MISSM Courses

Courses Making up the MISSM Degree Program

The following courses make up the MISSM program. There are 13 mandatory courses, one option (and three choices to choose from) and two 9-credit research courses

Course Descriptions

ISSM 503 Operating Systems

This course has two components: a theory component to teach the concepts and principles that underlie modern operating systems, and a practice component to relate theoretical principles with operating system implementation. In the theory component, you will learn about processes and processor management, concurrency and synchronization, memory management schemes, file system and secondary storage management, security and protection, etc. The practice component will complement the theory component through some specific assignments illustrating the use and implementation of these concepts.

[Note; optional, student must take ISSM 503 or ISSM 542)

ISSM 507 Organizational Behaviour

Organizational behaviour integrates content from several fields including psychology, sociology, economics, organization theory, statistics, and others. This material is then applied to organizations to explain the motivation of people and how the potential of the human side of business is best harnessed. This content is a crucial area of knowledge in information systems security because of the constantly changing security environment and the changing importance of the roles of security officers. Topics such as work motivation, work attitudes, socialization, leadership, decision making, and management of change will all help prepare students for the challenges faced as a security professional or manager. RESTRICTION: Open only to students in the Master of Information Systems Security Management degree program.

ISSM 521 TCP/IP Security

A deep review of the TCP/IP protocol suite, with a focus on protocol analysis, and supplemented with various issues relevant to network security professionals, such as ARP cache poisoning, IP source address spoofing, DNS cache poisoning, and many others. Students will gain practical experience constructing internetworks and implementing servers for various application layer protocols. Students will also engage in exercises intended to illustrate many of the network security issues covered in the course. RESTRICTION: Open only to students in the Master of Information Systems Security Management degree program.

ISSM 525 Securing an E-Commerce Infrastructure

Securing the e-commerce infrastructure, taking into account data architecture and management and advanced network protocols. In the e-commerce environment, both information security needs of organizations and privacy needs of customers and clients are examined. RESTRICTION: Open only to students in the Master of Information Systems Security Management degree program.

ISSM 531 Advanced Network Security

Topics will include: intrusion/extrusion detection, network security monitoring, and network event reconstruction. Theory will include problems with and strategies for designing an environment conducive to network monitoring and intrusion detection. Practice will include implementing network security monitoring and intrusion detection in a test environment. Students will gain knowledge and experience identifying, interpreting, and reconstructing intrusions, and other security relevant network events. RESTRICTION: Open only to students in the Master of Information Systems Security Management degree program.

Prerequisites ISSM521

ISSM 533 Cryptography and Secure Network Communications

This course in cryptography focuses on securing data through authentication, cryptographic algorithms, access control, public key encryption and public key distribution using best practices for secure communications. Students assess and evaulate cryptographic systems and how they can be incorporated into an information security system and the security plan for the enterprise. Students implement secure sites (on web servers) that require secure sockets layer for secure transactions. Emerging trends in encryption are discussed to prepare students for the ongoing changes which will be required to keep ahead of Hackers. RESTRICTION: Open only to students in the Master of Information Systems Security Management degree program.

Prerequisites: ISSM521

ISSM 535 Firewall Fundamentals

The theory behind firewall architecture design and implementation, including the principles behind zone-based design. Students will gain hands-on experience in complex firewall architecture design, and will implement that design — and the associated firewall rule sets — in internetworks populated with various TCP/IP clients and servers. This course will also include discussion of new approaches such as distributed firewall architecture. RESTRICTION: Open only to students in the Master of Information Systems Security Management degree program.

Prerequisites: ISSM511 and ISSM521

ISSM 536 Digital Forensics

In-depth coverage of live incident response and file system forensic analysis. The course will include the use of various tools and techniques used to extract information from digital media, with a focus on information that is difficult to find using normal methods. These tools and techniques will be supplemented with theoretical discussion, both of the structure of the media itself and of the nature and limitations of digital evidence. The course will cover the most commonly used operating systems and file systems. RESTRICTION: Open only to students in the Master of Information Systems Security Management degree program.

