After completing this course, the student should be able to:
 

	Classify computer security into three types -- administrative, physical and logical
	Identify administrative security procedures that occur during a job interview and at employee orientation
	Identify physical access and environmental controls that secure a data center facility
	Define characteristics of access control software as well as methods for protecting networks and microcomputers from unauthorized logical access
	Describe the steps in computer security risk analysis
	Explain the function of a Contingency Planning Committee
	Identify preventive measures that guard computer resources

Types of Security
Identifies three types of computer security.
 

Administrative, Physical and Logical Why computer security is important.  Three categories of computer security.

Administrative Security
Describes the administrative steps which can increase computer security.
 

	At the Interview Five rules for administrative security identifiable during a job interview.
	Orientation Five practices that result in administrative security identifiable at an orientation session.

Physical Security
Identifies threats to the data center building. Discusses countermeasures to control entry to the computer area and modification of the environment.
 

	Access Controls Why access controls are important.  Eight ways to control access to a computer facility.  A rule of thumb for the level of access controls required.
	Environmental Controls Why environmental controls are important.  Five factors to consider for environmental control of a computer facility.

Logical Security
Describes the characteristics of access control software packages which protect programs and data from unauthorized changes.  Shows the threats to networks and data and the ways to protect them.
 

	Access Control Software Purpose of an access control software package.  Two characteristics of an access control software package.
	Network Security Definition of network and of intelligent and dumb terminals.  Two advantages and three risks of computer networks.  Three methods of encryption.
	Microcomputer Security Two logical security problems similar for mainframes and micros.  Two logical security problems unique to microcomputers.  One problem unique to microcomputer program files.

Contingency Planning
Identifies the steps in a security risk analysis and the components of a contingency plan for countermeasures.
 

	Risk Analysis Definition and purpose of risk analysis.  Four steps in the security risk analysis process.
	On the Committee Classification of disasters into four categories according to severity.  Four important factors that must be included in a contingency plan.

Precautions
Details preventive measures that add to the success of a security program.  Covers laws regarding theft, malicious mischief and privacy, and how they affect data processing operations.
 

	Legislation Three types of computer crime.  Three federal laws dealing with data privacy.  Five principles of data privacy.
	Administrative, Physical and Logical Four administrative, two physical and two logical security precautions that will protect the privacy of personal data.
	EDP Auditing Definition of an EDP audit and an EDP auditor.  Goals of an EDP audit.  Three methods EDP auditors use.

Security Checklist
Presents a checklist of questions to ask about computer security.  Allows the student to review the security of a fictitious company.
 

	Administrative
	Physical
	Logical
	Contingency Planning