for academic dishonesty includes 1) a failing grade on a particular assignment, 2) a failing grade for the entire course, 3) suspension or expulsion, or (4) revocation of a degree.


Academic Dishonesty, Process, and Notifications


1. First instance of plagiarism

a. Professor identifies a submission.

i.      The professor places a 0 for the grade and lets the learner know if there is a second occurrence, the student will fail the course. The student is referred to academic integrity resources in the Learning Commons.

ii.      All evidence must be captured in the grade book comments.

b. Professor identifies a second occurrence in the same course.

i.      The professor notifies the student that he/she will fail the course.

ii.      The professor sends Course Number and Section, Student Name, Student Email, Student ID, a summary of the two instances of academic dishonesty and supporting documentation to the academic department and Program Director.

iii.      All evidence must be captured in the grade book comments.

iv.      The violation of the academic dishonesty policy is recorded on the student’s record.

v.      Student is enrolled in Equipping modules for Academic Integrity and is recommended to complete 1 module before the next registration period.

2. Second instance of plagiarism in a different course

i.      In addition to the steps above, the second full violation of the academic dishonesty policy is recorded on the student’s record.

ii.      Student is enrolled in Writing Equipping Modules for Academic Integrity and required to complete 2 modules before the next registration period. A registration hold will be placed on the student’s account until the sanction is complete.

iii.      Academic Affairs notifies student regarding dismissal process.

3.       Third instance of plagiarism

a. Professor identifies a submission.

i.      In addition to the steps above, the third offense is recorded on the student’s record.

ii.      Academic Affairs notifies student regarding dismissal process and appeal review.

Attendance Policy: When any student has exceeded 20% of the time prescribed for any class, that student will be automatically dropped from that particular class with the grade of “F.” This grade is placed on the official transcript of the student and is treated as a failing grade in calculating the grade point average. The definition of a class absence is a student’s failure to attend class for any reason. Instructors may count three times tardy or leaving early to be equal to one class absence. There are no excused absences, regardless of the reason for the class having been missed. However, faculty will make reasonable provisions to allow students to make up work if the absence is due to a university-sponsored function or a medical or family emergency that is documented in a timely manner. Allowance for students to make up work for other reasons is at each instructor’s discretion. A class absence does not excuse the student from being responsible for course work missed; the student is responsible for contacting the faculty member in order to make up class assignments. The Vice President for Academic Affairs is the authorized agent to consider any exceptions to the above regulations. (Undergraduate Catalog)

Residency Attendance: Each student must be in attendance for the entire duration of the required residency weekend.  Late arrivals and/or early departures are not permitted.  Punctuality is important as each student is required to have the documented in-seat time per USCIS regulations.  If a student is not in attendance for the full session, he/she will be counted absent for the entire session, and receive an automatic “F” and will be required to pay the $300.00 make-up fee and attend a residency make-up session.

Disability Accommodations: Students who may have a disability meriting an academic accommodation should contact Mr. Jacob Ratcliff, the Disabilities Services Coordinator, in the Student Services Office. For accommodations to be awarded, a student must complete an Accommodations Application and provide documentation of the disability to the Disability Services Coordinator.   Any accommodations for disabilities must be re-certified each semester by the Academic Affairs Office before course adjustments are made by individual instructors.
Student Responsibilities: · The only authorized electronic means of academic, administrative, and co-curricular communication between University of the Cumberlands and its students is through the UCumberlands email system (i.e. Webmail). Each student is responsible for monitoring his/her University email account frequently. This is the primary email account used to correspond with you directly by the University; imperative program information is sent to this email account specifically from campus and program office.

· Students should check for e-mail and class announcements using iLearn (primary) and University of the Cumberlands webmail (secondary).

· Students are expected to find out class assignments for missed classes and make up missed work.

· Students are expected to find out if any changes have been made in the class or assignment schedule.

· Written work must be presented in a professional manner. Work that is not submitted in a professional manner will not be evaluated and will be returned as unacceptable.

· There is a craft to writing. Spelling, grammar, punctuation and diction (word usage) are all tools of that craft. Writing at the collegiate level will show careful attention to these elements of craft. Work that does not exhibit care with regard to these elements will be considered as inadequate for college writing and graded accordingly.

· Students are expected to take the examinations on the designated dates. If you are unable to take the exam on the scheduled date and know in advance, you are to make arrangements with your professor before the designated date. If you miss the exam, you must have a legitimate reason as determined by your professor.

Deadlines and Dues Dates: Recognizing that a large part of professional life is meeting deadlines, it is necessary to develop time management and organizational skills. Failure to meet the course deadlines may result in penalties. Keep in mind that all deadlines are set using Eastern Standard Time (EST). Late assignments will NOT be accepted.
Writing Expectations: Learning outcomes for candidates’ writing competencies include clarity of thought, discernment in planning and organization, and integration of evidence and criteria.

