Overview - 2018/2019
Protecting the private and personal information of industries and people is not only a vital and important career, it's also never been more in demand. If you're technically minded and are looking to add to your already impressive resume, the Information Security Management program will give your future career the boost it needs.
To fit in with your busy schedule, the program is available 100% online or in a traditional in-class format (full-time or part-time) with September, January or May admissions. Once you've chosen schedule that best suits your needs, you'll learn how to manage both the operational and strategic aspects of information security. In just eight months, you'll develop the skills to identify how a business is vulnerable, and how to best safeguard their information. You'll also learn detailed practical aspects of security such as risk analysis, vulnerability testing, writing security policies, implementing access controls, and performing security audits.
When you graduate, your career options will be as diverse as your future clients. Work as a Security Analyst, in the public or private sectors. Give your career security while helping companies keep their data safe.
Phone: 519-452-4430 x6082
Admission Requirements - 2018/2019A Two- or Three-Year College Diploma, or a Degree in a computing related field
Acceptable combination of related work experience and post-secondary education as judged by the College to be equivalent to the above
English Language Requirements
Applicants whose first language is not English will be required to demonstrate proficiency in English by one of the following methods:
- A Grade 12 College Stream or University Stream English credit from an Ontario Secondary School, or equivalent, depending on the program's Admission Requirements
- Test of English as a Foreign Language (TOEFL) test with a minimum score of 570 for the paper-based test (PBT), or 88 for the Internet-based test (iBT), with test results within the last two years
- International English Language Testing System (IELTS) Academic test with an overall score of 6.5 with no score less than 6.0 in any of the four bands, with test results within the last two years
- Canadian Academic English Language (CAEL) test with an overall score of 70 with no score less than 60 in any of the four bands, with test results within the last two years
- Pearson Test of English Academic (PTE) with a minimum score of 59, with test results within the last two years
- A Cambridge English Test (FCE/CAE/CPE) with an overall score on the Cambridge English Scale of 176 with no language skill less than 169, with test results within the last two years
- An English Language Evaluation (ELE) at Fanshawe College with a minimum score of 75% in all sections of the test, with test results within the last two years
- Fanshawe College ESL4/GAP5 students: Minimum grade of 80% in ESL4/GAP5 Level 9 or 75% in ESL4/GAP5 Level 10
Recommended Academic Preparation
- Previous business or IT post-secondary education and/or training and/or work experience.
Applicant Selection CriteriaWhere the number of eligible applicants exceeds the available spaces in the program, the Applicant Selection Criteria will be:
- Preference for Permanent Residents of Ontario
- Receipt of Application by February 1st (After this date, Fanshawe College will consider applicants on a first-come, first-served basis until the program is full)
- Achievement in the Admission Requirements
Information Security Management-2018/2019
Level 1 Credits
INFO-6001 Information Security 4 This course will concentrate on the essential concepts of information security CIA, confidentiality, integrity, and availability. The common vulnerabilities in computer and network systems and the methodology hackers use to exploit these systems will be examined. INFO-6003 O/S & Applications Security 4 This course will concentrate on the vulnerabilities of Windows and LINUX operating systems. The best practices and methodologies to ensure that critical security upgrades and system patches are installed will be discussed. Vulnerabilities to web applications will be explored. INFO-6042 Web Security 3 This course will delve into the current scripting and computer languages used by modern web clients and servers, with a focus on the programming methodologies used to prevent exploitation of web security vulnerabilities. INFO-6027 Security Planning 3 This course will provide necessary skills to identify essential elements of a Security Management System, and the business processes that require protection. Risk assessments will identify vulnerabilities and required countermeasures to prevent and mitigate system failures. The consequences of data loss and the required safeguards are part of the process. The course will concentrate on the principals of implementing security in an organization. As part of this process Students will prepare and assess various security policies. INFO-6047 Routing & Switching 5 This course focuses on the operation and analysis of the roles of routers and switches in an enterprise network. Topics covered include switching, STP, VLANs, routing protocols, IPv4 & IPv6, inter-VLAN routing, DHCP & NAT. The course will cover the Cisco CCNA Routing & Switching Essentials curriculum. ACAD-6002 Graduate Success Strategies 1 This course presents and helps to develop some of the skills required to achieve academic and career success for graduate students. Areas of focus include college resources, study skills, and time management among other skills. The importance of Academic Integrity will be a main focus.
