NETW 107: Introduction to Security
NETW 107
Introduction to Security
Mohammad Shanehsaz
COURSE DESCRIPTION
This course provides a fundamental understanding of network security principles and implementation. Topics covered include: authentication, types of attacks, malicious code, email threats and countermeasures, Web applications, remote access, and file and print services, intrusion detection systems, firewalls, and physical security concepts, security policies, disaster recovery, and computer forensics. Security topologies are discussed as well as technologies used and principles involved in creating secure computer networking environments such as providing secure communications channels, secure internetworking devices, and network medium and the daily tasks involved with managing and troubleshooting these technologies. Hands-on and case project assignments will reinforce each of the concepts.
Prerequisites none
Required Text and Materials
Cisco Learning Institute, Security+ Guide to Network Security Fundamentals,Course Technology Incorporated, 2003, ISBN 0-619-12017-7
STUDENT PERFORMANCE EVALUATION
Students are expected to be present and punctual for all scheduled classes and labs.
Students will be evaluated according to performance in the following categories:
- Two tests
- Quizzes at the instructor’s discretion
- Lab activities and hands-on performance tests
- In-class assignments, homework, and class participation
- A research paper and oral presentation
- A final exam
NOTIFICATION FOR STUDENTS WITH DISABILITIES
Students with disabilities, who wish to self-identify, must contact the Disability Services Office at 732-224-2730; provide appropriate documentation of the disability and request specific services. If you qualify, services and reasonable accommodations, which are appropriate for the college level and are recommended in the documentation will be approved.
FINAL GRADE
The final grade will be determined by the following:
30% / Exams, quizzes, research paper and presentation30% / Homework, labs and hand-on performance tests
20% / Final
20% / Participation and in-class assignments
100% / Grade for the Course
The following scale will be used to determine satisfactory progress on each unit examination and for the final as follows:
Final Grade / RangeA / 90 to 100
B+ / 85 to 89
B / 80 to 84
C+ / 75 to 79
C / 70 to 74
D / 65 to 69
F / Below 65
CORE COMPETENCIES
Communication
The student will communicate information and ideas clearly and effectively in the written and spoken form, and will demonstrate effective listening and reading skills.
Critical Thinking
The student will think clearly, critically and creatively to analyze information, identify solutions, make logical decisions and solve problems.
Information Literacy
The student will identify a need for information and collect, analyze, organize and evaluate information from a variety of sources. The student will synthesize, document and present information.
Technological Literacy
The student will use computer systems and other appropriate forms of technology to achieve professional, educational, and personal objectives.
INCOMPLETE
It is the student's responsibility to submit all classwork on a timely basis, and it is expected that all course requirements be completed by the last class meeting. In cases of hardship or emergency, your instructor may grant a grade of INC. In order to be considered for the grade INC, the student must have satisfactorily completed 80% of the course, have a passing test average, and must meet with the instructor prior to the last class meeting to discuss this option. Your instructor is under no obligation to grant an INC. In the event that you are granted an INC, it must be completed by the first week of the following semester or an earlier date specified by the instructor. You will be required to withdraw from the next course in a sequence if you have not successfully completed an INC with a C or better before the first meeting.
WITHDRAWING FROM CLASS
Students are allowed to withdraw from a course without penalty until four-fifths of the course or semester has been completed (i.e., the 12th week of a fifteen week course.) While a W does not affect your GPA, it may have impact if you are receiving Financial Aid. Before withdrawing from any class, you should consult with your counselor, or a Financial Aid representative.
ACADEMIC INTEGRITY
Academic integrity is submitting one's own work, and properly acknowledging the work of others. Any violation of this principle constitutes academic dishonesty. Forms of academic dishonesty include:
Plagiarism
Submitting another's work, in whole or part, as one's own. This includes an examination, a computer program, a laboratory report, or a written assignment.
Facilitating Academic Dishonesty
Helping another commit an act of dishonesty, such as substituting for an examination or completing an assignment for someone else.
Cheating
Using or attempting to use unauthorized materials on an examination or assignment, such as using unauthorized texts or notes or improperly obtaining, or attempting to obtain, copies of an examination or answers to an examination.
Illegal System Access
Altering, transmitting, or permitting unauthorized individuals to access your account, or an attempt to alter or destroy system files on any server or computer. This also includes altering, transmitting, or attempting to alter or transmit academic information or records by unauthorized individuals.
Students that participate in dishonest activities:
- will receive a 0 for that project, examination, or assignment
- may be given a grade of F for the course
- will be reported to the Dean for disciplinary action
For additional information, refer to the current Brookdale Community College Student Handbook.
