NETWORK SECURITY - Olympia College

smileybloatNetworking and Communications

Nov 20, 2013 (3 years and 8 months ago)

74 views







DIPLOMA IN

INFORMATION TECHNOLOGY


MODULE
LEARNING

GUIDE


NETWORK SECURITY



Version 1
: May

2007

Olympia College




Diploma in Information Technology

Mod Learning Guide: Network Security

2


1.

INTRODUCTION


This module is
intended for

students
in the advance stages
of the
Diploma

in
Information Technology
program. It is to
provide students
with a basic understanding of

network security.



Network
Security

has become an important topic of higher education. The
U.S.
National Security Agency has
established centers of excellence in information assurance at many universities throughout the
ir cou
ntry.
Network security continues to be issues for organizations, not only are we hearing about the successful
penetration of Web sites and organizations, but we also have new laws and regulations that affect the
protection on information. In response to th
ese issues, more and more vendors are appearing with tools that
offer some protection.

From looking at all the information, it would appear that the big issues in security can
be solved with technology. We will not solve

all
the problems with technology
,
but we can manage the security
problems through the dedicated application of well
-
thought
-
out processes and procedures.


2.

AIMS

The focus of this subject is
to
provide

a fundamental understanding of
security
best
practices, laws
,

and

standards

that

will
ena
ble

you to build a complete security program.
You will learn the most recent advances in security tools
and platform
-
specific defences.
Besides that, it also
enables

you to assess the threats, vulnerabilities and risks to a
network. It also
allows

you to k
now how

to defend
against access, modification, denial
-
of services, and repudiation
attacks. Nevertheless, you also can identify a variety of hacking methods, including sniffing, spoofing, viruses, Trojan
horses and worms. So that, you can create policy, m
anage risk, and implement an information security program as
well as develop a backup and recovery plan.

3.

OVERVIEW OF THE
SYLLABUS
:

The module is organised into four major learning sections as outlined below:

3.1.

SECTION
1:

Information Security Basics

This sec
tion starts with
a basic overview of
the

Information Security
.

3.2.

SECTION
2:


Groundwork

This
section will cover all the legal issues in information security, policy, the way to managing risk and
information security process
.

3.3.

SECTION
3:

Security Technologies

This section
will cover the firewalls, virtual private networks, intrusion detection and
encryption.

4.

LEARNING OUTCOMES

On completion of this module, students will be able
to:



Assess the threats, vulnerabilities and risks to a network.



Defend against access
, modification, denial
-
of services, and repudiation attacks.



Identify a variety of hacking methods, including sniffing, spoofing, viruses, Trojan horses and worms.



Create policy, manage risk, and implement an information security program.



Develop a backup

and recovery plan.



Configure wireless security technologies



Implement se
curity measures for e
-
commerce


Olympia College




Diploma in Information Technology

Mod Learning Guide: Network Security

3

5.

A
UDIENCE

AND

PRE
-
REQUISITES

This module is for students who are
in the advance stages of the Diploma program.
The prerequisite required to
undertake th
is module are Network Essential and Data Communication and Networking.
.


6.

LEARNING MATERIALS:



Indicative Readings:

a.

Eric Maiwald
,
Fundamentals of Network Security
,
McGraw Hill Technology Education

b.

Eric Maiwald
,
Security planning and Disaster Recovery
,
McGra
w Hill Technology Education

7.

ASSESSMENT INSTRUMENTS:

The following is an outline of the various assessment instruments for this module:

7.1.

ASSIGNMENT (20%)

An individual assignment will be given to the student on the first week and will have to be returned n
o later
than week 10.


Should the student fail to submit his/her assignment on week 10, the result will automatically be Zero.

7.2.

PRESENTATION (20%)

The students need to present their assignment on week 10 in the form of a PowerPoint presentation or any
othe
r presentation tools. Marks will be awarded based on the quality of the presentation, language etc

7.3.

FINAL EXAMINATION (60%)

Final Examination is included in this module. It seeks to determine participants’ individual effectiveness in
responding to specific

questions under time
-
constrained invigilated conditions. The examination is a closed
book examination, requesting participants to demonstrate their knowledge and critical analysis skills in
responding to questions covering the module syllabus.