· The instructor expects that students will have knowledge of appropriate forms of documentation and use it where appropriate. APA format is required and style of notation to credit all sources that are not your own.

· There is a craft to writing. Spelling, grammar, punctuation and diction (word usage) are all tools of that craft. Writing at the collegiate level will show careful attention to these elements of craft. Work that does not exhibit care with regard to these elements will be considered as inadequate for college writing and graded accordingly.

· All assignments, unless otherwise instructed, should be submitted in APA format.

Participation Policy: Study after study has linked successful academic performance with good class participation. Those who assume positions of responsibility must “show up” in order to be effective. Therefore, students are expected to actively participate in intelligent discussion of assigned topics in all areas (Discussion Board Activities, Synchronous Sessions, Forums, Shared Papers, etc.) to help process course material and/or to demonstrate understanding of course content. Point adjustments will be taken for non-participation.
Academic Appeals: Both undergraduate and graduate students have the right to challenge a grade. If discussions with the course instructor and department chair do not lead to a satisfactory conclusion, students may file a formal written appeal with the Vice President for Academic Affairs, who will forward the appeal to the chair of the Academic Appeals Committee. This formal written appeal must be filed by the end of the 4th week of classes in the next regular term following the term in which the course in question was taken. The Academic Appeals Committee then gathers information from the student, the instructor, and any other relevant parties. The Committee will deliver its recommendation on the complaint to the Vice President for Academic Affairs. After reviewing this recommendation and concurring or amending it, the Vice President for Academic Affairs will inform the student and instructor of the disposition of the complaint no later than the last day of classes of the term in which the complaint was filed. Records of all actions regarding academic grade appeals, including their final disposition, are maintained by the Vice President for Academic Affairs and the Academic Appeals Committee. (Undergraduate Catalog/Graduate Catalog)
Links to Support: Orientation to I-Learn: Student training course on I-Learn,

Book Store:


Course Assignments and Evaluation
Evaluation Method: Graded work will receive a numeric score reflecting the quality of performance. Relative weights assigned to graded work are as follows:

Course Evaluation

Students will be evaluated on:

1. Exams – Each exam will consist of multiple choice, multiple answer, matching, and True/False questions. Exam items derived primarily from lectures and readings. Exams will be available through iLearn and completed independently. 25% of the final grade

2. Homework Assignments, Discussion, & Quizzes – Assignments, Discussion, & Quizzes will be given throughout the term. Each quiz will consist of multiple choice/answer, short answer questions, matching, and True/False questions. Quiz items derived primarily from lectures and readings. Quizzes will be available through iLearn and completed independently. Assignments and Discussions will come from the course lectures, materials, and required reading assignments. 50% of the final grade.

3. Practical Connection Assignments – Written Assignment where students will reflect on course concepts and their practical connection to a working environment. 25% of the final grade

Grading Scale:

Graded work will receive a numeric score reflecting the quality of performance as given above in evaluation methods. The overall course grade will be determined according to the following scale:

A= 90 – 100 (90% – 100%)

B= 80 – 89 (80% – 89%)

C = 70 – 79 (70% – 79%)

F < 69 (Below 69%)

Syllabus Disclaimer:

This syllabus is intended as a set of guidelines for this course and the professor reserves the right to make modifications in content, schedule, and requirements as necessary to promote the best education possible within conditions affecting this course. Any changes to the syllabus will be discussed with the students.

Tentative Course Expectations (specific due dates are listed in the course module)

Week Topic & Reading Assignments
1 Welcome Introduction to the Course

Chapter 1, “Information Systems Security Policy Management”

Chapter 2, “Business Drivers for Information Security Policies

Chapter 3, “U.S. Compliance Laws and Information Security Policy Requirements.”

Welcome Discussion

Week 1 Discussion *Failing to Participate in Week 1 may result in being dropped from the course.

2 Chapter 4, “Business Challenges Within the Seven Domains of IT Responsibility”

Chapter 5, “Information Security Policy Implementation Issues”

Quiz 1; Week 2 Discussion
3 Chapter 6, “IT Security Policy Frameworks”

Chapter 7, “How to Design, Organize, Implement, and Maintain IT Security Policies

Reflection and Connection Assignment
4 Chapter 8, “IT Security Policy Framework Approaches

Chapter 9, “User Domain Policies”

Quiz 2; Email Phishing Exploration
5 Chapter 10, “IT Infrastructure Security Policies” Mid-term Exam; Week 5 Discussion
6 Chapter 11, “Data Classification and Handling Policies and Risk Management Policies”

Chapter 12, “Incident Response Team (IRT) Policies

Case Assignment 2: Practical Connection Assignment
7 Chapter 13, “IT Security Policy Implementations

Chapter 14, “IT Security Policy Enforcement

Chapter 15, “IT Security Policy Enforcement

Quiz 3
8 Final Exam

*SHORT WEEK* All assignments must be completed by the last day of the term by 5pm EST.

Final Exam