STATE UNIVERSITY OF NEW YORKCollege of Technology at Alfred

smileybloatΔίκτυα και Επικοινωνίες

20 Νοε 2013 (πριν από 3 χρόνια και 8 μήνες)

83 εμφανίσεις


VPAA__________________________


Date _________________________


Vice President/ Academic Affairs Office use only














STATE UNIVERSITY OF NEW YORK


College of Technology at Alfred


SCHOOL:



School of M
anagement and Engineering Technology

DEPARTMENT:


Information Technology

COURSE NAME:


Security Tools

COURSE NUMBER:


CISY7033

SEMESTERS OFFERED:

Spring

PREREQUISITE:


Network Admin CISY 5203; Linux Admin CISY3613

COURSE FORMAT:


2 hours lecture/week









2 hours laboratory/week



COURSE LEVEL:


Upper Level


Date Approved by Faculty Senate:___________________




Course Description

This course will provide a practical, hands
-
on approach to a myriad of sec
urity tools employed in

wired and
wireless network
s
. These security tools will include: Industry Standard Firewalls,
Virtual Private Networks (VPNs), wired network vulnerability scanners,
wireless security probes,
wireless intrusion detectors, wireless scanners and wireless encryption cracking utilities
.

Firewall advanced concepts and technologies will be covered in depth to include design
considerations for enterprise networks, large company networks and medium business networks.

The course will include VPN concepts, technologies, and configurations fo
r site to site VPNs as
well as configurations for client remote access VPNs. The course will cover various
vulnerability scanners for networks with heterogeneous operating systems and advanced firewall
configurations.
This course will emphasize d
eployin
g secure wireless networks and protecting
th
em from unauthorized intrusions.

Students, in a laboratory environment, will attack and defend
networks and submit a project paper detailing lessons learned and how
to best
defend both wired
and
wireless networks
.

The course assumes a prerequisite knowledge of network operating
systems and security concepts.


Student Objectives

At the end of the course the student will be able to do the following:


1.

Choose the appropriate implementation of industry standard fire
walls, Intrusion Detection
Systems (IDSs) and vulnerability scanners for enterprise networks, large company
networks and medium company networks.


2.

Select and c
onfigure industry standard firewall Interfaces, global addresses, Network
Address Translation (NA
T), routing for inside and outside network interfaces and ha
ve a
thorough understanding of industry standard Command Line Interface (CLI) syntaxes
.



3.

Configure industry standard firewall Access Control Lists (ACLs) and content filtering
.


4.

C
onfigure industr
y standard firewall object grouping feature
s

for ACLs.


5.

Compare and contrast the
vuln
erabilities associated with
TCP/IP
protocol
.


6.

Specify and d
efend against security
risks

in the TCP/IP protocol.


7.

Configure authentication schemes, NAT, content security an
d content vectoring,
SYNDefender, and VPNs using industry standard Firewalls.


8.

Scan a network with heterogeneous operating systems and identify security
vulnerabilities.


9.

Rank the

vari
ous wireless security tools.


10.

Create a plan to
protect wireless networks

from unauthorized access.



TEXT
(S)


Northcutt
, Stephen, Karen Frederick

and

Scott Winters
.

Inside Network Perimeter Security: The
Definitive Guide to Firewalls, Virtual Private Networks (VPNs), Routers, and Intrusion
Detection Systems
.

Sams

Publishing
,
2002
.




DIVISION OF SUBJECT MATTER






Lecture

Lab


Topic

Hours

Hours


1.

Wireless Network Security

4

4

2.

Advanced Firewall Configuration

4

4


3.

VPN advanced configuration

4

4


4.

Vulnerability Scanning

4

4


5.

Intrusion Detection Systems

4

4


6.

Attack and Defend Tech
niques

4

4


7.

Other Network Security Tools

4

4

8.

Network Security Case Studies

2

2




TOTAL HOURS

30

30*


*Labs have outside student preparation beyond scheduled laboratory time.



BIBLIOGRAPHY


Beale, Jay.
Snort 2.1 Intrusion Detection, Second Edition
. Syngr
ess Publishing, 2004.


Gast, Matthew.
802.11 Wireless Networks: The Definitive Guide Creating and Administering
Wireless Networks
.

O'Reilly Media Inc., 2002


Gurley

Bace, Rebecca
.

Intrusion Detection
.

Sams

Publishing
, Latest Edition
.


Northcutt
, Stephen

and Judy

Novak.

Network Intrusion Detection
.

New Riders Publishing, 2000.


Vacca
, John.

Guide to Wireless Network Security
.

Springer,
2005
.












__________________________

__________________________

Dean of School

Department Chair




______________
___________

__________________________

Instructor of Course

Date