7.4.

ASSESSMENT
TIMELINES

The coursework assignment is to be distributed to students by the end of Week 1 and its submission
deadline is no later than
week 10.


Presentation will be held no later than

week 10.


Final examinations will be held at the end of the semester, w
hich is on
week 15

7.5.

ASSESSMENT CRITERIA


Refer to assignment and final examination marking guide.

7.6.

ASSESSMENT DESCRIPTOR


The following general principles should be used when marking and awarding grade:

Olympia College




Diploma in Information Technology

Mod Learning Guide: Network Security

4


Grade


Characteristics


Above 70%



Ecellen琠wo牫⁷hi
ch⁤emonst牡瑥s 瑨a琠瑨e s瑵den琺



偯ssesses an au瑨ori瑡tive g牡sp o映 瑨e conceptsⰠ methodology and con瑥nt
app牯priate⁴o⁴he subjec琠and 瑯⁴he assessment



卥lec瑳 and o牧anises ma瑥物al wi瑨 consis瑥n琠success a琠an ecep瑩onally high
s瑡ge



䥳 able to di
splay o物ginali瑹 and personal insigh琠and is⁣apable of ep牥ssing 瑨eir
a牧umen琠clea牬yⰠconcisely⁡nd⁡ccu牡tely.

60
-
69%

The student demonstrates:



䅮 above ave牡ge s瑡ge of unde牳瑡nding, o牧anisingⰠin瑥牰牥瑡tion and a clear
g牡sp映me瑨odology⁳ui
瑡ble 景cused on⁴he⁴opic



䅮 abili瑹 瑯 syn瑨esise material and 瑯 cons瑲tc琠牥sponses which 牥veal insight
and may晦er物ginali瑹



䄠g牡sp o映ma瑥rial tha琠enables a cohe牥n琠response 瑯 瑨e assessmen琠task 瑯
eme牧e



䅮⁡bili瑹⁴o gene牡瑥⁷o牫⁴ha琠is

accu牡te⁡nd⁡pp牯pria瑥ly牧anised.

50
-
59%



The s瑵den琠is able 瑯 cove爠basic subjec琠mat瑥爠bu琠in a 牥la瑩vely unimagina瑩ve
and pedes瑲tan manne爮r O牧anisa瑩on and p牥senta瑩on o映ma瑥rial is accep瑡ble
bu琠may display some weakness. Limi瑡瑩ons i
n unde牳tanding and inte牰牥ta瑩on
and⁤i晦icul瑹⁩ninking⁴o⁲ levan琠ma瑥rial may⁢e eviden琮

40
-
49%



The student’s performance is only just acceptable in most respects revealing
some inadequacies in the grasp o映ma瑥rialⰠweak organising abili瑹 and l
imi瑥d
communica瑩on⁳kills.

< 40%



The student’s performance is deficient revealing inadequate grasp of material,
poo爠rrganising⁡bili瑹⁡nd⁰oo牬y⁤eveloped communica瑩on skills.


††

8.

TOTAL HOURS:



28

hours of direct lecture

& tutorial

sessions



28 ho
urs of lab
sessions



150

hours of self and independent study

9.

INSTRUCTIONAL PLAN AND RESOURCES

The base source of material to be used in the design of the teaching
-
learning schedule will be the print based
module material provided to both staff and students.

Other resources will be included to supplement and fill in
gaps especially latest development or recent changes which are obviously not found in the module material.

