CNIT 120
Network Security
Course Information
Note: We have created two blank course pages for you to populate. If you are teaching only one course, take time to hide the second course page from the navigation. If you are teaching more than two course, duplicate one of your course pages and rename it. Finally, adjust the Courses Page by either removing or adding references to your course pages.
After finishing the process above, delete the instructions and then include your course information: description of the course, how you handle ADDS/DROPS, special software or materials required.
Important Dates
Important dates: Prominently state if there are required meetings and if there is a required orientation midterm, and/or final exam. It is very important that you include the dates as students need this information when they register for all of their classes. Include the campus location, building name, and room number. It is best to have this information on your website at the time the online schedule is released.
Course Syllabus
CNIT 120 Syllabus
Chapter 1
Mastering Security Basics
Understanding Core Security Goals
Provide Integrity
Ensue Confidentiality
Increase Availability
Resource Versus Security Constraints
Introducing Basic Risk Constraints
Understanding Control Types
Implementing Virtualization
Comparing Hypervisors
Secure Network Architecture
Using Command-Line Tools
Windows Command Line
Linux Terminal
Understanding Switches and Getting Help
Understanding Case
Ping
Chapter 2
Understanding Identity Access Management
Exploring Authentication Concepts
Comparing Identification and AAA
Comparing Authentication Factors
Summarizing Identification Methods
Troubleshooting Authentication Issues
Comparing Authentication Services
Managing Accounts
Comparing Access Control Models
Role-Based Access Control
Rule-Based Access Control
Discretionary Access Control
Mandatory Access Control
Attribute-Based Access Control
Chapter 3
Exploring Network Technologies and Tools
Reviewing Basic Network Concepts
Basic Network Protocols
Implementing Protocols for Use Cases
Understanding and Identifying Ports
Understanding Basic Network Devices
Switches
Routers
Bridge
Aggregation Switch
Firewalls
Implementing a Secure Network
Zones and Topologies
Network Separation
Media Gateway
Proxy Servers
Unified Threat Management
Mail Gateways
Chapter 4
Securing Your Network
Exploring Advanced Security Devices
Understanding IDSs and IPSs
SSL/TLS Accelerators
SSL Decryptors
SDN
Honeypots
Honeynets
IEEE 802.1x Security
Securing Wireless Networks
Reviewing Wireless Basics
Networks Architecture Zones
Wireless Cryptographic Protocols
Understanding Wireless Attacks
Using VPNs for Remote Access
VPNs and VPN Concentrators
Remote Access VPN
Network Access Control
Identity and Access Services
Chapter 5
Securing Hosts and Data
Implementing Secure Systems
Operating Systems
Secure Operating System Configurations
Secure Staging and Deployment
Peripherals
Hardware and Firmware Security
Summarizing Cloud Concepts
Infrastructure as a Service
Security Responsibilities with Cloud Models
Security as a Service
Cloud Deployment Models
Deploying Mobile Devices Securely
Exploring Embedded Systems
Protecting Data
Protecting Confidentiality with Encryption
Data Loss Prevention
Chapter 6
Comparing Threats, Vulnerabilities and Common Attacks
Understanding Threat Actors
Determining Malware Types
Recognizing Common Attacks
Social Engineering
Attacks via Email and Phone
One Click Lets Them In
Blocking Malware and Other Attacks
Protecting Systems from malware
Educating Users
Why Social Engineering Works
Chapter 7
Protecting Against Advanced Attacks
Comparing Common Attacks
DoS Versus DDos
Privilege Escalation
Spoofing
SYN Flood Attacks
Man-in-the-Middle Attacks
ARP Poisoning Attacks
DNS Attacks
Amplification Attacks
Password Attacks
Replay Attacks
Known Plaintext Attacks
Hijacking and Related Attacks
Domain Hijacking
Man-in-the-Browser
Driver Manipulation
Zero-Day Attacks
Memory Buffer Vulnerabilities
Summarizing Secure Coding Concepts
Compiled Versus Runtime Code
Proper Input Validation
Avoiding Race Conditions
Proper Error Handling
Cryptographic Techniques
Code Reuse and SDKs
Code Obfuscation
Code Quality and Testing
Development Life-Cycle Models
Secure DevOps
Version Control and Change Management
Provisioning and Deprovisioning
Identifying Application Attacks
Web Servers
Database Concepts
Injection Attacks
Cross-Site Scripting
Cross-Site Request Forgery
Chapter 8
Using Risk Management Tools
Understanding Risk Management
Threats and Threat Assessments
Vulnerabilities
Risk Management
Comparing Scanning and Testing Tolls
Checking for Vulnerabilities
Obtaining Authorization
Penetration Testing
Intrusive Versus Non-Intrusive Testing
Passive Versus Active Tools
Exploitation Frameworks
Using Security Tools
Sniffing with a Protocol Analyzer
Command-Line Tools
Monitoring Logs for Event Anomalies
SIEM
Continuous Monitoring
Usage Auditing and Reviews
Permission Auditing and Review
Chapter 9
Implementing Controls to Protect Assets
Implementing Defense in Depth
Comparing Physical Security Controls
Using Signs
Comparing Door Lock Types
Tailgating
Preventing Tailgating with Mantraps
Increasing Physical Security with Guards
Monitoring Areas with Cameras
Fencing, Lighting, and Alarms
Securing Access with Barricades
Using Hardware Locks
Asset Management
Shielding
Adding Redundancy and Fault Tolerance
Single Point of Failure
Disk Redundancies
Server Redundancy and High Availability
Power Redundancies
Protecting Data with Backups
Comparing Backup Types
Testing Backups
Protecting Backups
Comparing Business Continuity Elements
Business Impact Analysis Concepts
Continuity of Operations Planning
Disaster Recovery
Testing Plans with Exercises
Chapter 10
Understanding Cryptography and PKI
Introducing Cryptography Concepts
Providing Integrity with Hashing
MDS
SHA
HMAC
RIPEMD
Hashing Files
Key Stretching
Hashing Messages
Using HMAC
Providing Confidentiality with Encryption
Encryption Terms
Block Versus Stream Ciphers
Cipher Modes
Symmetric Encryption
Asymmetric Encryption
The Rayburn Box
Certificates
RSA
Static Versus Ephemeral Keys
Elliptic Curve Cryptography
Diffie-Hellman
Steganography
Using Cryptographic Protocols
Protecting Email
HHTPS Transport Encryption
Exploring PKI Components
Certificate Authority
Certificate Chaining and Trust Models
Registration and CSRs
Certificate Issues
Public Key Pinning
Key Escrow
Recovery Agent
Comparing Certificate Types
Certificate Formats
Chapter 11
Implementing Policies to Mitigate Rates
Exploring Security Policies
Personnel Management Policies
Agreement Types
Protecting Data
Information Classification
Data Sensitivity Labeling and Handling
Responding to incidents
incident Response Plan
Incident Response Process
Implementing basic Forensic Procedures
Providing Training
Role-Based Awareness Training
Continuing Education
Training and Compliance Issues
Troubleshooting Personnel Issues
CompTIA Security+ SYO-501 Study Guide
ISBN-13 978-1939136053, ISBN-10 1939136059