Course description
This course provides the student with an understanding of security fundamentals. The student will learn the concepts and technologies required to secure a network. Viruses, Worms, and Trojans are discussed, and the student will learn to implement security policies. Topics include risk analysis, network protocols, architecture security, types of attacks, authentication, encryption, network security applications and appliances, firewalls, virtual private network, and intrusion detection system.
Course content
1) Introduction to Security Management Practices
- information security framework (e.g. ISO17799 or COBIT)
- security models, confidentiality, integrity and available
- security evaluation criteria (e.g. TCS, ITSEC)
- risk analysis, adminstrative controls and security policies
2) Password Management and User Authentication
- password management and attack methods (e.g. dictionary attack)
- hash functions (e.g. SHA1, SHA2) and shadow password
- challenge response authentication, mutual authentication, Kerberos authentication
- man in the middle attack
3) Cryptography and Key Management
- review on crytography (e.g. perfect secrecy, cipher text)
- sysmmetric and asymmetric cryptography (e.g. block ciphers, DES, 3DES and AES)
- asymmetric crytography, message integrity and digital signature
- key exchange algorithm and key management
4) Virtual Private Network
- introduction to VPN (e.g. PPTP, Site-to-site VPN, Client based VPN)
- IPSec Negotiation, integrity checking and packet encapsulation in IPSec
- site-to-site VPN vs client-based VPN
- dead peer discovery mechanism
5) Network Infrastructure and Perimeter Protection
- firewall topology and implementation, NAT, security zone and demilitarized zone
- physical security, device redundancy, router security and VLAN switch
- port control, packet filtering, session filtering, circuit gateway, application gateway
- device based firewall vs. host based firewall
- introduction to Identity and Access Management (ex: Shibboleth, ADFS, OAuth)
- degradation of perimeter security, cloud services and blast radius
6) Protocol Security
- OSI protocol analysis and sniffing tools
- routing protocol security - RIP, OSPF, BGP routing protocols (e.g. router authentication, directed broadcast control, black hold filtering, unicast reverse path forwarding, path integrity)
- ICMP protocol security (e.g. smurf attack, ping of death, syn flooding attack)
- IP security (e.g. spoofing, hijacking, injection and DoS by connection reset)
- data link layer security issue (e.g. IP permit lists, protocol filtering and control, LAN flodding)
7) Application Level Security
- authentication applications (e.g. Kerberos, X.509, PKI)
- network service security (e.g. SNMP, DNS, NAT)
- electronic mail security (e.g. PEM, PGP, S/MIME)
- web security and e-commerce (e.g. SSL, TLS, HTTPS, SET)
- fault tolerance mechanisms
8) Intrusion Detection and Prevention
- malicious software (e.g. virus, worms, Trojan Horse), denial of service and buffer overflow attack
- network traffic signature, port scanning and activity monitoring
- host based and network based IDS deployment
- intrusion detection system and incident response
- SMTP gateway and proxy server
9) Wireless Security
- wireless architecture and standards (e.g. 802.11, 802.15, 802.16)
- SSID, shared authentication, WEP, EAP, WAP
Learning activities
Lecture, seminar, demonstration, and hands-on assignments/projects
Means of assessment
The course evaluation is consistent with the Douglas College Evaluation Policy.
Lab Assignments 10%-20%
Quizzes* 5% - 20%
Midterm Examination* 25% - 40%
Final Examination* 25% - 40%
------------
Total 100%
*In order to pass the course, students must, in addition to receiving an overall course grade of 50%, also achieve a grade of at least 50% on the combined weighted examination components (including quizzes, tests, exams).
Students may conduct research as part of their coursework in this class. Instructors for the course are responsible for ensuring that student research projects comply with College policies on ethical conduct for research involving humans, which can require obtaining Informed Consent from participants and getting the approval of the Douglas College Research Ethics Board prior to conducting the research.
Learning outcomes
At the end of this course, successful students should be able to:
- Use security terminologies, management models, policy requirements and industries best practice.
- Identify and describe security issues in OSI protocols.
- Conduct basic risk analysis and identify security vulnerability in enterprise network systems.
- Describe and implement cryptographic algorithms, their characteristics and application to network security.
- Design and implement secure network infrastructure with network security components such as, VPN, firewall and/or proxy servers.
- Analyze network traffic and protocols using tools such as packet sniffers.
Textbook materials
William Stallings. Network Security Essentials: Applications and Standards. Latest edition. Prentice Hall.
OR
other textbook approved by department.