Olympia College




Diploma in Information Technology

Mod Learning Guide: Network Security

5

CLASS
LEARNING

SCHEDULE


WEEK

LECTURE

TUTORIAL
S

/

ACTIVITIES

1


Information Security




晩ne 䥮景rmation⁓ecuri瑹



䡩H瑯特映Securi瑹



䑥Dine⁓ecuri瑹⁡s⁡⁐牯cessⰠno琠a p牯duc琮



䅮瑩vi牵s⁳of瑷a牥



䅣cess⁃on瑲tls



䙩牥walls



卭a牴r䍡Cds



䉩ome瑲tcs



䥮瑲tsion⁄e瑥c瑩on



偯licy⁍anagement



噵lne牡bili瑹⁓ anning



䕮c特p瑩on



偨ysical

卥cu物瑹

Mechani
sms

2

Types映
䅴Aacks



䑥Dine⁁ccess

䅴Aacks



䑥Dine⁍odi晩cation⁁ 瑡ck



䑥Dine⁄ nial
-

-
卥牶ice⁁ 瑡cks



䑥Dine⁒ pudia瑩on⁁ tacks


3

䡡Hker⁔echniques




Identify a Hacker’s Motivation



Lea牮⁈ s瑯rical⁈ cking⁔echniques



Lea牮⁁dvanced⁔echniques



䥤entif
y⁍alicious⁃ de



䥤enti晹⁍e瑨od映瑨e⁕ 瑡rge瑥d⁈ cker



䥤enti晹⁍e瑨ods映瑨e⁴a牧e瑥d⁈ cke爠


4

䥮景牭a瑩on⁓ cu物瑹⁓ 牶ices



䑥Dine⁃ n晩dentiali瑹



䑥Dine 䥮瑥g物瑹



䑥Dine⁁ ailabili瑹



䑥Dine⁁ccountabili瑹


5

Legal 䥳sues 䥮 䥮景rmation
卥cu物瑹
.



啮Ue牳tand⁃ iminal⁌aw



啮Ue牳tand 䥳sues⁷i瑨⁐牯secu瑩on



啮Ue牳tand⁃ivil⁉ssues



啮Ue牳tand⁐ ivacy⁉ssues


6


偯licy



䑥Dine⁖a物ous⁐ licy



䍲敡瑥⁁ p牯pria瑥⁐olicy



䑥Dloy⁐ licy



啳e⁐ licy⁅ 晥c瑩vely

7

Managing⁒ sk



䑥Dine⁒isk



䥤enti晹⁴he⁲isk⁴
o an⁏牧 niza瑩on



Measu牥d⁒ sk


8

䥮景牭a瑩on⁓ cu物瑹⁐牯cess



䍯Cduc琠an⁁ sessment



䑥Delop⁐ licy



䥭plemen琠卥cu物瑹



䍯Cduc琠䅷a牥ness⁔牡ining



䍯Cduc琠䅵di瑳


Olympia College




Diploma in Information Technology

Mod Learning Guide: Network Security

6

9

Information Security Best
Practices



Understand Administrative Security



Understand Technic
al Security

10

Firewalls



Define the types of Firewalls



Develop a Firewalls Configuration



Design a Firewall Rule Set


11

Virtual Private Networks



Define Virtual Private
Networks



Deploy User VPNs



Deploy Site VPNs



Understand Standard VPN Techniques



Understa
nd the Types of VPN Systems



12

Encryption



Understand Encryption Concept



Understand Private Key Encryption



Understand Public Key Encryption



Understand Digital Signatures



Understand Key Management



Understand Trust in the Systems



13

Intrusion Detection



Define types of Intrusion Detection System



Set up an IDS



Managing an IDS



Understand Intrusion Prevention


14

Revision



Do pass year questions




Olympia College




Diploma in Information Technology

Mod Learning Guide: Network Security

7

LEARNING

SUGGESTIONS AND GUIDELINES

WEEK 1



Over the week of lecture and tutorial, the focus will be to und
ertake the following:



Define Information Security



History of Security



Define Security as a Process, not a product.



Antivirus software



Access Controls

/
Firewalls



Smart Cards

/
Biometrics



Intrusion Detection



Policy Management



Vulnerability Scanning

/
Enc
ryption



Physical Security Mechanisms


Learning outcomes to attain:



Understand Information Security



Know
History of Security



Able
to
Define Security as a Process, not a product.



Understand
Antivirus software



Understand
Access Controls



Understand
Firewalls



Understand
Smart Cards



Understand
Biometrics



Understand
Intrusion Detection



Understand
Policy Management



Understand
Vulnerability Scanning



Understand
Encryption



Understand
Physical Security Mechanisms


Readings and preparation to be undertaken by the
stude
nt
:

a.

