COURSE SYLLABUS
Course Designator/Course Number: IT 4823
Course Title: INFORMATION SECURITY ADMINISTRATION
Instructor: Mr. Bob Brown
HTTP Link:
http://www.spsu.edu/cs/faculty/bbrown/it4823/f05
Course Length: 40 contact hours. 2.5 hours per week for 16 weeks; approximately 80 hours reading, research and writing outside class.
Textbook: Whitman, Michael E. and Herbert J. Mattors (2005) Principles of Information Security, Second Edition. Thompson, Course Technology. ISBN: 0-619-21625-5. (For Fall, ’05.)
Bishop,
Matt (2005) Introduction to Computer
Security. Addison-Wesley.
(For Spring ’06 forward.)
Course Description/Objectives:
The student develops knowledge of he
principles of information assurance at the policy, procedural, and technical
levels to prepare the student for a role as a business decision-makers. Real-world
examples from the text and current events will be used to demonstrate the
applicability of the techniques of information assurance.
Prerequisites: IT 1124 Advanced Programming Principles, CS 3153 Database
Systems, IT 3124 Hardware and Software Concepts.
This course will teach students:
· The role of policy in driving information security.
· The fundamental attributes that define information security: confidentiality, integrity, and availability
· Identification of an organization’s information assets, including people, hardware, software, and data.
· The role of risk management in information security.
· The proper balance between technical controls and procedural controls.
· The necessity of physical security controls and how to implement them.
· The roles of awareness, training, end education in information security.
· The need to make information security an ongoing part of daily operations.
Course Learning Outcomes
After completion
of this course (IT 4823), students will be able to:
· Describe the need for and relationship among the attributes of confidentiality, integrity, and availability.
· Describe the McCumber model of information security and use it to describe and evaluate security controls.
· Define the role of policy in driving information security.
· Differentiate among policy, standards, and procedures.
· Describe issue-specific policies and tell how they are used.
· Describe how to identify an organization’s information assets.
· Distinguish between identification, authentication, and authorization.
· Describe discretionary and mandatory access control and tell how they are different.
· Enumerate common classes of threats to information assets and describe the technical and procedural protections against each.
· Define annualized loss expectancy (ALE) and describe its role in risk management.
· Describe the concept of layers of information security, and give examples.
· Define and distinguish among incident response plans, disaster recovery plans, business continuity plans, and crisis management plans.
· Discuss business continuity strategies.
· Describe the methods of protecting information in storage and transmission.
· Differentiate between symmetric and public-key cryptography.
· Explain how public-key cryptography can provide for non-repudiation through digital signatures.
· Explain the role of digital certificates in a public-key infrastructure.
· Describe risk assessment for and implementation pf physical security controls.
· Describe the process of maintaining an operating information security plan.
Course Content Outline / Major Topics:
1.
Security
Fundamentals
1.1
The History of Information Security
1.2
Critical Characteristics of Information
1.2.1 Availability
1.2.2
Accuracy
1.2.3
Authenticity
1.2.4
Confidentiality
1.2.5
Integrity
1.2.6
Utility
1.2.7
Possession
1.3
NSTISSC Security Model
1.4
Components of an Information System
1.4.1
Software
1.4.2
Hardware
1.4.3
Data
1.4.4
People
1.4.5
Procedures
1.4.6
Networks
1.5
Securing Components
1.6
Balancing Information Security and Access
1.7
Approaches to Information Security Implementation
1.8
The Systems Development Life Cycle
1.8.1
Methodology
1.8.2
Phases
1.8.3
Investigation
1.8.4
Analysis
1.8.5
Logical Design
1.8.6
Physical Design
1.8.7
Implementation
1.8.8
Maintenance and Change
1.9
The Security Systems Development Life Cycle
1.9.1
Investigation
1.9.2
Analysis
1.9.3
Logical Design
1.9.4 Physical Design
1.9.5
Implementation
1.9.6
Maintenance and Change
1.10
Security Professionals and the Organization
1.11
Communities of Interest
2.
