powered by
Center for Curriculum and Transfer Articulation
Major: 3010
Effective Term: 2010 Fall   

Award: AAS
Total Credits: 62
CIP Code: 11.0901
Instructional Council: Computer Information Systems (12)
GPA: 2.00
SOC Code:


Description: The Associate in Applied Science (AAS) in Information Assurance program is designed to equip students with marketable skills and knowledge for adaptation to specific tasks and industry recognized standards associated with network security, information and data security, and information assurance. This program also prepares students to complete the required certification tests for several industry certifications, including Cisco, CompTia Security +, and Global Information Assurance Certifications (GIAC). Relevant certification tests are identified in individual course descriptions.



Required Courses
+ CIS247DA Cyber Forensics and Incident Handling 3
+ CIS238US UNIX Security 3
+ CIS271DA Security Certified Professional (SCP) Hardening the Infrastructure 3
+ CIS272DA Security Certified Professional (SCP) Network Defense
and Countermeasures 3
+ CIS273DA Information Audit and Risk Analysis 3
+ CIS247DL Legal Issues of Information Assurance 3
+ CIS273DC Data Assurance and Disaster Recovery 3
+ CIS279DA Practical Applications in Information Assurance 4
Credits: 25

Program Competencies
1. Explain and apply forensic and advanced incident handling techniques in a lab setting, demonstrating hands-on skills in incident response, forensic preparation, Windows forensics, UNIX and Linux forensics, data recovery and analysis, malicious code analysis, law enforcement interaction and case law, corporate and managerial legal concerns and direction. Prepare for GIAC Certified Forensic Analyst (GCFA) Certification and IACIS Certified Forensic Computer Examiner (CFCE) certification. (CIS247DA)
2. Explain and apply Unix system administration and security management, including directory structure, access control and authentication mechanisms, password management, system logs and monitoring, process accounting, configuring public services, restricted environments, the sudo command, SSH (Secure Shell), file system mount options, file integrity management, immutable/append-only files and system security levels, loadable kernel modules, rootkits, non-executable stacks, backups, common vulnerabilities and exposures, and firewall filtering. (CIS238US)
3. Explain and apply architecture of network defense and skills for system administrators to implement network defense. Includes network defense fundamentals, designing and configuring firewalls, configuring Virtual Private Networks (VPNs), designing and configuring an Intrusion Detection System (IDS), analyzing intrusion signatures, performing risk analysis, and creating a security policy. (CIS272DA)
4. Explain and apply network security-related fundamentals, issues, and skills for systems administrators to implement network security including network security basics, advanced Transmission Control Protocol/Internet Protocol (TCP/IP), IP packet structure and analysis, routing and access control lists, securing Windows computers, securing Linux computers, Internet security, and hacker attack techniques. (CIS271DA)
5. Identify and analyze legal implications of organizational computing policies, evidence collection, risk management and mitigation of liability. (CIS247DL)
6. Explain and apply procedures for security and protection of data with emphasis on physical security of data servers and storage, disaster recovery plan and procedures, backup management and procedures, business continuity planning for unusual conditions, data confidentiality, integrity, and assurance, data retention policy and procedures, data warehouse, data use authorization and authentication, securing data in the mobile environment, handling data in response to cyber crime, data risk identification and assessment, and user education in and awareness of data assurance. (CIS273DC)
7. Apply core skills and knowledge in information assurance to real-world scenarios or simulations of information security vulnerabilities (CIS279DA)
8. Explain and apply knowledge, skills, and abilities in basic risk analysis techniques to secure information and conduct a technical audit of essential information systems (CIS273DA).
+ indicates course has prerequisites and/or corequisites.
++ indicates that any suffixed course may be selected.
MCCCD Governing Board Approval Date: 5-25-04

All information published is subject to change without notice. Every effort has been made to ensure the accuracy of information presented, but based on the dynamic nature of the curricular process, course and program information is subject to change in order to reflect the most current information available.