Page

3
-

16

from the
Main reference text
.

b.

Main reference text namely
:




Eric Maiwald
,
Fundamentals of Network Security
,
McGraw Hill Technology Education



WEEK 2


Over the week of lecture and tutorial, the focus will be to undertake the following:



Defi
ne Access Attacks



Define Modification Attack



Define Denial
-
of
-
Service Attacks



Define Repudiation Attacks

Learning outcomes to attain:



Understand Access Attacks



Understand Modification Attack



Understand Denial
-
of
-
Service Attacks



Understand Repudiation Attac
ks


Readings and preparation to be undertaken by the
student
:

a.

Page
23
-

37

from the Main reference text.

b.

Main reference text namely:



Eric Maiwald
,
Fundamentals of Network Security
,
McGraw Hill Technology Education

Olympia College




Diploma in Information Technology

Mod Learning Guide: Network Security

8



WEEK
3


Over the week of lecture and t
utorial, the focus will be to undertake the following:



Identify a Hacker’s Motivation



Learn Historical Hacking Techniques



Learn Advanced Techniques



Identify Malicious Code



Identify Method of the Untargeted Hacker



Identify Methods of the targeted Hacker


L
earning outcomes to attain:



Understand

Hacker’s Motivation and Hacking Techniques



Able Identify Malicious Code


Readings and preparation to be undertaken by the
student
:

a.

Page
45
-

85

from the Main reference text.

b.

Main reference text namely:



Eric Maiwald
,
Fundamentals of Network Security
,
McGraw Hill Technology Education



WEEK
4


Over the week of lecture and tutorial, the focus will be to undertake the following:



Define Confidentiality



Define Integrity



Define Availability



Define Accountability


Learning
outcomes to attain:



Able t
o understand Confidentiality, Integrity, Availability, and Accountability


Readings and preparation to be undertaken by the
student
:

a.

Page
95
-

106

from the Main reference text.

b.

Main reference text namely:



Eric Maiwald
,
Fundament
als of Network Security
,
McGraw Hill Technology Education



WEEK
5


Over the week of lecture and tutorial, the focus will be to undertake the following:



Criminal Law



Issues with Prosecution



Civil Issues



Privacy Issues


Learning outcomes to attain:



Underst
and Criminal Law



Understand Issues with Prosecution



Understand Civil Issues



Understand Privacy Issues


Olympia College




Diploma in Information Technology

Mod Learning Guide: Network Security

9

Readings and preparation to be undertaken by the
student
:

a.

Page
115
-

135

from the Main reference text.

b.

Main reference text namely:



Eric Maiwald
,
Fundame
ntals of Network Security
,
McGraw Hill Technology Education



WEEK
6


Over the week of lecture and tutorial, the focus will be to undertake the following:



Define Various Policy



Create Appropriate Policy



Deploy Policy



Use Policy Effectively


Learning outco
mes to attain:



Able to Define Various Policy



Able to Create Appropriate Policy



Able to Deploy Policy



Able to Use Policy Effectively


Readings and preparation to be undertaken by the
student
:

a.

Page
1
43

-

1
69

from the Main reference text.

b.

Main reference text
namely:



Eric Maiwald
,
Fundamentals of Network Security
,
McGraw Hill Technology Education


WEEK
7



Over the week of lecture and tutorial, the focus will be to undertake the following:



Define Risk



Identify the risk to an Organization



Measured Risk


Learni
ng outcomes to attain:



A
ble to d
efine

Risk



Able to Identify the risk to an Organization



Able to Measured Risk


Readings and preparation to be undertaken by the
student
:

a.

Page
177
-

193

from the Main reference text.

b.

Main reference text namely:



Eric Maiwald
,
Fundamentals of Network Security
,
McGraw Hill Technology Education


WEEK
8


Over the week of lecture and tutorial, the focus will be to undertake the following:



Conduct an Assessment



Develop Policy



Implement Security



Conduct Awareness Training



Conduct Aud
its


Learning outcomes to attain:



Able to
Conduct an Assessment

Olympia College




Diploma in Information Technology

Mod Learning Guide: Network Security

10



Able to
Develop Policy



Able to
Implement Security



Able to
Conduct Awareness Training



Able to
Conduct Audits


Readings and preparation to be undertaken by the
student
:

a.