Business
Needs
2.1 Business
Needs First
2.1.1
Protecting the Functionality of an Organization
2.1.2
Enabling the Safe Operation of Applications
2.1.3
Protecting Data that Organizations Collect and Use
2.1.4
Safeguarding Technology Assets in Organizations
2.2 Threats
2.2.1
Acts of Human Error or Failure
2.2.2
Compromises to Intellectual Property
2.2.3
Deliberate Acts of Espionage or Trespass
2.2.4
Deliberate Acts of Information Extortion
2.2.5
Deliberate Acts of Sabotage or Vandalism
2.2.6
Deliberate Acts of Theft
2.2.7
Deliberate Software Attacks
2.2.8
Forces of Nature
2.2.9
Deviations in Quality of Service
2.2.10
Technical Hardware Failures or Errors
2.2.11
Technical Software Failures or Errors
2.2.12
Technological Obsolescence
2.2
Attacks
2.2.1
Malicious Code
2.2.2
Hoaxes
2.2.3
Back Doors
2.2.4
Password Crack
2.2.5
Brute Force
2.2.6
Dictionary
2.2.7
Denial-of-Service (DOS) and Distributed Denial-of-Service (DDOS)
2.2.8
Spoofing
2.2.9
Man-in-the-Middle
2.2.10
Spam
2.2.11
Mail Bombing
2.2.12
Sniffers
2.2.13
Social Engineering
2.2.14
Buffer Overflow
2.2.15
Timing Attack
3.
Legal,
Ethical and Professional Issues
3.1 Laws
and Ethics in Information Security
3.2 Types
of Law
3.3
Relevant
3.3.1 General Computer Crime
Laws
3.3.2
Privacy
3.3.3
Export and Espionage Laws
3.3.4
3.3.5
Financial Reporting
3.3.6
Freedom of Information Act of 1966 (FOIA)
3.4
International Laws and Legal Bodies
3.4.1
European Council Cyber-Crime Convention
3.4.2
Digital Millennium Copyright Act (DMCA)
3.4.3
United Nations Charter
3.5
Policy versus Law
3.6
Ethics and Information Security
3.6.1
Ethical Differences Across Cultures
3.6.2
Software License Infringement
3.6.3
Illicit Use
3.6.4
Misuse of Corporate Resources
3.6.5
Ethics and Education
3.6.6
Deterrence to Unethical and Illegal Behavior
3.7
Codes of Ethics and Professional Organizations
3.7.1
Major Professional Organizations for IT
3.7.2
Other Security Organizations
3.7.3
Key
3.8
Organizational Liability and the Need for Counsel
4.
Risk
Management
4.1 An
Overview of Risk Management
4.1.1
Know Yourself
4.1.2
Know the Enemy
4.1.3
The Roles of the Communities of Interest
4.2
Risk Identification
4.2.1 Asset Identification and
Valuation
4.2.2
Automated Risk Management Tools
4.2.3
Information Asset Classification
4.2.4
Information Asset Valuation
4.2.5
Listing Assets in Order of Importance
4.2.6
Data Classification and Management
4.2.7
Security Clearances
4.2.8
Management of Classified Data
4.2.9
Threat Identification
4.2.10
Identify and Prioritize Threats and Threat Agents
4.2.11
Vulnerability Identification
4.3
Risk Assessment
4.3.1
Introduction to Risk Assessment
4.3.2
Likelihood
4.3.3
Valuation of Information Assets
4.3.4
Risk Determination
4.3.5
Identify Possible Controls
4.3.6
Access Controls
4.3.7
Documenting the Results of Risk Assessment
4.4
Risk Control Strategies
4.4.1
Avoidance
4.4.2
Imlementing Avoidance
4.4.3
Transference
4.4.4
Mitigation
4.4.5
Disaster Recovery Plan
4.4.6
Acceptance
4.5
Selecting a Risk Control Strategy
4.5.1
Evaluation, Assessment, and Maintenance of Risk Controls
4.5.2
Categories of Controls
4.5.3
Feasibility Studies
4.5.4
Other Feasibility Studies
4.6
Risk Management Discussion Points
4.6.1
Risk Appetite
4.6.2
Residual Risk
4.7
Documenting Results
4.8
Recommended Practices in Controlling Risk
4.8.1
Qualitative Measures
4.8.2
5.