ISSM 538 Research Methods I

A lecture-based course that focuses on formulating a research question or research problem, determining a research design, assessing data collection methods, determining a sampling framework, determining types of data analyses, and interpreting data. Qualitative and quantitative research methods are included. Students will gain an understanding of the ethical issues involved in conducting research. RESTRICTION: Open only to students in the Master of Information Systems Security Management degree program.

ISSM 541 Management Accounting

Financial management theory and financial statement analysis. Students use rate-of-return, break-even, scenario analysis, and other methods to evaluate projects and organizational performance. Students also learn how to make financial proposals for new equipment needed for an information security enhancement. To a more limited degree, IT security auditing is also discussed along with the importance of IT auditing to the enterprise. RESTRICTION: Open only to students in the Master of Information Systems Security Management degree program.

ISSM 542 Financial Accounting

This course covers accounting theory, models, and standards used to record accounting events which then are used to create various internal reports, external reports and compliance reports which are of use to stakeholders and regulatory bodies. Hands on exercises with transaction recording, report creation and analysis of standard financial reports is an integral component of the course. Various assignments challenge students and to apply these to interim assignments and a final case study.

[Note; optional, student must take ISSM 503 or ISSM 542)

ISSM 543 Systems Development and Project Management

An in-depth study of the concepts and techniques for designing, developing and/or revising software using a planned approach. Both the software development life-cycle model and project management approach is presented. Students apply project management concepts in this course to group and individual projects. RESTRICTION: Open only to students in the Master of Information Systems Security Management degree program.

ISSM 545 Security Policies, Standards and Management

This course provides students with the standards for creating an enterprise-wide security policy. Topics include: security management principles; defining security requirements; planning and documenting security policies; asset identification and control; system access control; and Internet security. Students also learn how to formulate, administer, manage and evaluate security policies and standards based on best standards for information systems security (ISO 17799), best practices for security auditing (CObIT) and the protection of private information required by Canadian laws. RESTRICTION: Open only to students in the Master of Information Systems Security Management degree program.

ISSM 551 Disaster Recovery and Planning

An in-depth coverage of disaster recovery planning including, techniques to prevent, detect, and recover from loss of information availability. Students are instructed in ways to formulate a disaster and recovery plan, and test and implement the plan in a simulated lab environment. RESTRICTION: Open only to students in the Master of Information Systems Security Management degree program.

Prerequisites: ISSM521

ISSM 553 Risk Management and Analysis

The principles and techniques applied to security risk analysis and the role of risk management in the business enterprise. Topics covered include how to conduct vulnerability assessments, the use of risk assessment tools and how to establish a cost benefit analysis for specific safeguards to ensure that information is confidential, available and has integrity. Emerging trends in risk management are also explored. Students use standard tools to assess network weaknesses such as UNIX-based NMAP and Nessus. RESTRICTION: Open only to students in the Master of Information Systems Security Management degree program.

ISSM 561 Information Technology Law and Ethics

An overview of international and Canadian laws, legislation, and legal issues relevant to the information systems security profession. Topics covered include the legal protection of information and systems technology, as well as balancing the legal rights to privacy for users. Legal “due diligence” responsibilities of information security professionals are also discussed. RESTRICTION: Open only to students in the Master of Information Systems Security Management degree program.

ISSM 559 Research Methods II

Following ISSM 538, students develop a research plan and proposal which will later be used (if approved by Master’s Program Committee) as the basis to register in ISSM 581. RESTRICTION: Open only to students in the Master of Information Systems Security Management degree program.

Prerequisites: department consent

ISSM 581 Research Project in Subject Area

A research project culminating in a research document evaluated by an internal committee for its contribution to the field of information security. Each student will conduct his or her research using a proposal approved by the Master’s Program Committee of the program. RESTRICTION: Open only to students in the Master of Information Systems Security Management degree program.