DELAWARE TECHNICAL & COMMUNITY COLLEGE STANTON CAMPUS COURSE SYLLABUS

brokenroomNetworking and Communications

Nov 21, 2013 (3 years and 9 months ago)

85 views

DELAWARE TECHNICAL & COMMUNITY COLLEGE


STANTON CAMPUS COURSE SYLLABUS



C
AMPUS
:



Stanton


D
EPARTMENT
:


Electronics and Computer

Engineering

Technology


C
OURSE
N
UMBER AND
T
ITLE
:

CEN
2
2
5


Network Se
curity



I
NSTRUCTOR
N
AME
:





T
ELEPHONE
:



E
-
M
AIL
:




P
REREQUISITES
:



ELC 118 or ELC 120 or ELC 124 and ELC 130 and CEN 150 and

CEN 224







C
OREQUISITES
:



None


C
OURSE
H
OURS AND
C
REDITS
:

4 Credits


3 Hours Lecture/Week




2 Hours Laboratory/Week


C
OURSE
D
ESCRIPTION
:


Students will learn

network
security basics,

vulnerabilities of
operating systems, network security objective
s
, architecture, models,
policy and different layers

of
security
.


This course will help
students prep
are for CompTIA Security+ exam
.


T
EXT
:

C
hosen by campus
.


M
ATERIALS
:










M
ETHOD OF
I
NSTRUCTION
:



Campus classroom lecture and laboratory assignments


D
ISCLAIMER
:



None












COR
E COURSE PERFORMANCE OBJECTIVES





The student will be able to:


1.

Discuss

current security trends and its changing character in the industry.

(C
CC 1,3,6
)


2.

Analyze various features and components of

an effective security solution.
(CCC
1,2,3,6
; PGC
1)


3.

Dev
elop strategies
and

policies to protect an organization against
anticipated security risks and
vulnerabilities.

(CCC
1,
2,3
,4
,5
,6,7; PGC 1
,3
,4
)



4.

Investigate

cryptography algorithm and techniques used in network security.
.

(CCC
1,
2,3
,4,5
,6,7; PGC 1
,2,3
,4
)


5.

Plan defense strategies against threats to

communication security.

(CCC 1,2,3,4,5,6,7; PGC
1,2,3)


6.

Evaluate

network infrastructure security and
discuss prevention measures.
.

(CCC
1,
2,3,
4,5,
6,7;
PGC 1
,2,3
, 4
)


7.

Plan strategies for

enterprise security, polic
ies, and procedures
.

(CCC
1,
2,3,
4,5,
6,7; PGC 1
,2,3
)


8.

Assess
risk management
.

(CCC
1,
2,3,
4,5,
6,7; PGC 1
,2,3
)


9.

Investigate legal and ethical issues

related to network security.

(CCC
1
,3,
4,
5,
6,7; PGC 1)


10.

Use

latest
f
orensic

tools,
skills,
a
nd techn
ology for
f
orensic
investigation process
.

(CCC
1,
2,3,
4,
5,
6,7; PGC 1
,3
)


11.

Implement and administer network security.
.
(
CCC
2,4, 5,6,7;
PGC
1,2,3,4)


12.

Demonstrate the basic theoretical and practical knowledge

necessary to take the national
Comp/TIA Security+ certification
examination. (CCC 2,3,6,7; PGC 1,5)











MEASURABLE PERFORMANCE OBJECTIVES



The student will be able to:

1.

Discuss

current security trends

and its changing character

in the industry.


1.1 Investigate

the challenges of network
security.



1.2 Analyze

contemporary threats to network

s
ecurity
.


1.3 Examine

the historical evolution of network security.


1.4 Evaluate

current
design goals, security zones and business concerns.



2.

Analyze

various features and components of an effective security solution
.


2
.1

Ide
ntify
different security products for security solutions.

2.2 Compare

different methods of
a
ccess
control e.g
. MAC (Mandatory Access


Control)
, DAC

(Discretionary

Access Control
) and

RBAC (Role Based Access


Control).

2.3 Establish

the
mo
st efficient method

of authentication
,

(
Kerberos
, CHAP



(Challenge Hands
hake Authentication Protocol),
Certificates, Username/Password,


Tokens, Multi
-
factor, Mutual,
and
Biometrics
) for a given network.


2
.4

Discuss the concepts behind differe
nt types of topologies like Security Zones
(DMZ


(Demilitarized zone), Intranet, Extranet),
VLANs (Virtual

Local Area Networks, NAT


(Network Address Translation), and Tunneling.


2.5
Compare different types of security models





3
.

Develop strategies
and

policies to

protect an organization
against
anticipated security risks
and vulnerabilities.


3.1 Define

security

attack strategies.


3.2 Recognize
, modify, and repudiate attacks.


3.3 Investigate

denial
-
of
-
service and distribu
ted denial
-
of
-
service attack.


3.4 Harden

network against
common attacks like back door, spoofing, replay, man
-
in
-
the
-


M
iddle
, TCP/IP Hijacking

and password guessing attacks.


3.5 Plan

strategies to deny
software exploitation.


3.6 Protect

the
network from
viruses,
t
rojan horses, logic bombs,
and
worms
.

.