Policies,
Standards and Practices
5.1 Information
Security Policy, Standards, and Practices
5.1.1
5.1.2
Issue-Specific Security Policy (ISSP)
5.1.3
Systems-Specific Security Policy (SysSP)
5.1.4
Policy Management
5.1.5
Information Classification
5.2
The Information Security Blueprint
5.2.1 ISO 17799/BS7799
5.2.2
NIST Security Models
5.2.3
IETF Security Architecture
5.2.4
VISA International Security Model
5.2.5
Baselining and Best Business Practices
5.2.6
Hybrid Framework for a Blueprint of an Information Security System
5.2.7
Design of Security Architecture
5.3
Security Education, Training, and Awareness Program
5.3.1
Security Education
5.3.2
Security Training
5.3.3
Security Awareness
5.4
Continuity Strategies
5.4.1
Business Impact Analysis
5.4.2
Incident Response Planning
5.4.3
Disaster Recovery Planning
5.4.4
Business Continuity Planning
5.4.5
Model for a Consolidated Contingency Plan
5.4.6
Law Enforcement Involvement
6.
Security
Technology: Firewalls and VPNs
6.1
Physical Design
6.2 Firewalls
6.2.1 Firewall Categorization
Methods
6.2.2
Firewall Architectures
6.2.3
Selecting the Right Firewall
6.2.4
Configuring and managing Firewalls
6.2.5
Content Filter
6.3
Protecting Remote Connections
6.3.1
Dial-Up
6.3.2
Virtual Private Networks (VPNs)
7.
Security
Technology: Intrusion Detection, Access Control, and Other Security Tools
7.1 Intrusion
Detection Systems (IDSs)
7.1.1
IDS Terminology
7.1.2
Why Use IDS?
7.1.3
Types of IDS and Detection Methods
7.1.4
IDS Response Behavior
7.1.5
Selecting IDS Approaches and Products
7.1.6
Strengths and Limitations of IDS
7.1.7
Deployment and Implementation of an IDS
7.1.8
Measuring the Effectiveness of IDS
7.2
Honey Pots, Honey Nets, and Padded Cell Systems
7.2.1 Trap and Trace Systems
7.2.2
Active Intrusion Prevention
7.3
Scanning and Analysis Tools
7.3.1
Port Scanners
7.3.2
Firewall Analysis Tools
7.3.3
Operating System Detection Tools
7.3.4
Vulnerability Scanners
7.3.5
Packet Sniffers
7.3.6
Wireless Security Tools
7.4
Access Control Devices
7.4.1
Authentication
7.4.2
Effectiveness of biometrics
7.4.3
Acceptability of Biometrics
8.
Cryptography
8.1 A
Short History of Cryptography
8.2 Principles
of Cryptography
8.2.1 Basic Encryption
Definitions
8.2.2
Cipher Methods
8.2.3
Elements of Cryptosystems
8.2.4
Encryption Key Size
5.2.5
Conclusions Regarding the Principles of Cryptography
8.3 Cryptography
Tools
8.3.1
Public Key Infrastructure (PKI)
8.3.2
Digital signatures
8.3.3
Digital Certificates
8.3.4
Hybrid Cryptography Systems
8.3.5
Steganography
8.4
Protocols for Secure Communications
8.4.1
Securing Internet Communication with S-HTTP and SSL
8.4.2
Securing E-mail with S/MIME, PEM, and PGP
8.4.3
Securing Web Transactions with SET, SSL, and S-HTTP
8.4.4
Securing TCP/IP with IPSec and PGP
8.5
Attacks on Cryptosystems
8.5.1
Man-in-the-Middle Attack
8.5.2
Correlation Attacks
8.5.3
Dictionary Attacks
8.5.4
Timing Attacks
8.5.5
Defending From Attacks
9.
