Curtin University of Technology Faculty of Science and Engineering School of Engineering

kitlunchroomAI and Robotics

Nov 21, 2013 (3 years and 8 months ago)

115 views


Network Engineering 304 and Data Network Security 604


1

Curtin University of Technology

Faculty of Science and Engineering

School of Engineering

DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING

Network Engineering 304
/Data Network Security 604

Semester 2, 2010


UNIT OUTLINE



Unit Index:
305682


Credit Value:
25 credit points


Core Unit:

This is a core unit specific to Bachelor of Technology (Computer Systems and
Networking).

A Core Unit is a compulsory unit. Failure twice may lead to the termination from that
course.


Pre
-
, Co
-
, Anti
-
requisite/s:

U/G only

Pre
-
requisite/s:

305679 (v.1) Distributed Networks 303 or any previous version.

305681 (v.2) Wireless Data Networks 303 or any previous version.


Co
-
requisite/s:

None.


Anti
-
requisite/s:

None.


Additional Requirement/s:

None.


Availability Details:
In
2010
, this unit will be offered internally in Semester 2 through
the School of Engineering.


Online Teaching Unit Category:
Essential.

Unit Learning Outcomes:
On completion of this unit you should be able to demonstrate
your achiev
ement of the following learning outcomes:


1.

Select appropriate security hardware, software, policies, and configurations
based on an organization’s assessment of its security vulnerabilities in order to
provide protection against known security threats.


2.

Perform advanced installation, configuration, monitoring, troubleshooting,
maintenance, and recovery routers and firewalls.


Network Engineering 304 and Data Network Security 604

2

3.

Describe the purpose and operation of network
-
based and host
-
based Intrusion
Prevention


4.

Implementing AAA using TACACS+
and RADIUS
protocol


5.

Configure site
-
to
-
site VPNs between devices and remote access VPNs between
device and


The Syllabus:

Chapter 1:

Modern Network Security Threats


1.1
Fundamental Principles of a Secure Network

1.2
Worms, Viruses and Trojan Horses

1.3
Attack
Methodologies


Chapter 2:
Hacking and Auditing

2.1 Tools for Attacking and Auditing System on the Net


Chapter 3:
Hacking and Auditing

3.1
Tools for Attacking and Auditing

the Network


Chapter 4
:
Securing Network Devices


4
.1
Securing Device Access and Files

4
.2
Privilege Levels and Role
-
Based CLI

4
.3
Monitoring Devices

4
.4
Using Automated Features


Chapter 5
:
Authentication, Authorization and Accounting


5.1

Purpose of AAA

5
.2
Configuring Local AAA

5
.3
Configure Server
-
Based AAA


Chapter 6
:
Implementing Firewall Technologies


6
.1
Access Control Lists


Network Engineering 304 and Data Network Security 604


3

6
.2
Firewall Technologies

6
.3
Context
-
Based Access Control

6
.4
Zone
-
Based Policy Firewall


Chapter 7
:
Implementing Intrusion Prevention


7
.1
IPS Technologies

7
.2
Implementing IPS


Chapter 8
:
Securing the Local Area Network


8
.1
Endpoint Security Considerations

8
.2
Layer 2 Security Considerations

8
.3
Wireless, VoIP and SAN Security Considerations

8
.4
Configuring Switch Security

8
.5
SPAN an
d RSPAN


Chapter 9
:
Cryptography

9.1
Cryptographic Services

9
.2
Hashes and Digital Signatures and authentication

9
.3
Symmetric and Asymmetric Encryption


Chapter 10
:
Implementing Virtual Private Networks


10
.1
VPNs

10.
2
IPSec VPN Components and Operation

10
.3
Implementing Site
-
to
-
Site IPSec VPNs

10
.4
Implementing a Remote Access VPN

10
.5
Implementing SSL VPNs


Chapter 11:
Managing a Secure Network

11.1

Secure Network Lifecycle

11.2

Self
-
Defending Network

11.3

Building a Comprehensive Security Policy


Network Engineering 304 and Data Network Security 604

4

Teaching and Learning Arrangements:

Lecture: 1 x 2 hours weekly

Laboratory: 1 x 3 hours weekly

Teaching

Weeks


Lecture


Laboratory


Assignment

1

Modern Network
Security Threats

Researching Network
Attacks and
Security
Audit

Tools

Assignment 1

2

Tools for Auditing and
defending the Host

Using hacking tools to
audit the host


3

Tools for Auditing and
defending the Network

Using hacking tools to
audit the Network


4

Securing Network
Devices


Securing the
Router for
Administrative Access

Assignment 2

Lab 1, 2, and 3 are due

TUITION FREE WEEK

5

Authentication,
Authorization and
Accounting



Securing Administrative
Access Using AAA and

RADIUS

Assignment 1 Due

Friday 4:00

6

Implementing Firewall
Technologies

Configuring CBAC and
Zone
-
Based Firewalls


7

Implementing Intrusion
Prevention

Configuring an
Intrusion Prevention
System

(IPS) Using the CLI
and SDM


TUITION FREE WEEK

8

Securing the Local
Area Network

Securing Layer 2
Switches

Lab 4, 5,
6, and7 are
due

9

Cryptography

Exploring Encryption
Methods


10

Implementing Virtual
Private Networks

A
-
Configuring a Site
-
to
-
Site VPN Using
Cisco IOS

and SDM

B
-
Configuring a
Remote Access VPN
Server and

Client



Network Engineering 304 and Data Network Security 604


5

C
-
Configuring a
Remote Access VPN
Server
and client
(Optional)


11

Managing a Secure
Network

Security Policy
d
evelopment and

Implementation


12

Revision

Skill Test

Final Test

Lab 8, 9, 10, and 11
are due

Assignment 2 due

Friday 4:00

Study Week

Exam Week 1

Exam Week 2



Texts and
References:


Essential:

None


Recommended:

None.


