Information Security Essentials (ISA 522)

Dr. Massimiliano Albanese, Department of Applied Information Technology

Spring 2012. Tuesdays, 7:20 pm - 10:00 pm, Arts and Design Building 2026, Fairfax Campus

Office hours. Wednesdays, 2:00 pm - 4:00 pm, or by appointment, Engineering Building, Fairfax Campus

George Mason University

Catalog Description

This course covers basic concepts and techniques in applied information security. It begins introducing students to basic concepts of security, including confidentiality, integrity, availability, and current concerns of anonymity, privacy and safety of web-based transactions, forensics investigations, etc. The course also covers the main available safeguards, such as authentication, authorizations, and network security, and shows how these techniques are applied to address the issues arising in a variety of different domains, ranging from business to health care, from law to national security.

Find this course in Patriot Web.

Course Goals

Upon successful completion of this course students will:

-         become familiar with basic concepts in information security and privacy;

-         become familiar with practical security issues arising in a wide range of domains;

-        understand how to use existing techniques and tools to minimize security risks for the enterprise or organization;

-         acquire experience in discussing and writing about security related issues.


Registration in MS, Applied IT program or permission of Instructor.

Course Format

The course will employ lectures, in class-quizzes to assess progress, assignments, a mid-term exam, and a final exam. Students will be required to write a technical paper on a topic which must be approved in advance by the instructor.

Textbooks and reading materials

Required Textbook

CISSP: Certified Information Systems Security Professional Study Guide, 4th edition

James Michael Stewart, Ed Tittel, and Mike Chapple

ISBN: 9780470276884

Wiley Publishing, Inc, 2008

The required textbook is available electronically through the Safari Tech Books Online collection. You can access this book by following these steps:

A print copy of  “Securing the Cloud” will be on reserve at the Johnson Center. The book will be listed under the instructor's name and the course number (AIT690).  

Course Outline

Below is an outline of the 15 weekly class meetings.

      1)            Introduction to the course - Accountability and access control (Chapter 1)

      2)            Attacks and monitoring (Chapter 2)

      3)           Review of networking concepts (Chapter 3)

      4)           In-class quiz n. 1 - Communications security and countermeasures (Chapter 4)

      5)           Security management (Chapter 5) - Policies and risk management (Chapter 6)

      6)           Data and application security (Chapter 7)

      7)           Malicious code and application attacks (Chapter 8) - Review Session

      8)            Mid-term exam

      9)            Cryptography and symmetric key algorithms (Chapter 9)

   10)           PKI and cryptographic applications (Chapter 10)

   11)            Principle of security models (Chapter 12)

   12)           In-class quiz n. 2 - Business Continuity Planning (Chapter 15) - Disaster Recovery Planning (Chapter 16)

   13)            Legal and ethical issues (Chapters 17 & 18) - Review Session

   14)            Team project presentation

  15)            Final exam


Grading Policy

Grading will be based on class participation, in-class quizzes, assignments, team project, term paper, mid-term and final exams. Points for course activities will accrue as follow:




Class participation



In-class quiz



Mid-term exam



Graded assignments (2 @ 50 points each)






Term paper



Final exam







Final letter grades are assigned as follows. Breakpoints may be adjusted depending on overall class performance.

Point % range

Letter grade

97% - 100%


93% - 96.9%


90% - 92.9%


87% - 89.9%


83% - 86.9%


80% - 82.9%


77% - 79.9%


73% - 76.9%


70% - 72.9%


67% - 69.9%


63% - 66.9%


60% - 62.9%





Students who wish to recover credits lost in other course activities can volunteer to give short presentations (4-5 slides, 8-10 minutes) on a topic of their choice. Each short presentation will earn up to 30 points, for a maximum of two presentations per student during the whole course. Students must notify the instructor in advance of their intention to give a short presentation. Time and topic of the presentation must be approved by the instructor.

Regular attendance is strongly recommended. Students will be held responsible for all material covered in class. Quizzes and exams are given on the dates specified on the course schedule. Absence from taking any quiz/exam will result in a score of zero, unless cleared in advance with the instructor and arranged for a makeup session. Excusable absences are normally related to unavoidable and documented emergency situations.