Book Reviews

The Survivability and Information Assurance (SIA) course was originally developed by a team at Carnegie Mellon, led by Lawrence Rogers (/about/divisions/cert/index.cfm). Back in 2010, I requested a license to continue the development of the course because it provides useful information on Information Assurance. Also, this course will always be freely available for anyone to use in the classroom or self-study. There are three parts to the LearnSIA curriculum.

1. Principles of Survivability and Information Assurance: This course presents in detail the ten principles of survivability and information assurance, on which the entire SIA curriculum is based.

2. Information Assurance Networking Fundamentals: This course applies the ten principles to the concepts and an implementation of TCP/IP networking. This is an in-depth look at networking protocols, namely TCP/IP. There are a lot of exercises that show how to read and interpret those protocols using Wireshark, formerly Ethereal. The current tutorials will have to be upgraded to reflect the use of Wireshark since it was, then, called Ethereal.

3. Sustaining, Improving, and Building Survivable Functional Units (SFUs). The third part is SIA III, which combines SIA I and SIA II and uses a fictitious company that the students learn to secure by setting up secure services on virtual machines. Again, it is also a very hands-on portion of the course.

LearnSIA doesn't attempt to compete with commercial vendors and it doesn't offer certifications. Those interested in certifications should seek out certifications with SANS (Cyber Security Training, Degrees & Resources | SANS Institute), Certified Ethical Hacker (, Security+ ( Security+ (Plus) Certification | CompTIA IT Certifications) or other security certification vendors. The LearnSIA curriculum provides a solid foundation for a systems administrator or security administrator to be able to effectively approach security with a wholistic view of how it applies to the entire organization. That is the fundamental approach for the SIA I course.

This is a call for those that would like to help keep this course updated, help create video tutorials, transcribing audio from the videos for those that are blind or hard of hearing, maintain lesson plans, or just proofread. Of course, you can also enjoy free access to the course. The current needs for participating in developing the LearnSIA curriculum are all outlined on the website (learnsia). One important note about the LearnSIA curriculum is that it is a living course. It will never be in a "final" state. The content will change as long as the industry continues to change.

Please join me in this endeavor to provide a good quality, free, and ever changing course online for anyone to learn.

About the Author

Duane Dunston is an Information Security practitioner for STG Inc. and has contributed several articles to and has been in the Information Security industry since 1997. He is also an adjunct Information Assurance instructor at Pfeiffer University, his alma matter ('97 & '99). Duane is a member of the Asheville River Arts District where he works with silver and copper under the Iron Fist of Bill Churlik at Earth Speak Arts ( ).