The security and assurance of our computing infrastructure has become a national priority. To address this priority, higher education has gradually incorporated the principles of computer and information security into the mainstream undergraduate and graduate computer science curricula. To achieve effective education, learning security principles…

Disasters happen all the time; yet despite this, many organizations are caught unprepared or make unrealistic assumptions. These factors create environments that will fail during a disaster. Most information technology (IT) curricula do not cover disaster recovery (DR) plans and strategies in depth. The unfortunate result is that most new computer…

We have developed a computer security workshop designed to instruct post-secondary instructors who want to start a course or laboratory exercise sequence in computer security. This workshop has also been used to provide computer security education to IT professionals and students. It is effective in communicating basic computer security principles…

Many introductory courses to cryptology and computer security start with or include a discussion of classical ciphers that usually contemplates some cryptanalysis techniques used to break them. Ganzua (picklock in Spanish) is an application designed to assist the cryptanalysis of ciphertext obtained with monoalphabetic or polyalphabetic ciphers.…

This article investigates teaching the application of technical ideas by non-technical means, especially by using puzzles to engage students. After discussing the need to teach students to evaluate contexts in which decisions about computer security must be made, we suggest questions and scenarios drawn from political science, history, as well as…

The typical approach to creating an examination disk for exercises and projects in a course on computer forensics is for the instructor to populate a piece of media with evidence to be retrieved. While such an approach supports the simple use of forensic tools, in many cases the use of an instructor-developed examination disk avoids utilizing some…

We describe a sequence of five experiments on network security that cast students successively in the roles of computer user, programmer, and system administrator. Unlike experiments described in several previous papers, these experiments avoid placing students in the role of attacker. Each experiment starts with an in-class demonstration of an…

Serious games use entertainment principles, creativity, and technology to meet government or corporate training objectives, but these principles alone will not guarantee that the intended learning will occur. To be effective, serious games must incorporate sound cognitive, learning, and pedagogical principles into their design and structure. In…

A novel idea for information security education created by the New York State Center for Information Forensics and Assurance (CIFA) is presented. This new approach incorporates a teaching hospital model originally developed for medical training. In this model, information security problems from industry and government are solved and abstracted…

In the summer of 2003, a project to augment and improve the teaching of information assurance courses was started at IUP. Thus far, ten hands-on exercises have been developed. The exercises described in this article, and presented in the appendix, are based on actions required to secure a Linux host. Publicly available resources were used to…

Educational institutions that wish to implement a specialized teaching laboratory often have a variety of obstacles to overcome. Some of these obstacles are related to adapting existing classroom infrastructure, building the laboratory, and meeting the demands for multiple-use classrooms to maximize the return on investment. In some cases, such as…

Information assurance courses delivered in an online environment pose challenges to the development of meaningful hands-on exercises for students. This article presents techniques on furnishing laboratory exercises to online students and presents examples of assignments drawn from the author's experiences in teaching online courses for over three…