Course Syllabus

About this course;

Knowledge and skills- to recognize security vulnerabilities, implement security measures, analyze network environments for known security threats or risks, defend against attacks or viruses, ensure data privacy and integrity. Terminology and procedures for implementation and configuration of security: access control, authorization, encryption, packet filters, firewalls and Virtual Private Networks (VPNs).

Learning Outcomes;

Upon completion of this course, a student will be able to:

  1. Assess areas of security concern, recognize security risks and compare internal and external threats to data and services.
  2. Compare and contrast the different methods for securing shared resources.
  3. Evaluate various anti-virus software programs, and compare to software and hardware firewalls.
  4. Classify types of firewalls, including Network Address Translation (NAT).
  5. Choose appropriate wireless security procedures to address risks.
  6. Develop a viable plan for disaster recovery including backed up data.

TextBook;

CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide. YCDA. ISBN-13: 978-1-939136-05-3

Course Requirements;

Assignments;

  1. In-class activity: Group discussions on current topics such as 1. Current crimes and legal issues 2. New forensic techniques 3. New hardware and security practices
  2. In-class activity: Hands~on lab projects such as I. Imaging a hard drive 2. Searching through a forensic image to find evidence 3. Using a forensic boot disk
  3. Out-of-class assignment: Readings from the textbook on topics such as 1. Investigative techniques 2. Hard drive formats 3. Court procedures
  4. Out-of-class assignment: Written reports that involve independent research on topics such as: 1. Current legal controversies 2. Privacy and law enforcement searches 3. New hardware and techniques

Evaluation;

  1. Participation: Student contributions to in-class discussions
  2. Other: Graded hands-on projects
  3. Exams/Quizzes/Tests: Tests and/or quizzes on topics covered in out-of-class reading, such as: a. Use of forensics hardware and software b. Investigative techniques
  4. Written work: Written reports involving independent research
  5. Final Assessment: Comprehensive final exam on topics such as: a. Reading encrypted files b. Viewing and interpreting email headers c. Recovering passwords.

Contents;

  1. Introduction and overview
    1. Overview of data and resource integrity and vulnerability to attack, internal, external:
      1. Internal: viruses, malicious code, theft or destruction of code or data; sabotage.
      2. External: viruses, worms, Trojan horses, spoofing, replay, denial of service, etc.
      3. History of actual attacks (Melissa, Nimbda, Mafiaboy, etc
      4. Considerations: integrity, privacy, protection of data, availability of servers.
    2. Vulnerabilities of media and applications:
      1. Susceptibility to wiretapping and eavesdropping: copper, fiber, wireless.
      2. Software risks: cookies, anonymous login, plain text.
      3. Fixes, patches, service packs and alerts, security websites.
  2. Securing shared resources
    1. Password protection, authentication, biometrics.
      1. Methods to defeat or guess passwords.
      2. Shared secret and Kerberos v. 5 authentication, ticket granting.
      3. Access control lists and RADIUS servers (remote authentication dial in user service)
    2. File and folder permissions in Unix and Windows
    3. Encryption algorithms and methods
      1. Windows encrypting file system (EFS)
      2. Data Encryption Standard (DES); Triple DES (3DES).
      3. Public key infrastructure (PKI), digital certificates, Certificate Authority (CA)
      4. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) use PKI
      5. Pretty Good Privacy (PGP): encrypts and signs e-mail.
  3. Anti-virus applications
    1. Specific vendors: comparison, evaluation
    2. Updates on line
  4. Firewalls and other devices.
    1. Personal software firewalls from various software vendors
    2. Hardware: router filtering; TCP/IP packet filtering; hardware firewalls.
    3. Proxy Servers
    4. Network Address Translation (NAT)
  5. Wireless: security issues: eavesdropping, jamming
    1. WI-FI (802.11b): by default not secured and wide-ranging
    2. Security algorithms for radio: frequency hopping and direct sequence.
    3. WEP (wireless equivalent privacy) and 802.1x IEEE stronger standards.
  6. Management: adopting and enforcing good practices
    1. Site security
    2. Tum off unnecessary services, close unneeded ports
    3. Training users to use security, properly configuring client machines.
    4. Risk management and plans for disaster recovery.