Network Engineering 304 and Data Network Security 604
1
Curtin University of Technology
Faculty of Science and Engineering
School of Engineering
DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING
Network Engineering 304
/Data Network Security 604
Semester 2, 2010
UNIT OUTLINE
Unit Index:
305682
Credit Value:
25 credit points
Core Unit:
This is a core unit specific to Bachelor of Technology (Computer Systems and
Networking).
A Core Unit is a compulsory unit. Failure twice may lead to the termination from that
course.
Pre
-
, Co
-
, Anti
-
requisite/s:
U/G only
Pre
-
requisite/s:
305679 (v.1) Distributed Networks 303 or any previous version.
305681 (v.2) Wireless Data Networks 303 or any previous version.
Co
-
requisite/s:
None.
Anti
-
requisite/s:
None.
Additional Requirement/s:
None.
Availability Details:
In
2010
, this unit will be offered internally in Semester 2 through
the School of Engineering.
Online Teaching Unit Category:
Essential.
Unit Learning Outcomes:
On completion of this unit you should be able to demonstrate
your achiev
ement of the following learning outcomes:
1.
Select appropriate security hardware, software, policies, and configurations
based on an organization’s assessment of its security vulnerabilities in order to
provide protection against known security threats.
2.
Perform advanced installation, configuration, monitoring, troubleshooting,
maintenance, and recovery routers and firewalls.
Network Engineering 304 and Data Network Security 604
2
3.
Describe the purpose and operation of network
-
based and host
-
based Intrusion
Prevention
4.
Implementing AAA using TACACS+
and RADIUS
protocol
5.
Configure site
-
to
-
site VPNs between devices and remote access VPNs between
device and
The Syllabus:
Chapter 1:
Modern Network Security Threats
1.1
Fundamental Principles of a Secure Network
1.2
Worms, Viruses and Trojan Horses
1.3
Attack
Methodologies
Chapter 2:
Hacking and Auditing
2.1 Tools for Attacking and Auditing System on the Net
Chapter 3:
Hacking and Auditing
3.1
Tools for Attacking and Auditing
the Network
Chapter 4
:
Securing Network Devices
4
.1
Securing Device Access and Files
4
.2
Privilege Levels and Role
-
Based CLI
4
.3
Monitoring Devices
4
.4
Using Automated Features
Chapter 5
:
Authentication, Authorization and Accounting
5.1
Purpose of AAA
5
.2
Configuring Local AAA
5
.3
Configure Server
-
Based AAA
Chapter 6
:
Implementing Firewall Technologies
6
.1
Access Control Lists
Network Engineering 304 and Data Network Security 604
3
6
.2
Firewall Technologies
6
.3
Context
-
Based Access Control
6
.4
Zone
-
Based Policy Firewall
Chapter 7
:
Implementing Intrusion Prevention
7
.1
IPS Technologies
7
.2
Implementing IPS
Chapter 8
:
Securing the Local Area Network
8
.1
Endpoint Security Considerations
8
.2
Layer 2 Security Considerations
8
.3
Wireless, VoIP and SAN Security Considerations
8
.4
Configuring Switch Security
8
.5
SPAN an
d RSPAN
Chapter 9
:
Cryptography
9.1
Cryptographic Services
9
.2
Hashes and Digital Signatures and authentication
9
.3
Symmetric and Asymmetric Encryption
Chapter 10
:
Implementing Virtual Private Networks
10
.1
VPNs
10.
2
IPSec VPN Components and Operation
10
.3
Implementing Site
-
to
-
Site IPSec VPNs
10
.4
Implementing a Remote Access VPN
10
.5
Implementing SSL VPNs
Chapter 11:
Managing a Secure Network
11.1
Secure Network Lifecycle
11.2
Self
-
Defending Network
11.3
Building a Comprehensive Security Policy
Network Engineering 304 and Data Network Security 604
4
Teaching and Learning Arrangements:
Lecture: 1 x 2 hours weekly
Laboratory: 1 x 3 hours weekly
Teaching
Weeks
Lecture
Laboratory
Assignment
1
Modern Network
Security Threats
Researching Network
Attacks and
Security
Audit
Tools
Assignment 1
2
Tools for Auditing and
defending the Host
Using hacking tools to
audit the host
3
Tools for Auditing and
defending the Network
Using hacking tools to
audit the Network
4
Securing Network
Devices
Securing the
Router for
Administrative Access
Assignment 2
Lab 1, 2, and 3 are due
TUITION FREE WEEK
5
Authentication,
Authorization and
Accounting
Securing Administrative
Access Using AAA and
RADIUS
Assignment 1 Due
Friday 4:00
6
Implementing Firewall
Technologies
Configuring CBAC and
Zone
-
Based Firewalls
7
Implementing Intrusion
Prevention
Configuring an
Intrusion Prevention
System
(IPS) Using the CLI
and SDM
TUITION FREE WEEK
8
Securing the Local
Area Network
Securing Layer 2
Switches
Lab 4, 5,
6, and7 are
due
9
Cryptography
Exploring Encryption
Methods
10
Implementing Virtual
Private Networks
A
-
Configuring a Site
-
to
-
Site VPN Using
Cisco IOS
and SDM
B
-
Configuring a
Remote Access VPN
Server and
Client
Network Engineering 304 and Data Network Security 604
5
C
-
Configuring a
Remote Access VPN
Server
and client
(Optional)
11
Managing a Secure
Network
Security Policy
d
evelopment and
Implementation
12
Revision
Skill Test
Final Test
Lab 8, 9, 10, and 11
are due
Assignment 2 due
Friday 4:00
Study Week
Exam Week 1
Exam Week 2
Texts and
References:
Essential:
None
Recommended:
None.
