Network Security

Faculty
Commerce & Business Administration
Department
Computing Studies & Information Systems
Course Code
CSIS 3155
Credits
3.00
Semester Length
15
Max Class Size
35
Method Of Instruction
Lecture
Lab
Seminar
Typically Offered
To be determined
Campus
Online

Overview

Course Description
This course provides the student with fundamental understanding of network security. The student will learn the concepts and technologies required to secure a network. Viruses, worms and Trojans are discussed and the student will learn to implement secured network infrastructure and security policy. Topics include risk analysis, network protocols, architecture security, types of attacks, authentication, encryption, network security applications and appliances, firewalls, virtual private network and intrusion detection system. The student will learn how to make networks secure with the use of tools to analyze traffic and study traffic attacks.
Course Content

1) Introduction to Security Management Practices

  • information security framework (e.g. ISO17799 or COBIT)
  • security models, confidentiality, integrity and available
  • security evaluation criteria (e.g. TCS, ITSEC)
  • risk analysis, adminstrative controls and security policies

2) Password Management And User Authentication

  • password management and attack methods (e.g. dictionary attack)
  • hash functions (e.g. SHA1, SHA2) and shadow password
  • challenge response authentication, mutual authentication, Kerberos authentication
  • man in the middle attack

3) Cryptography And Key Management

  • review on crytography (e.g. perfect secrecy, cipher text)
  • sysmmetric and asymmetric cryptography (e.g. block ciphers, DES, 3DES and AES)
  • asymmetric crytography, message integrity and digital signature
  • key exchange algorithm and key management

4) Virtual Private Network

  • introduction to VPN (e.g. PPTP, Site-to-site VPN, Client based VPN)
  • IPSec Negotiation, integrity checking and packet encapsulation in IPSec
  • site-to-site VPN vs client-based VPN
  • dead peer discovery mechanism

5) Network Infrastructure And Perimeter Protection

  • firewall topology and implementation, NAT, security zone and demilitarized zone
  • physical security, device redundancy, router security and VLAN switch
  • port control, packet filtering, session filtering, circuit gateway, application gateway
  • device based firewall vs. host based firewall

6) Protocol Security

  • OSI protocol analysis and sniffing tools
  • routing protocol security - RIP, OSPF, BGP routing protocols (e.g. router authentication, directed broadcast control, black hold filtering, unicast reverse path forwarding, path integrity)
  • ICMP protocol security (e.g. smurf attack, ping of death, syn flooding attack)
  • IP security (e.g. spoofing, hijacking, injection and DoS by connection reset)
  • data link layer security issue (e.g. IP permit lists, protocol filtering and control, LAN flodding)

7) Application Level Security

  • authentication applications (e.g. Kerberos, X.509, PKI)
  • network service security (e.g. SNMP, DNS, NAT)
  • electronic mail security (e.g. PEM, PGP, S/MIME)
  • web security and e-commerce (e.g. SSL, TLS, HTTPS, SET)
  • fault tolerance mechanisms

8) Intrusion Detection And Prevention

  • malicious software (e.g. virus, worms, Trojan Horse), denial of service and buffer overflow attack
  • network traffic signature, port scanning and activity monitoring
  • host based and network based IDS deployment
  • intrusion detection system and incident response
  • SMTP gateway and proxy server

9) Wireless Security

  • wireless architecture and standards (e.g. 802.11, 802.15, 802.16)
  • SSID, shared authentication, WEP, EAP, WAP
Methods Of Instruction

Lecture, seminar, demonstration, and hands-on assignments/projects

Means of Assessment

Lab Assignments                         10%-20%

Quizzes*                                     5% - 20%

Midterm Examination*                25% - 40%

Final Examination*                     25% - 40%

                                               ------------

Total                                              100%

**In order to pass the course, students must, in addition to receiving an overall course grade of 50%, also achieve a grade of at least 50% on the combined weighted examination components (including quizzes, tests, exams).

