From mission-critical business systems to e-commerce and the Internet, IT is not only an industry in its own right but also a fundamental building block of all other industries. AIU offers an industry-current BSIT program with an in-depth specialization in Information Assurance and Security designed to help students learn about the types of information technology security used in business today, as well as the practices that should be in place in any organization to ensure security.
Students can learn to work with security software, administer security systems and identify potential security threats organizations may face in a variety of real-world situations. The program also addresses issues of physical and operations security. The Information Assurance and Security specialization program is designed for students looking to pursue career opportunities in the fields of digital security, information collection and preservation, and security-system creation.
We can help you learn how to:
- Summarize details of essential computer concepts
- Use an operating system interface to access, add, troubleshoot and configure hardware and manage files
- Implement a relational database management system utilizing the concepts of database design and data modeling
- Develop business applications using programming languages, tools and software development methodologies
- Manage security threats and risks by applying industry-best practices to assure information integrity, confidentiality, availability, non-repudiation and authenticity
At AIU, more of the courses you take, on average, are devoted to your program of interest than at other similar schools. For a Bachelor of Science in Information Technology degree with a specialization in Information Assurance and Security, your classes can include:
Introduction to Information Assurance and Information Security
This class provides students with an overview of network security principles and implementation techniques. Topics covered include authentication issues; examples of attacks and malicious code that may be used against networks, and the countermeasures against these; examples of perimeter and interior attacks; and protecting network services. Additional topics may include risk management and assessment, understanding and developing security policy, and protective technologies, such as firewall, intrusion detection systems and the use of encryption.
Telecommunications and Network Infrastructure Security
This course covers network security principles and implementation techniques. Topics covered include examples of attacks and countermeasures for securing e-mail, definitions and principles underpinning all IT security, security management, and security architectures. Fundamental concepts, principles, and practical networking and internetworking issues relevant to the design, analysis, and implementation of enterprise-level trusted networked information systems are also covered.
Information Systems Control and Auditing
The course covers the essential subjects and topics in information systems control, including types of audits, types of audit risks, frameworks for management and application controls, audit software and tools, concurrent auditing techniques, data integrity, system effectiveness, IT services delivery, life cycle management, information asset protection, IT governance, business continuity, and system efficiency. Also covered are processes for creating information systems audit and reviewing audit reports.
Principles and Methods in Cryptographic Security
This course covers the mathematical background to cryptography as well as providing a comprehensive review of contemporary cryptographic technologies, as applied to computer and network operations. Topics include determining the appropriate cryptographic targets and methods, digital key management, cryptographic vulnerabilities, and implementation of effective cryptographic methodologies to secure enterprise-wide information systems.
Ethical Hacking and Penetration Testing
This course covers techniques that hackers use to circumvent security and penetrate computers and computer networks. Topics covered include legal framework for conduction penetration testing, foot-printing, social engineering, host reconnaissance, session hijacking methods, denial of service, exploits of web server vulnerabilities, breach of database security, password crackers, Intrusion Prevention Systems (IPS) and firewalls circumvention, routers and switches services disruption, scanning and penetration of wireless networks, and overflow attacks methods and prevention. Other topics covered include creating, using, and preventing Trojan Horses, viruses, and other backdoor hostile codes.
IT Governance for Information Security Managers
This course covers enterprise IT governance framework, enterprise security governance framework, business-based investment decisions, maturity practices, compliance issues, IT security strategies, privacy regulations, computer misuse, and incident investigation procedures.
Applications of Discrete Mathematics and Statistics in IT
In this course, students will examine the essential mathematics and logic skills required in Information Technology areas such as networking, systems administration, security, programming, database management, and computer hardware. Students will build on their mathematical proficiency to prepare for the challenges they are likely to encounter as an IT professional. This course discusses the importance of discrete mathematics, probability and statistics in IT. Students in this course will further their understanding of discrete mathematics and statistics necessary for application development and systems analysis. Students will also learn how to apply statistical techniques to improve the performance of IT systems. Real-world scenarios and problems from the IT industry are included throughout this course.
System Architecture and Integration
In this course, students will analyze the system integration requirements and apply appropriate frameworks, methodologies, and techniques that are used to manage, administer, acquire, develop, implement, and integrate enterprise systems.
Comprehensive IT Project
In this lower division capstone course, students will examine IT project management and systems architecture. Topics covered include project management concepts of time, scope, and costs, as well as systems architecture, sourcing, acquisition, development, and deployment processes.
Information Technology Security
This survey course covers information security concepts and mechanisms. Information security concepts reviewed may include data protection techniques, software security, information assurance process, enterprise network security, and attack types/countermeasures.
Data Structures and Implementation
This course will introduce students to basic data structures and algorithms which are to be used as tools in designing solutions to real-life problems. Students will become familiar with the specification, usage, implementation and analysis of basic data structures and algorithms.
Program Capstone for IT
This course offers students the opportunity to demonstrate their level of understanding regarding the application of information technology concepts, technologies, and methodologies. Students are expected to employ their knowledge about hardware, systems, applications, and security management.
View the Course Catalog
Course content subject to change.
What can you do with a bachelor’s degree in Information Assurance and Security?
With our increasing reliance on technology, specialists in keeping corporate and personal data secure will be needed. An information security analyst implements and carries out security measures to contain and repair breaches while constantly staying on their toes looking for potential threats and vulnerabilities before the hackers and viruses exploit them.
To combat the loss of sensitive data and to ensure customer protection, companies are investing more in information security than ever before.
Roles in Information Security
It can be helpful to think about information security as an industry where roles are, in a sense, divided into three categories:
● Creating security, such as security software development or cryptology
● Maintaining security, like security administration
● Testing security, such as breach testing
While security administration focuses on keeping out unauthorized users or malware, breach testing and vulnerability assessment are devoted to troubleshooting weak spots by hacking—or attempting to hack—a system.
Common roles in information security include:
● Information security analysis
● Web penetration testing
● Security engineering
● Security architecture
● Source code auditing
● Security consulting
With 18% growth projected through 2024—much faster than average, per the BLS1—information security analysts can pursue jobs in nearly every sector, but the most common jobs are found in finance, consulting firms and computer-based businesses.
1 Bureau of Labor Statistics, U.S. Department of Labor, Occupational Outlook Handbook, 2016-17 Edition, Information Security Analysts, on the Internet at http://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm (visited July 27, 2016).