CET 2691 - Laws & Legal Aspects of IT Security

College of Computer & Information Technology

Credit(s): 3
Contact Hours: 47
Effective Term Spring 2022 (600)

Course Description

This course provides students with an overview of legal issues common to computer security. These issues fall within the parameters of privacy, intellectual property, computer crime investigation for network breaches, civil liability, and the ethical considerations of the Information Technology (IT) professional focused on network security. The course will seek to expand on all matters of law that may be included on any network security certification exam, but also covers the economic impact that security breaches have on industry sectors and the business response required. Coursework will include reviewing fact patterns applied to legal and ethical authorities.

Learning Outcomes and Objectives

  1. The student will evaluate computer crimes, as they are defined in the United States by:
    1. reviewing the variety of forms that computer crimes can take.
    2. analyzing the elements of conduct in each of these computer crimes that are requisites to the crime.
    3. listing methods by which computer crimes have been carried out.
    4. providing real life examples of each computer crime from their studies.
    5. articulating how the legal implications of the criminal activity on the business operation.
  2. The student will identify and apply various sources of legal authority, including federal statutes, state statutes and case law, involving intellectual property, privacy and crime by:
    1. identifying various federal statutes and case law associated with network security and related matters.
    2. analyzing state statutes and case law involving network security and related matters.
    3. describing international law involving network security and related matters.
    4. reviewing administrative laws involving network security and related matter.
  3. The student will analyze how to determine if a crime has occurred by:
    1. exploring investigation issues, specifically concerning the gathering of evidence, the commingling of data, the collection of artifacts in a forensically sound manner, search warrants, and chain of custody considerations.
    2. discussing a prosecutor’s admissibility requirements for electronic evidence.
    3. investigating the various forms or types of evidence, including best evidence, secondary evidence, direct evidence, inclusive evidence, opinions, circumstantial evidence, and hearsay.
    4. reviewing the guidelines for searching and seizing computers.
  4. The student will explain civil liability for breaches in network security by:
    1. applying civil legal principles to a variety of factual scenarios and case studies.
    2. identifying the various civil liability that may result from a cyber breach.
    3. describing and explaining the financial impact and insurance implications on the organization.
    4. identifying how contract terms, including those involving insurance coverage, may affect the financial liability of an organization.
  5. The student will explain how the industry of information technology has promulgated ethical codes for IT professionals, including responsibilities to employers, the public and the profession by:
    1. discussing, in general, various codes of ethics that have been established, including the ISC² Code of Ethics, the ACM Code of Ethics and Professional Conduct, the Internet Activity Board’s Ethics, and the U. S. Department of Health, Education, and Welfare Code’s Fair Information Practices.
    2. applying ethical considerations to fact patterns in order to illustrate the significance of ethics in the industry.

Criteria Performance Standard

Upon successful completion of the course the student will, with a minimum of 70% accuracy, demonstrate mastery of each of the above stated objectives through classroom measures developed by individual course instructors.

History of Changes

Effective yrtr 20021. Was BUL2YYY. New Prefix and number assigned effective 20032. 3-YEAR REVIEW 2005 effective 20061(0370). Online 20092(0420). 3-Year Review 2009. C&I Approval: 05/28/2002, BOT Approval: 07/29/2002, Effective Term: Spring 2010 (420). C&I Approval: , BOT Approval: , Effective Term: Summer 2021 (590).
C&I Approval: , BOT Approval: , Effective Term: Spring 2022 (600)

Related Programs

  1. Artificial Intelligence Responsible Use (AIRU-CT) (645) (Active)
  2. Artificial Intelligence Responsible Use Practitioner (AIRUP-CT) (645) (Active)
  3. Cybersecurity (CYSEC-TR) (670) (Active)
  4. Cybersecurity (CYSEC-BAS) (610) (Active)
  5. Cybersecurity (ITSC-AS) (640) (Draft)
  6. Cybersecurity (ITSC-AS) (640) (Active)
  7. Cybersecurity (ITSC-CT) (510) (Active)
  8. Technology Development & Management (TMGT-TR) (670) (Active)