3.7 Develop

policies to recognize and overcome
social engineering.


4
.

Research

cryptography

algorithm and techniques used in network security.


4
.1

Identify

the n
eed for cryptography.


4.2
Compare

p
hy
sical, mathematical, and quantum cryptography.



4.3 Compute

cryptography

algorithms

like Hashing, Symmetric, and Asymmetric.


4.4 Analyze

different

cryptography
algorithms to
addresses

the security concepts like
conf
identiality, Integrity,
Authentication, Non
-
repudiation and Access control.



4.5 Assess

the impact and benefits

of Certificates, Revocation and Trust Models.


4.6 Compare

different types of key encryptions

and key management.


4.7 Describe

c
ryptography management concepts
.


5.

Plan defense strategies against
threats to

communication security.



5.1

A
nalyze remote access technologies.


5.2

Plan defense strategies to secure

remote access (VPN, L2TP/PPTP, SSH, IPSec, 802.1x,


Protocols, RADIUS and

TACACS).


5
.
3

Discuss

security i
ssues with

SMTP and IM.


5.
4

Describe

administration of Internet security concepts
such as:

SSL / TLS (Secure



Sockets layer / Transport layer security), HTTP / S (Hypertext Transfer Protocol over


Secure Sockets Layer)


5.
5

Describe

administration of
S
/MIME (Secure Multipurpose Internet

Mail

Extensions),



PGP

(Pretty Good Privacy) like technologies.


5
.
6

Discuss
file

transfer p
rotocols

and concepts like S/FTP(File transfer protocol)
, Blind



FTP/Anonymous, File Sharing and vulnerabilities like Packe
t Sniffing.



6.

Evaluate

network
i
nfrastructure

security and
improving current

prevention measures.


6
.1

Resolve security problems
using

Firewalls, R
outers, Switches, Hubs, and





Modems.


6
.2

Select an appropriate
media
from
Coaxial cable, UTP/STP, fibe
r optic cable and




removable media

to optimize security concerns and cost.


6
.
3

Discuss
network monitors,

RAS (
Remote Access Server), Telecom / PBX (Private



Branch

Exchange
), VPN (Virtual Private Network), IDS (Intrusion Detection System),


and
mobi
le

devices
.



6
.4

Identify
and explain the principles
of network

infrastructure security
d
esign
.


6
.5

Diagnose and
p
revent

security
vulnerabilities and
compromises

like Java script,




ActiveX, Buffer Overflows, Cookies, Signed Applets, CGI(Common Gateway





interface), SMTP (Simple Mail Transfer Protocol) Relay.
.



7
.

Plan

s
trate
g
ies

for
enterprise

security
, policies, and procedures
.


7
.1

S
ummarize the techniques used to provide

access control,
a typical
network


environment

and prevention

of social engineering
.


7.
2

Investigate

human resource, business, certificate
,

and incidence
-
response

policies
.


7.
3

Explain

business continuity, impact analysis, and risk assessment
.


7.
4

Design
a
disaster recovery

plan
.


7.
5

Identify the differences bet
ween
private

and

public security classification and



information access control.


7.
6

Examine and evaluate

enterprise policies
.




8.

Assess
risk management.


8.
1

Discuss
the basic principles of risk management.


8.
2

Assess

b
usiness and techno
logy risks
.


8.
3

Compare
the different r
isk management models.


8.
4

Differ
e
ntiate between
q
uantitative and qualitative risk assessment
.



9.

Investigate legal and ethical issues related to network security.


9.
1

Compare and contrast

United States

and forei
gn law policies

relating to network


security
.


9.
2


Compile a list of benefits and drawbacks
concerning
Digital

Signature law.


9.
3

Explain and assess the value of d
igital rights management

technologies
.


9.
4

Provide examples of
Privacy law
.


9.
5

Distinguish evidence of c
yber

crime

and consequential legalities.


9.
6


Integrate
ethics and law in security policies and procedur
e
s.


10.


Use latest forensic tools, skills, and technology for
forensic
investigation process.
.


10.
1

Explain the
me
thodology of a forensic
i
nvestigation
.


10.
2


Demonstrate the procedures and policies for acquiring the
evidence

and preserv
ing

the



original

data
.


10.
3


Explain

c
hain of custody

and inter
-
relationship between the various forensic





components
.


10.
4

Authenticate the recovered
evidence
.



10.
5
Critique specific
computer criminal cases and forensic techniques.


11.


Implement and
administer
network security
.





11.
1
Use

security

configuration and analysis tools

to analyze and configure local system



security
.




11.
2 Design and build secure networks u
s
ing

simulation software.



11.
3

Use
a
Network Protocol Analyzer

to
troubleshoot

and

analyze
data

on

a network.


1
2
.
Demonstrate the basic theoretical and practical knowledge necessary
to take the national




Comp/TIA Security+ certification examination.



E
valuation Criteria


Lectures, discussion, research and labs will prepare the students to obtain the Comp/TIA
Security
+

certification examination.


College Grading System:


92


100 A


83


91


B


75


82


C


0


74


R


Students should refer to the Student Handbook for information on Academic Standing Policy, Academic
Honesty Policy, Student Rights and Responsibilities and other policies relevant to their academic
progress.