References/Learning Resources:



http://cisco.netacad.net/

Unit materials available on Blackboard

Assessment Tasks:


Cisco finals are multiple choices and require a

relatively high pass mark (from Cisco) at
75% therefore assessed marks will be as follows
-

Cisco Mark Contribution to overall mark (out of 40)

Fail

75% 20

80% 24

85% 28

90% 32

95% 36

100% 40

Remember, it is multiple choice and you get a maximum of two att
empts.


Network Engineering 304 and Data Network Security 604

6

This unit generates a grade, not just a pass/fail so it is in your interest to attempt all parts
of the assessment. The aim, as stated earlier, is to have you, the student, gain a basic
understanding of wireless LANs, network management and network
design. Thus the
emphasis is on laboratories and the work submitted rather than on a single final exam.


Students must achieve 75% or better in final of the CCNA Security multiple
-
choice
exams to pass. This test may be re
-
taken in the event of failure (one

additional test) if
two attempts are required, a maximum mark of 75% will be allocated. This test is closed
book. Pen and paper are allowed for calculations (no calculators).


No
.

Assessment Activity

Percentage %

1

Journal/Lab Book

10

2

CCNA Security

50

3

Assignment 1

1
0

4

Assignment 2

3
0

Total

100%



Awarding of Grades:


To pass this unit you must:



Achieve an overall grade/mark greater than or equal to 5/50.


Late Submission:


Penalties for late submission of assessed work may apply as follows:



Refer to School Guidelines.


Grade Awarded:


This is a grade/mark unit.

The final examination will be held during the formal examination period. It is the
student’s responsibility to check the date and time of the final examination.


Official release of re
sults for this unit will be published on Oasis on the Curtin web site.

GENERIC INFORMATION

Student Rights and Responsibilities

It is the responsibility of every student to be aware of all relevant legislation and policies
and procedures relating to their
rights and responsibilities as a student. These include:



The Student Charter



The University’s Guiding Ethical Principles



The University’s policy and statements on plagiarism and academic integrity



Copyright principles and responsibilities



The University’s
policies on appropriate use of software and computer facilities

Information on the University’s “Student Rights and Responsibilities” is available at web

Network Engineering 304 and Data Network Security 604


7

page:

http://students.curtin.edu.au/administration/responsibilities.cfm

Enrolment and HECS:
it is your responsibility to ensure that your enrolment is
correct
-

you can check your enrolment through the eStudent option on OASIS,
www.oasis.curtin.edu.au
, and you can also print off an Enrolment eAdvice.


Semester 1:
you can make requests to have cor
rections made to your enrolment up to
31 March. The University will not change records after 31 March. HECS liabilities (where
they apply) and your results depend on your 31 March enrolment. Withdrawals made
after that date will not reduce your HECS liabil
ity.


Semester 2:
you can make requests to have corrections made to your enrolment up to
31 August. The University will not change records after 31 August. HECS liabilities
(where they apply) and your results depend on your 31 August enrolment. Withdrawals

made after that date will not reduce your HECS liability.


SCHOOL/UNIT SPECIFIC INFORMATION


Supplementary Assessments:


Students granted a Supplementary or Deferred assessment will be notified via OCC.

Supplementary and Deferred assessments will be held
on Thursday 19
th
and Friday 20
th
February
2010
. Please also note that the failure to attend the examination/assessment
on the day and time set will result in a fail for the unit. Under no circumstances will
alternative arrangements be made to suit individu
als.


Referencing style:


The School of Engineering advises students that Curtin University supports the "Chicago

Referencing Style" for written work and oral presentations. For a guide to this style
please see

http://library.curtin.edu.au/referencing/inde
x.html

However, students are permitted to use other recognised styles that appear in the
Engineering literature. Note also that individual lecturers can stipulate that a particular
style is used when it best matches the type of work in the as
sessment of th
e particular
unit.
















Network Engineering 304 and Data Network Security 604

8


Unit Coordinator Details


Mr Iain Murray

i.murray@ece.curtin.edu.au

9266 4540

204:216


Unit Contact Details

Bentley

Mr Iain Murray

i.murray@ece.curtin.edu.au

9266 4540

204:216


Consultation Times:

See schedule, 204:216


Ancillary Charges:

There are no ancillary charge(s) required to be paid by the student to undertake the unit
(as published annually in the Curtin Courses Handbook).

CRICOS Provider Code 00301J



END OF UNIT OUTLINE