Professional Documents
Culture Documents
COURSE IDENTIFICATION Course Title Basic Network Security Course Credit 3 UNITS Course Advanced Networking Concepts Prerequisite Course NONE Corequisite Course The course covers the fundamentals of network security. The extent of coverage is confined to the concepts necessary to provide the students Description with a good working knowledge in network security. Appropriate hacking tools and security tools will be utilized to supplement and complement
students.
1. Aware of the basic security management concepts. 2. The difference between policies, standards, guidelines, and procedures. 3. Determine the level of threat provided by the intruders. 4. Explain the ways and good practices of network security. 5. Understand some laws pertaining to cyber crimes. 6. Differentiate the level of security and weaknesses in each network. 7. Name network attacks and vulnerabilities. 8. Use some methods of testing for network vulnerabilities. 9. Use some hacking prevention techniques. 10. Understand the Information Technology Infrastructure Library 11. Document company IT Use Policies III. TEXTBOOK(S) AND REFERENCES Textbook(s) Graves, K. (2010).
CEH. United Kingdom: Wiley Pub. Kartalopoulos, S.V (2009). Security of Information and Communication. United Kingdom:Wiley Pub. Basta,A. (2008). Computer Security and Penetration Testing. Thomson. Fourouzan, B.A (2008). Cryptography and Network Security. McGrawHill Gregg, M.C (2008). Build Your Own Lab. Wiley Pub. Ye,N. (2008). Secure Computer and Network System. J.Wiley Pub. Jacobson,D. (2009). 1
References
Module Week 1 Module 1: Orientation, Review of the Course Syllabus Expectations leveling and Classroom Rules Formulation Chapter 1 : Security Management Practices Module 2: Information Security Triad Basic Security Concepts Confidentiality Integrity Availability Module 3: Security Management Security Program Development Security Control Goals Module 4: Information Risk Management Kinds of IRM Countermeasures or Safeguard Security Controls (Functional vs. Assurance) Classification Controls Week 2 Chapter 2: Access Control Module 5: Identity Management
Objectives At the end of the period, the students should be able to: 1. Explain what the course is all about; 2. Recall and agree on expected classroom behavior and procedures. Relive the basic tenets being discussed in the class. 3. Know the basic information about security management concepts 4. The difference between policies, standards, guidelines, and procedures 5. Security awareness concepts 6. Risk Management
Activities/Tasks/Skills/Focus Discussion of the syllabus, review of classroom rules and procedures. Discussion of chapter 1 about Security Management Practices Review on Different kinds of information and database values Practical laboratory on capturing and observing information within the network
At the end of the period, the students should be able to: 1. Understand the threats, vulnerabilities, and risks which are associated with the information
Discussion on how to gain access base on privileges and user account roles as users on the network Familiarization of the basic terms of network security as
Components of Access Control Account Management Module 6: Authentication Password Management and Techniques Types of Biometrics Problems with Biometrics Module 7: Access Control Modules Discretionary Access Control Mandatory Access Control Non Discretionary Access Control Role Based Access Control Week 3 Chapter 3: Telecommunication and Network Security Module 8 - Remote Access Security Management Securing Telecommunication and User Connectivity Remote User Management Issues Module 9 - Intrusion Detection and Response Fundamental Variation on how IDS works Computer Incident and Response Long Quiz Week 4 Continuation of the previous chapter
system 2. Explain and apply the preventive and detective measure that are available to counter them 3. Compare and contrast the different kinds of biometrics as well as how they help to secure the network 4. Explain the role and methods on how Access Control Modules works to secure the network
well as the right usage of password Discussion of the different way on how to secure the system using biometrics Basic alphanumeric password creation and access-list restriction practical laboratory exercise
At the end of the period, the students should be able to: 1. Communications and network security as it relates to voice, data, multimedia, and facsimile transmissions in terms of local area, wide area, and remote access 2. Communications security techniques to prevent, detect, and correct errors so that integrity, availability, and the confidentiality of transactions over networks may be maintained 3. Internet/intranet/extranet in terms of firewalls, routers, gateways and various protocols 4. Communications security management and techniques, which prevent detect, and correct errors so that the transactions over networks may be maintained
Review on how to perform remote management as well as securing the connection Discussion of basic fundamentals of Intrusion Detection System Discussion of Computer Incident and Response Discussion of network attacks and abuses Practical Laboratory in remote connection usage and intrusion detection simulation
Syllabus Reference Books Cisco Routers Packet Tracer WireShark GNS3 Simulator VNC