 

Learning Outcomes

The student will be able to:

  1. describe security terminologies, management models, policy requirements and industries best practice;

  2. describe security issues in OSI protocols;

  3. conduct basic risk analysis and identify security vulnerability in enterprise network systems;

  4. describe cryptographic algorithms, their characteristics and application to network security;

  5. design and implement secure network infrastructure with network security components such as VLAN, VPN, firewall and/or proxy servers;

  6. analyze network traffic and protocols using tools such as tcpdump, ethereal or other packet sniffers.

Textbook Materials

William Stallings. Network Security Essentials: Applications and Standards. Latest edition. Prentice Hall.

OR

other textbook approved by department.

Requisites

Prerequisites

Min grade C in CSIS 2260 and CSIS 2270

Corequisites

NIL

Equivalencies

NIL

Requisite for

NIL

Course Guidelines

Course Guidelines for previous years are viewable by selecting the version desired. If you took this course and do not see a listing for the starting semester / year of the course, consider the previous version as the applicable version.

Course Transfers

Institution Transfer Details Effective Dates
Athabasca University (AU) AU COMP 400 (3) 2016/09/01 to -
Capilano University (CAPU) CAPU COMP 1XX (3) 2016/09/01 to -
Coquitlam College (COQU) No credit 2016/09/01 to -
Kwantlen Polytechnic University (KPU) KPU INFO 2411 (3) 2016/09/01 to -
Okanagan College (OC) OC COSC 232 (3) 2016/05/01 to -
Simon Fraser University (SFU) SFU CMPT 3XX (3) 2016/09/01 to -
University Canada West (UCW) No credit 2016/09/01 to -
University Canada West (UCW) UCW CPSC 3XX (3) 2006/01/01 to 2016/08/31
University of British Columbia - Okanagan (UBCO) UBCO COSC 2nd (3) 2016/09/01 to -
University of British Columbia - Vancouver (UBCV) UBCV CPSC 2nd (3) 2016/09/01 to -
University of Northern BC (UNBC) UNBC CPSC 3XX (3) 2016/09/01 to -
University of the Fraser Valley (UFV) UFV CIS 3XX (3) 2018/09/01 to -
University of Victoria (UVIC) UVIC CSC 1XX (1.5) 2016/09/01 to -

Course Offerings

Fall 2020

CRN
Days
Dates
Start Date
End Date
Instructor
Status
Location
35696
Mon
08-Sep-2020
- 07-Dec-2020
08-Sep-2020
07-Dec-2020
Eng
Nelson
Waitlist
Online
This course will include synchronous on-line activities. Students should plan to be available on-line at scheduled course times.
Max
Enrolled
Remaining
Waitlist
35
35
0
9
Days
Building
Room
Time
Mon
11:30 - 14:20
CRN
Days
Dates
Start Date
End Date
Instructor
Status
Location
36268
Tue
08-Sep-2020
- 07-Dec-2020
08-Sep-2020
07-Dec-2020
Saleem
Noman
Waitlist
Online
This course will include synchronous on-line activities. Students should plan to be available on-line at scheduled course times.
Max
Enrolled
Remaining
Waitlist
35
34
1
2
Days
Building
Room
Time
Tue
15:30 - 18:20
CRN
Days
Dates
Start Date
End Date
Instructor
Status
Location
36457
Tue
08-Sep-2020
- 07-Dec-2020
08-Sep-2020
07-Dec-2020
Eng
Nelson
Waitlist
Online
This course will include synchronous on-line activities. Students should plan to be available on-line at scheduled course times.
Max
Enrolled
Remaining
Waitlist
35
35
0
3
Days
Building
Room
Time
Tue
12:30 - 15:20
CRN
Days
Dates
Start Date
End Date
Instructor
Status
Location
36880
Wed
08-Sep-2020
- 07-Dec-2020
08-Sep-2020
07-Dec-2020
Vitus
Gavrila
Open
Online
This course will include synchronous on-line activities. Students should plan to be available on-line at scheduled course times.
Max
Enrolled
Remaining
Waitlist
35
31
4
0
Days
Building
Room
Time
Wed
8:30 - 11:20