Physical
Security
9.1 Physical
Access Controls
9.1.1
Controls for Protecting the Secure Facility
9.2
Fire Security and Safety
9.2.1 Fire Detection and
Response
9.3
Failure of Supporting Utilities and Structural Collapse
9.3.1
Heating, Ventilation, and Air Conditioning
9.3.2
Power Management and Conditioning
9.3.3
Water Problems
9.3.4
Structural Collapse
9.3.5
Maintenance of Facility Systems
9.4
Interception of Data
9.5
9.5.1
Remote Computing Security
9.6
Special Considerations for Physical Security Threats
9.6.1
Inventory Management
10.
Implementing
Information Security
10.1
Project Management for Information Security
10.1.1
Developing the Project Plan
10.1.2
Project Planning Considerations
10.1.3
Scope Considerations
10.1.4
The Need for Project Management
10.2
Technical Topics of Implementation
10.2.1 Conversion Strategies
10.2.2
The Bull’s-Eye Model for Information Security Project Planning
10.2.3
To Outsource or Not
10.2.4
Technology Governance and Change Control
10.3
Nontechnical Aspects of Implementation
10.3.1
The Culture of Change Management
10.3.2
Considerations for Organizational Change
11.
Information
Security Credentials, Security and Personnel
11.1
Positioning and Staffing the Security Function
11.2
Credentials of Information Security Professionals
11.2.1 Certified Information
Security Professional (CISSP) and Systems
11.2.2
Security Certified Practitioner (SSCP)
11.2.3
Certified Information Systems Auditor (CISA) and Certified Information Security
Manager (CISM)
11.2.4
Global Information Assurance Certification (GIAC)
11.2.5
Security Certified Professional (SCP)
11.2.6
TruSecure ICSA Certified Security Associate (TICSA)
11.2.7
Security+
11.2.8
Certified Information Forensics Investigator
11.2.9
Related Certifications
11.2.10
Cost of Being Certified
11.2.11
Advice for Information Security Professionals
11.3
Employment Policies and Practices
11.3.1
Job Descriptions
11.3.2
Interviews
11.3.3
Background Checks
11.3.4
Employment Contracts
11.3.5
New Hire Orientation
11.3.6
On-the-Job Security Training
11.3.7
Performance Evaluation
11.3.8
Termination
11.4
Security Considerations for Nonemployees
11.5
Separation of Duties and Collusion
11.6
Privacy and Security of Personnel Data
12.
Maintaining
Information Security
12.1
Security Management Models
12.1.1
The ISO Network Management Model
12.2
The Maintenance Model
12.2.1 Monitoring the External
Environment
12.2.2
Monitoring the Internal Environment
12.2.3
Planning and Risk Assessment
12.2.4
Vulnerability Assessment and Remediation
12.2.5
Readiness and Review
Method of Instruction:
Lectures, discussion, presentation, hands-on lab practice.
Evaluation Methods:
Grade will be based on meeting attendance, participation, submitting the required written assignments, two examinations, and a comprehensive final examination.
· Participation, written assignments and labs 40%
· Examinations 30% Two at 15% each
· Comprehensive final exam 30%
To receive a grade of “A”, the student must accumulate 90% to 100% of the points.
To receive a grade of “B”, the student must accumulate 80% to 89% of the points.
To receive a grade of “C”, the student must accumulate 70% to 79% of the points.
To receive a grade of “D”, the student must accumulate 60% to 69% of the points.
Any student who accumulates total scores of 59 or less will receive a grade of “F”.
A grade of “I” is awarded only when a student was doing satisfactory work but, for nonacademic reasons beyond his or her control, was unable to meet the full requirements of the course. All policies in the University Catalog will apply to a grade of I.