Page
2
01
-

225

from the Ma
in reference text.

b.

Main reference text namely:



Eric Maiwald
,
Fundamentals of Network Security
,
McGraw Hill Technology Education


WEEK 9


Over the week of lecture and tutorial, the focus will be to undertake the following:



Administrative Security



Technica
l Security


Learning outcomes to attain:



Able to understand
Administrative Security



Able to understand
Technical Security


Readings and preparation to be undertaken by the lecturer:

a.

Page
23
3
-
255

from the Main reference text.

b.

Main reference text namely:



Er
ic Maiwald
,
Fundamentals of Network Security
,
McGraw Hill Technology Education

c.

Conduct all activities as found in the module materials. Conduct the chapter test on the completion of
the classes.

d.

Assign further readings and activities to students based on t
he main reference text or activities from the
module materials.




WEEK 10



Over the week of lecture and tutorial, the focus will be to undertake the following:



Define the types of Firewalls



Develop a Firewalls Configuration



Design a Firewall Rule Set


L
earning outcomes to attain:



Able to
Define the types of Firewalls



Able to
Develop a Firewalls Configuration



Able to
Design a Firewall Rule Set


Readings and preparation to be undertaken by the lecturer:

a.

Page
267
-

278

from the Main reference text.

b.

Main refe
rence text namely:



Eric Maiwald
,
Fundamentals of Network Security
,
McGraw Hill Technology Education

c.

Conduct all activities as found in the module materials. Conduct the chapter test on the completion of
the classes.

d.

Assign further readings and activities
to students based on the main reference text or activities from the
module materials.

Olympia College




Diploma in Information Technology

Mod Learning Guide: Network Security

11



WEEK 1
1



Over the week of lecture and tutorial, the focus will be to undertake the following:



Define Virtual Private
Networks



Deploy User VPNs



Deploy Site VPNs



Stan
dard VPN Techniques



the Types of VPN Systems


Learning outcomes to attain:



Able to Define Virtual Private
Networks



Able to Deploy User VPNs



Able to Deploy Site VPNs



Able to Understand Standard VPN Techniques



Able to Understand the Types of VPN Systems


Rea
dings and preparation to be undertaken by the
student
:

a.

Page
285
-

303

from the Main reference text.

b.

Main reference text namely:



Eric Maiwald
,
Fundamentals of Network Security
,
McGraw Hill Technology Education




WEEK 12



Over the week of lecture and tut
orial, the focus will be to undertake the following:



Encryption Concept



Private Key Encryption



Public Key Encryption



Digital Signatures



Key Management



Trust in the Systems


Learning outcomes to attain:



Able to Understand Encryption Concept



Able to Understa
nd Private Key Encryption



Able to Understand Public Key Encryption



Able to Understand Digital Signatures



Able to Understand Key Management



Able to Understand Trust in the Systems


Readings and preparation to be undertaken by the
student
:

a.

Page
3
11
-

3
39

from

the Main reference text.

b.

Main reference text namely:



Eric Maiwald
,
Fundamentals of Network Security
,
McGraw Hill Technology Education


WEEK 13



Over the week of lecture and tutorial, the focus will be to undertake the following:



Define types of Intrusi
on Detection System



Set up an IDS



Managing an IDS



Understand Intrusion Prevention

Olympia College




Diploma in Information Technology

Mod Learning Guide: Network Security

12


Learning outcomes to attain:



Able to Define types of Intrusion Detection System



Able to Set up an IDS



Able to Managing an IDS



Able to Understand Intrusion Prevention


Readin
gs and preparation to be undertaken by the
student
:

a.

Page
349
-

37
9

from the Main reference text.

b.

Main reference text namely:



Eric Maiwald
,
Fundamentals of Network Security
,
McGraw Hill Technology Education




WEEK 1
4





REVISION



WEEK 1
5


FINAL EXAMIN
ATION