Module 10: Back Up Concepts and Methods Kinds of Backup Methods Back Up Concepts and Techniques Common Back up Issues Module 11: Single point of failures Managing Single Point of Failures Module 12: Network Attacks and Abuses Denial of Service Session Hijacking Attack Week 5 Chapter 4: Layered Architecture Model and Firewall Concepts Module 13: OSI Reference Model and TCP/IP Model Seven OSI Reference Model Module 14: OSI Security Service and Management Basic Security Management Security Mechanism Module 15: Firewall Architectures Types of Firewall and Concepts Week 6 Chapter 5- Cryptography Module 16: Cryptography 1. Overview of Cryptography and encryption techniques At the end of the period, the students should be able to: Review of Cryptography History Review of Cryptography key concepts At the end of the period, the students should be able to: 1. Explain the various role of OSI models 2. Compare and Contrast OSI Reference Model and the TCP/IP Model 3. Key Concepts of how firewall works to protect our network Review of the OSI Reference model Review of the TCP/IP Model Discussion of Firewall Architectures Simulation on how firewall works against threats
Syllabus Reference Books Firewall Simulator (ice black) Cisco Routers Packet Tracer Wireshark
Concepts Cryptography Terminology Cryptosystem Development Module 17: Cryptography History Shift Cipher Transposition Cipher Scytale Vigenere Cipher Module 18: Symmetric Cryptography DES Triple DES RC4,RC5,RC6 Blowfish IDEA Symmetric Cons Week 7 Continuation of the previous chapter Module 19: Asymmetric Cryptography Diffie-Helman RSA,DSA El-Gamal Elliptic Curve Cryptosystem Module 20: Encryption Modes Cipher Block Encryption Block Encryption Stream Cipher Week 8 Long Quiz 2 Film Showing : Hackers Wanted
2. Explain the Cryptography Key Fundamentals and History 3. Distinguish the different types of encryption modes
Discussion of the kinds of Cryptography and the different encryption modes Practical Laboratory, Encryption implementation
Exercise
At the end of the period, the students should be able to: 1. Evaluate students on what they learn on the previous weeks 2. Assess their theoretical skills 3. Assess movies on how ethical hacking affect the community
Week 9 Chapter 6: Security Architecture Module 21: System Security Architecture Security Architecture Terms and Perimeters Basic Hardware Architecture Module 22: System Security Model State Machine Model Bell-Lapadula Model BIBA Model Latice Model Module 23: Security Modes of Operation Dedicated Security Mode System High Security Mode Week 10 Chapter 7:Business Continuity Planning and Disaster Recovery Planning Module 24: Business Continuity Planning BCP DR Key Concepts Creating a BCP Module 25: Disaster Recovery Management Recovery Planning Warm Site Cold Site Restoration Methods Module 26: Electronic
At the end of the period, the students should be able to: 1. Identify the different computer components as well as their respective functions 2. Methods on how the security models work 3. Understand the system security model in performing protection mechanism against threats
Discussion of the system security architecture Review of the computer components Discussion of the System security model and modes of operation
At the end of the period, the students should be able to: 1. Understand the basic difference between business continuity planning and disaster recovery planning 2. Explain the difference between natural and man made disaster. 3. Identify the four prime Business continuity planning elements 4. Evaluate the steps in creating a disaster recovery plan 5. Explain the five types of disaster recovery plan test 6. Understand and implement the different types of back up plan
Discussion on Business Continuity Planning Review on the Disaster Recovery Management Discussion of Electronic Vaulting and Remote Journaling
Vaulting and Remote Journaling Backup Plans and Category Remote Journaling Tape Vaulting Week 11 Chapter 8: Physical Environmental Security Module 27: Physical Security Fundamentals Threats and Physical Security Problems Physical Security Fundamentals Security Zones Module 28: Environmental Issues and Practices Automatic Fire Prevention and Suppression System Perimeter Security Physical IDS Week 12 Chapter 9: Cybercrimes and other Legal Stuff Module 29: Complexities in Cyber Crime Complexities in Cyber Crime Types of Law and key concepts Module 30 : International Protection of Property Software Piracy Different Laws and Regulations Module 31 : Computer Fraud and Abuse At the end of the period, the students should be able to: 1. The elements involved in choosing a secure site and its design and configuration 2. The methods for securing a facility against unauthorized access 3. The methods for securing the equipment against theft of either the equipment or its contained information 4. The environmental and safety measures needed to protect personnel, and the facility and its resources Discussion of the Physical Security Fundamentals Review on the Environmental Issues and Practices Practical Laboratory, Physical Security Syllabus Reference Books Packet Tracer Determination Motivation Teamwork Enthusiasm Technical Knowledge Short Quiz Seatwork Assignment Practical Skills Hands On Lab on Physical Security
At the end of the period, the students should be able to: 1. Understand what laws apply to computer crimes. 2. How to determine if a crime has occurred 3. The basics of conducting an investigation and the liabilities under the law
Discussion of the complexities in cyber crime Review on the international protection of property Discussion on Computer Fraud and Abuse Discussion on Employee Privacy
Gram Leach Bliley Act of 1999 Federal Privacy Act of 1974 Week 13 Module 32 Employee Privacy Issues Employee Privacy Issues Company Liability Issues Computer Forensic Investigation Investigation and Incident Response Module 33 IT Use Policies Company IT infrastructure and network design At the end of the period, the students should be able to: 1. Evaluate their knowledge acquired through the subject Discussion on legal and privacy issues on IT Discussion on mitigation of risk and response to incidents
Audit a companys network infrastructure Assess and recommends companys network security
EXAM