Please adhere to the following requirements which may affect your grade: (I) Regular and punctual meeting and lab attendance and participation; (II) Submission of all written work on time; and (III) Successful completion of the examinations.
Class
Schedule:
|
Date |
Topic |
|
Due Today |
|
Aug 22 |
Introductions, Security Fundamentals I |
1 - 19 |
|
|
Aug 24 |
Security Fundamentals II |
20 - 32 |
|
|
Aug 29 |
Business Needs, Threats, Attacks |
35 - 68 |
|
|
Aug 31 |
Legal, Ethical & Professional Issues |
75 - 104 |
Assignment 1 |
|
Sep 5 |
No Meeting – Labor Day |
|
|
|
Sep 7 |
Risk Management I |
109 - 131 |
|
|
Sep 12 |
Risk Management II |
132 - 144 |
Assignment 2 |
|
Sep 14 |
Risk Management III |
145 - 165 |
|
|
Sep 19 |
Risk Management IV |
|
|
|
Sep 21 |
Policies, Standards and Practices |
171 - 185 |
Assignment 3 |
|
Sep 26 |
Information Security Blueprint |
186 - 205 |
|
|
Sep 28 |
Continuity Strategies I |
206 - 233 |
|
|
Oct 3 |
Examination 1 |
|
|
|
Oct 5 |
Firewalls and VPNs I |
239 - 260 |
|
|
Oct 10 |
Firewalls and VPNs II |
260 - 276 |
Assignment 4 |
|
Oct 12 |
Intrusion Detection Systems |
281 - 319 |
|
|
|
October 13 is the last day to withdraw with a grade of W. |
|
|
|
Oct 17 |
Scanning and Analysis, Access Control |
320 - 336 |
Assignment 5 |
|
Oct 19 |
Lab Day |
341 - 365 |
|
|
Oct 24 |
Cryptography I |
341 - 365 |
|
|
Oct 26 |
Crytptography II |
366 - 385 |
|
|
Oct 31 |
Cryptography III |
|
|
|
Nov 2 |
Examination 2 |
|
|
|
Nov 7 |
Physical Access, Fire Safety |
389 - 407 |
|
|
Nov 9 |
Other Physical Security |
408 - 421 |
Assignment 6 |
|
Nov 14 |
Implementing Information Security I |
427 - 447 |
|
|
Nov 16 |
Information Security Credentials |
451 - 471 |
Assignment 7 |
|
Nov 21 |
Employment Practices |
472 - 482 |
|
|
Nov 23 |
No Meeting – Thanksgiving |
|
|
|
Nov 28 |
Information Security Maintenance I |
489 - 500 |
|
|
Nov 30 |
Information Security Maintenance II |
501 - 527 |
Assignment 8 |
|
Dec 5 |
Information Security Maintenance III |
|
|
|
Dec 7 |
Review for Final |
|
|
|
|
Last day to resubmit work |
|
|
|
Dec 12 |
Final Examination |
|
Note time: |
|
|
|
|
|
Academic Honesty and Collaboration: Collaboration with your classmates in studying and understanding the material is part of the collegiate experience, and is strongly encouraged. Collaboration on written assignments is permitted and encouraged, but each student must submit work written in his or her own words. For programming assignments, you may work together, but each student must produce his or her own complete program or Web document. Copying another's work will be considered cheating; all students involved will receive a grade of zero and possibly other penalties including failure of the course and dismissal from the University. Unless you are specifically advised otherwise by the instructor, any work submitted for credit, other than homework assignments, must be completely the work of the individual student.
Collaboration or cheating on examinations will result in a grade of zero and other penalties including failure of the course and dismissal from the University. Plagiarism, fabrication, or other academic misconduct will result in a grade of zero and other penalties, including failure of the course and dismissal from the University.
It is very important that you understand the concepts of academic honesty. If any of the above is not clear, or if you are not certain what some of the terms mean, please ask me. A misunderstanding in this area could end your academic career.