INFO-6002 Network Systems & Components 3 This course will provide the student with a detailed and comprehensive understanding of the equipment used in computer networks. It will discuss the importance of the equipment to the business process and the security implications. The course will also concentrate on the protocols such as TCP/IP and HTTP that are essential for e-commerce and the operation of the network INFO-6072 Information Security Testing 3 This course teaches students how IT systems can be attacked and penetrated by circumventing security or exploiting vulnerabilities in the system. Students will apply a methodical approach to surveying, testing and auditing systems, as well as preparing secure system designs, identifying vulnerabilities, and defending systems against intrusion. Level 2 Credits
INFO-6048 CCNA Security 5 This course will cover several aspects of network security to manage secure access to enterprise networks and servers. Students will study the control of network access through centralized authentication, authorization and accounting protocols and Virtual Private Networks. The implementation of Intrusion Prevention Systems to monitor for malicious traffic will also be studied. Experiential activities will include hands on the configuration of Cisco Systems network security devices to provide secure access to the enterprise network. Modern malware techniques and the use of cryptography to protect data will also be explored. The course will cover the Cisco CCNA- Security curriculum and prepare students for the Cisco CCNA - Security certification. INFO-6009 Network Monitoring & Penetration Testing 3 This course will cover the techniques for monitoring the network for unauthorized access. The concept of Ethical hacking and the tools and methods used to test the security systems currently in place is also examined. INFO-6010 CISSP Prep 3 This course provided students with a comprehensive overview of the domains or areas of study in the CISSP (Certified Information Systems Security Professional) certification. Domains include; Security and Risk Management), Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, Software Development Security. Throughout the course each domain will be studied in more detail covering the topics in the CISSP examination. INFO-6065 Ethical Hacking & Exploits 4 This course will discuss vulnerabilities and exploits and introduce the student to methods of attack that involve the weakest component of the enterprise, the end user. The student will also learn how to identify attacks against the network and defend against them. INFO-6011 Applied Project Management 3 This course focuses on the fundamental theory and practical application of project management skills and techniques to enable the development, selection, definition, execution and closure of IT projects. Students will take a case study through the essentials of a five-phase project management process as defined by the Project Management Institute and learn about the unique challenges at each stage. Students will use task based techniques, templates and Industry standard tools, including Microsoft Project to focus on program specific cases that reinforce processes presented concurrently in the program.
INFO-6008 I.T. Auditing 3 This course will concentrate on the concepts of auditing, controls and security in an IT environment. Topics covered include general and application internal controls, security, governance, standards, guidelines and regulations. Methods and procedures to assess the risks and evaluate controls over information systems in an organization will be examined. INFO-6073 Digital Forensics 3 This course prepares students to apply the principals of digital forensics to detect, recover, trace, analyze and interpret digital evidence. This course teaches students how files are structured, data recovery techniques, data hiding and how to conduct a digital investigation.
Careers - 2018/2019
Career OpportunitiesThis program will prepare graduates to take advantage of the growing opportunities in the information security field. Graduates will be an asset to any information technology support department or specifically as part of a security team, in virtually all sectors of business. Subsequently, with the right experience base, graduates can expect to find opportunities as security analysts and consultants or in security management roles. They would obtain positions such as security analysts, information security auditor, network security analyst, IT technical security specialist and threat-risk/vulnerability security specialist.
More Information - 2018/2019A Mandatory Mobile Computing (Laptop) Program
Offered as an Online Distance Education Program and in a Face-to-Face Classroom Format
A One-Year Ontario College Graduate Certificate ProgramProgram Code: ISM1
Campus Code: LC (LC - London)
15 week terms
Academic Calendars available at www.fanshawec.ca/academicdates
Program Code: ISM1
Campus Code: LCL (LCL - London-Online)
15 week terms
Academic Calendars available at www.fanshawec.ca/academicdates
ContactSchool of Information Technology: 519-452-4291
Program DescriptionThis one-year Graduate Certificate program is designed to provide students with a holistic approach to information systems security as it applies to business. The program will provide a broad understanding of security concepts and concentrate on industry best practices for information security. Students will gain the knowledge required to manage both the strategic and operational aspects of information security. The focus will be on addressing the following questions:
- What business assets need protection?
- What are the vulnerabilities and threats to the business and the assets?
- What safeguards need to be implemented to protect the business?
- Did the protection measures or safeguards work?
- Classes are delivered online and face-to-face on campus. Full-time and part-time students have the option to watch live and interactive webcasts or attend classes face-to-face on campus for most courses. All webcasts will be recorded and archived so students can review material and learn at their own pace. Students will require access to a computer and the Internet, preferably high-speed if attending online, and students will require a suitable laptop as per specs if attending in face-to-face classes.
- Applicants applying to the Online version of the program should ensure they have appropriate technological capacity to complete the program, including access to a computer, required software and internet access for each course in the program. Students attending the Online version of the program will not be required to pay a CONNECT lab fee.
- For all other students a laptop computer is to be purchased by the student attending the face-to-face classroom format (approximately $1200.00). The cost of the equipment is included in the General Expenses stated in the Fee Schedule. A CONNECT lab fee of $50.00 per academic term is included in the Additional Program Fees stated in the Fee Schedule. This fee helps cover costs associated with the delivery of the CONNECT mobile computing program.
- Students should not purchase a laptop computer or software until the College publishes the recommended configuration, models, software titles and versions for that academic year.
The graduate has reliably demonstrated the ability to
1. apply knowledge of computer operating systems, networking, and various application software to the simulation of business processes.
2. develop best practices to protect business resources through the application of knowledge of vulnerabilities and exploits.
3. develop security strategies for the deployment of security procedures and protective devices.
4. Integrate information technology strategies that support business functions by employing knowledge of best practices of business processes and systems.
5. develop security plans and strategies to include acceptable use of business information and systems by internal employees, contractors, consultants, business partners and customers.
6. develop security plans and strategies to ensure the integrity of information in compliance with best practices, relevant policies, standards, and regulations.
7. apply project management principles in the deployment of security policies and strategies.
8. perform security audits to ensure compliance with security plans, policies, standards, regulations and best practices.
9. develop and deliver a corporate training program to communicate both orally and in writing the security requirements for compliance with security policies.
10. prepare security documentation for approval by senior management and present results of security audits.