May 07, 2024  
2018-2019 SGPP Catalog and Handbook 
    
Catalog Navigation
  Catalog Home
  Programs of Study
  Course Descriptions
  History
  Mission and Vision
  Accreditation and Certification
  The University
  Locations and Facilities
  Admission Policies
  Academic Policies
  Registration and Tuition
  University Conduct
  Academic Services
  Student Services
  Undergraduate College Programs in Winona
  Roster
  Appendix
  Downloadable Print Version (PDF)
  My Portfolio
HELP
2018-2019 SGPP Catalog and Handbook [ARCHIVED CATALOG]

Add to Portfolio (opens a new window)

CYBR620 Operational Security Policy (3 cr.)


In this course, students examine the role of security policies, standards, and procedures in addressing business and technical security risks.  Students explore the types of policies that are part of an overall security strategy. Policies are discussed that drive computer security, including discretionary access control, mandatory access control, and role-based access control types of policies, and how these are used in organizations. Students develop policies and deployment plans as part of the comprehensive strategic plan for the enterprise.

Upon completion of the course, students are expected to be able to do the following:

  1. Develop high-level security policies that directly support the mission, vision, and direction of an organization.
  2. Develop issue-specific policies to control use of resources, assets, and activities to support the organization’s goals and objectives.
  3. Develop system-specific policies that express technical details for the implementation, configuration, and management of the system that includes configuration rules and access control.
  4. Develop, document, and implement security policy, standards, procedures, and guidelines.
  5. Create security procedures and administration controls for the enterprise.
  6. Evaluate physical and logical access to assets such as information, systems, devices, and facilities.           
  7. Manage identification, authentication, and authorization of people, devices, and services. 


Add to Portfolio (opens a new window)