How to Succeed in this Class: Here are five things you can do that will greatly improve your chances of making a satisfactory grade in this class:
- Read the syllabus: It is a lot of trouble to prepare so detailed a syllabus. You should assume I had a reason for it. You should read every word in the syllabus before the second class. I will not be sympathetic to complaints that you didn't understand something about the course if it's written down in the syllabus and you didn't ask about it when you reviewed the syllabus.
- Read the textbooks: You will get a lot more out of this class, and so be able to give back more on the assignments and examinations, if you read the assigned parts of the textbooks before class. In my experience, students who don't complete the reading before class either never complete it or try to cram it all in just before the exams. That doesn't work.
- Come to class: You will read below that there's no specific penalty for missing a class. However, you are missing an opportunity to have things that may not be clear explained to you, to ask me questions, and to interact with me and your colleagues. If classes weren't important, we wouldn't have them.
- Do the homework: The homework assignments build upon one another. If you get behind, you will find it very difficult to catch up. Moreover, when you read the syllabus, you will find that there are substantial penalties for late or incomplete work.
- Allow enough time: More unsatisfactory grades are due to procrastination than any other cause. Do not assume that you can complete the homework and reading assignments in the thirty minutes before class; you cannot. The most successful students complete this work the weekend before it is due.
Course Objectives: Students who complete IT 4823 successfully will be able to:
Class Attendance: Attendance and participation in class are expected. While there is no academic penalty for missing a class, you should be aware that information not in the book will be presented in class and you will be held responsible for it on examinations. You are responsible for announcements, assignments, and syllabus revisions made in class. If you must miss a class, please arrange to borrow another student's notes. Often you'll get better notes if you make such arrangements in advance.
Historically, students with good attendance records have done significantly better in this class than students with poor records.
Preparation: You will be expected to have read this syllabus,
Chapter 1 of the text, and the Standards of Academic Conduct handout
by the second class meeting. After that, you are expected to have read each
section by the date it is first scheduled to be discussed. I recommend that you
read each chapter before it is discussed and jot down questions about anything
that is not clear. If your questions are not answered during the lecture, ask
them in class. Then re-read each chapter, jotting down
important points. Use these notes to study for the examinations.
|
Grading: |
40% |
Assignments |
|
|
30% |
Examinations (two at 15% each) |
|
|
30% |
Final Exam |
Important note: The grading is established so that you cannot pass the class without getting at least most of the homework points.
In general, I will use the following scale to assign course letter grades. I reserve the right to make adjustments (either up or down) for borderline cases.
Grading Scale: 90 and above: A. 80+: B. 70+: C. 60+: D. Below 60: F.
Examinations: Examinations will consist mainly of short answer questions, with a small number of essay or programming questions. Makeup examinations will not be given unless you make prior arrangements with me. The final examination will be comprehensive.
Assignment Grades:There
are four possible grades for assignments. A grade of 
indicates exemplary work or effort beyond what is normally expected. A grade
of 
means your work meets expected standards. Both
and
receive full credit if submitted on time. A grade of 
indicates
that one or more areas of the assignment weren't completed satisfactorily. You
may resubmit work which receives a
after revising it based on the instructor's comments. Except at the end
of the term, you have two weeks from the time grades are returned to the
class (even if you don't get yours timely through not checking!) to resubmit
your work. If you do not resubmit within two weeks, you will receive a grade of
zero. You will receive full credit for resubmitted work which meets
standards. The last date to resubmit lab assignments is the last meeting
date of this class. There is no partial credit. You must get
a check or check-plus on all parts of an assignment to receive credit for that
assignment. If your work is turned in very late or does not show an honest
effort to complete the assignment, you will receive a grade of zero.
You may resubmit only problems which were part of your original submission. In other words, if you don't attempt a problem on your first submission, you may not receive credit for it by "resubmitting" it later. Note that not attempting all parts of an assignment is very likely to result in a grade of zero for the entire assignment. However, if you do not understand a problem, you may submit a substantive question about the problem in place of a solution. I will answer your question and you may then submit a solution to the problem without penalty.