References/Learning Resources:
http://cisco.netacad.net/
Unit materials available on Blackboard
Assessment Tasks:
Cisco finals are multiple choices and require a
relatively high pass mark (from Cisco) at
75% therefore assessed marks will be as follows
-
Cisco Mark Contribution to overall mark (out of 40)
Fail
75% 20
80% 24
85% 28
90% 32
95% 36
100% 40
Remember, it is multiple choice and you get a maximum of two att
empts.
Network Engineering 304 and Data Network Security 604
6
This unit generates a grade, not just a pass/fail so it is in your interest to attempt all parts
of the assessment. The aim, as stated earlier, is to have you, the student, gain a basic
understanding of wireless LANs, network management and network
design. Thus the
emphasis is on laboratories and the work submitted rather than on a single final exam.
Students must achieve 75% or better in final of the CCNA Security multiple
-
choice
exams to pass. This test may be re
-
taken in the event of failure (one
additional test) if
two attempts are required, a maximum mark of 75% will be allocated. This test is closed
book. Pen and paper are allowed for calculations (no calculators).
No
.
Assessment Activity
Percentage %
1
Journal/Lab Book
10
2
CCNA Security
50
3
Assignment 1
1
0
4
Assignment 2
3
0
Total
100%
Awarding of Grades:
To pass this unit you must:
Achieve an overall grade/mark greater than or equal to 5/50.
Late Submission:
Penalties for late submission of assessed work may apply as follows:
Refer to School Guidelines.
Grade Awarded:
This is a grade/mark unit.
The final examination will be held during the formal examination period. It is the
student’s responsibility to check the date and time of the final examination.
Official release of re
sults for this unit will be published on Oasis on the Curtin web site.
GENERIC INFORMATION
Student Rights and Responsibilities
It is the responsibility of every student to be aware of all relevant legislation and policies
and procedures relating to their
rights and responsibilities as a student. These include:
The Student Charter
The University’s Guiding Ethical Principles
The University’s policy and statements on plagiarism and academic integrity
Copyright principles and responsibilities
The University’s
policies on appropriate use of software and computer facilities
Information on the University’s “Student Rights and Responsibilities” is available at web
Network Engineering 304 and Data Network Security 604
7
page:
http://students.curtin.edu.au/administration/responsibilities.cfm
Enrolment and HECS:
it is your responsibility to ensure that your enrolment is
correct
-
you can check your enrolment through the eStudent option on OASIS,
www.oasis.curtin.edu.au
, and you can also print off an Enrolment eAdvice.
Semester 1:
you can make requests to have cor
rections made to your enrolment up to
31 March. The University will not change records after 31 March. HECS liabilities (where
they apply) and your results depend on your 31 March enrolment. Withdrawals made
after that date will not reduce your HECS liabil
ity.
Semester 2:
you can make requests to have corrections made to your enrolment up to
31 August. The University will not change records after 31 August. HECS liabilities
(where they apply) and your results depend on your 31 August enrolment. Withdrawals
made after that date will not reduce your HECS liability.
SCHOOL/UNIT SPECIFIC INFORMATION
Supplementary Assessments:
Students granted a Supplementary or Deferred assessment will be notified via OCC.
Supplementary and Deferred assessments will be held
on Thursday 19
th
and Friday 20
th
February
2010
. Please also note that the failure to attend the examination/assessment
on the day and time set will result in a fail for the unit. Under no circumstances will
alternative arrangements be made to suit individu
als.
Referencing style:
The School of Engineering advises students that Curtin University supports the "Chicago
Referencing Style" for written work and oral presentations. For a guide to this style
please see
http://library.curtin.edu.au/referencing/inde
x.html
However, students are permitted to use other recognised styles that appear in the
Engineering literature. Note also that individual lecturers can stipulate that a particular
style is used when it best matches the type of work in the as
sessment of th
e particular
unit.
Network Engineering 304 and Data Network Security 604
8
Unit Coordinator Details
Mr Iain Murray
i.murray@ece.curtin.edu.au
9266 4540
204:216
Unit Contact Details
Bentley
Mr Iain Murray
i.murray@ece.curtin.edu.au
9266 4540
204:216
Consultation Times:
See schedule, 204:216
Ancillary Charges:
There are no ancillary charge(s) required to be paid by the student to undertake the unit
(as published annually in the Curtin Courses Handbook).
CRICOS Provider Code 00301J
END OF UNIT OUTLINE
Enter the password to open this PDF file:
File name:
-
File size:
-
Title:
-
Author:
-
Subject:
-
Keywords:
-
Creation Date:
-
Modification Date:
-
Creator:
-
PDF Producer:
-
PDF Version:
-
Page Count:
-
Preparing document for printing…
0%
Comments 0
Log in to post a comment