Examinations will be based in part on the contents of the assignments.
Assignments: Assignments will be posted on the class Web page approximately a week before they're due.
Due Dates: Assignments are due at the beginning of class on the date shown in the syllabus. Late assignments, including assignments submitted after class has started, will not be graded and will be recorded as zeroes. As university students, I expect you will manage your time well enough to be able to complete your assignments on time in spite of both usual and unanticipated events. However, I do recognize that sometimes, no matter how well one plans, outside events interfere with one's plans. Therefore, each student will have five "late days" that may be used to submit late assignments without penalty. You may submit one assignment five days late, five assignments one day late each, or any other combination that adds up to five. I encourage you plan well so that your late days will be available in case of a true emergency because, when you have used up your late days, there will be no other exceptions for any reason whatsoever.
Technical difficulties: Explanations of "technical difficulties" will not be accepted as excuses for late or unsatisfactory work. As university students, I expect you to manage your time and your facilities well enough to be able to complete your work in a timely and satisfactory manner.
If the work you are turning in has more than one page, staple the pages together in the upper left corner. This is the only way to organize your work; do not use notebooks, folders, etc.
In the upper right corner of the first page of each item you turn in, put the following information in the order shown:
Your name
IT 4823 -- BROWN (be sure to put my name here)
The date of the class when the item is turned in
Identification of the item (Term Paper Idea, etc.)
If the item is being resubmitted, the word "resubmitted"
Here is an example:
IT 4823 -- BROWN
Assignment 3
The first line of your work goes here.
Put this information as close to the top right corner as you can. Do not use a cover page.
World Wide Web: Questions and answers, class announcements, assignments and other material will be published from time to time on the school's Web page for this class. You should get into the habit of checking http://www.spsu.edu/cs/faculty/bbrown/it4823/f05/ for class information. You will also find copies of the handouts, this syllabus, notes on the homework and other useful information there.
However, you are cautioned that the presence of this Web page does not relieve you of responsibility for material, including announcements, assignments, and syllabus revisions made in class. In other words, I'll put material on the Web, but you still have to come to class or make sure you find out what happened in each class meeting.
Students with disabilities: Students with disabilities who believe that they may need accommodations in this class are encouraged to contact the counselor working with disabilities at (678) 915-7244 as soon as possible to better ensure that such accommodations are implemented in a timely fashion.
Administrivia:
Form of address: Call me Bob or Mr. Brown, whichever is more
comfortable for you.
Sending E-mail: I use a text based e-mail reader. If you send e-mail, please send plain ASCII text and include a line break every 70 characters or so. Messages may not be in the appropriate format unless you take special steps. I expect you to know your e-mail program well enough to configure it to send plain text only. Please do not attach word processing documents to e-mail messages... send plain ASCII text only. Do not submit assignments via e-mail; they go on the server.
Class format: There will be no scheduled breaks. Questions will be taken at the beginning of class, during the lecture, and near the end of the class.
Appointments: I will be available after class until all questions have been answered and any other concerns have been discussed, and at other times during my office hours (see the first page of this syllabus) and by appointment.
Decorum: If you have something to say in class, please address yourself to me. Keep beepers, phones, watches, etc. quiet in class; you will be asked to leave the class if your "gear" causes disruption. You will be highly embarrassed if you're kicked out of class because your cell phone rings. Don't let it happen!
Leaving materials for me: Your homework will be posted on the server. However, you may sometimes have other material for me. Bring it to class! If you are unable to attend a class, you can get material to me in three ways: Have a colleague bring them to class, take them by the SwE Office in room J-370 during office hours, or place them in one of the CSE drop boxes at any time. These drop boxes are located at the west entrance to Building J and in the hallway across from room J-361. These drop boxes are checked twice daily during the week, and material left in them will be put in my mail box if it has my name on it.
Belongings left in the classroom: If you leave belongings in the classroom and I notice them, I'll take them to the campus police office on the ground floor of Norton Hall.