Topical Outline
TopicsUnit 1: General Security Concepts
- Security Overview
- Authentication
- Attacks and Malicious Code
Unit 2: Communication Security
- Remote Access
- Web Security
- Directory and File Transfer Services
- Wireless and Instant Messaging
Unit 3: Infrastructure Security
- Devices
- Media and Medium
- Network Security Topologies
- Intrusion Detection
- Security Baselines
Unit 4: Basics of Cryptography
- Cryptography
Unit 5: Operational/ Organizational Security
- Physical Security
- Disaster Recovery and Business Continuity
- Computer Forensics and Advanced Topics
LEARNING OBJECTIVES
Unit 1 – General Security Concepts
Security Overview and Authentication
Understand network security and security threat trends and their ramifications
Understand the goals of network security, and determine the factors involved in a secure network strategy
Recognize and be able to differentiate and explain the following methods of authentication
- Username / Password
- Strong Passwords
- Understand the Kerberos authentication process
- Understand how CHAP (Challenge Handshake Authentication Protocol) works
- Understand what Mutual authentication is and why it is necessary
- Understand how digital Certificates are created and why they are used
- Understand what Tokens are and how they function
- Understand Biometric authentication processes and their strengths and weaknesses
- Understand the benefits of Multi-factor authentication
- Recognize and be able to differentiate and explain the following access control models
- MAC (Mandatory Access Control)
- DAC (Discretionary Access Control)
- RBAC (Role Based Access Control)
- Identify non-essential services and protocols and know what actions to take to reduce the risks of those services and protocols
- Understand the concept of and know how reduce the risks of social engineering
- Understand the concept and significance of auditing, logging and system scanning
Attacks and Malicious Code
Recognize the following attacks and specify the appropriate actions to take to mitigate vulnerability and risk
- Explain Denial of Service (DoS) attacks
- Explain and discuss ping-of-death attacks
- Identify the major components used in DDoS (Distributed Denial of Service) attacks and how they are installed
- Understand the major types of Spoofing attacks
- Discuss man-in-the-middle attacks, Replay attacks, and TCP/IP hijacking
- Back Door
- Detail three types of Social Engineering attacks and explain why they can be incredibly damaging
- List the major types of attacks used against encrypted data
- Weak Keys
- Mathematical
- Birthday
- Password Guessing
- Brute Force
- Dictionary
- Software Exploitation
Recognize the following types of malicious code and specify the appropriate counter-measure to take to mitigate vulnerability and risk
- Viruses
- Trojan Horses
- Logic Bombs
- Worms
Unit 2 – Communication Security
Recognize and understand the administration of the following types of remote access technologies
- Understand the implications of IEEE 802.1x and how it is used
- Understand VPN (Virtual Private Network) technology and its uses for securing remote access to networks
- Understand how RADIUS (Remote Authentication Dial-In User Service) authentication works
- Understand how TACACS+ (Terminal Access Controller Access Control System) operates
- Understand how PPTP (Point to Point Tunneling Protocol) works and when it is used
- Understand how L2TP (Layer Two Tunneling Protocol) works and when it is used
- Understand how SSH (Secure Shell) operates and when it is used
- Understand how IPSec (Internet Protocol Security) works and when it is used
- Understand the different vulnerabilities associated with telecommuting
Recognize and understand the administration of the following email security concepts
- Understand the need for secure e-mail
- Outline the benefits of PGP (Pretty Good Privacy) and S/MIME (Secure Multipurpose Internet Mail Extensions)
- Understand e-mail vulnerabilities and how to safeguard against them
- SPAM
- Hoaxes
- Explain the dangers posed by e-mail hoaxes and spam, as well as actions that can be taken to counteract them
Web Security
Recognize and understand the administration of the following Internet security concepts
- Understand SSL/TLS (Secure Sockets Layer / Transport Layer Security) protocols and their implementation on the Internet
- Understand HTTPS (Hypertext Transfer Protocol / Hypertext Transfer Protocol over Secure Sockets Layer) protocol as it relates to SSL
- Explore some of the most common uses of instant messaging applications and identify vulnerabilities associated with those applications
- Vulnerabilities
- Packet Sniffing
- Privacy
- Understand the vulnerabilities of each of the following, and how they are commonly exploited
- Java Script
- ActiveX
- Buffer Overflows
- Cookies
- Signed Applets
- CGI (Common Gateway Interface)
- SMTP (Simple Mail Transfer Protocol) Relay
Directory and File Transfer Services
Recognize and understand the administration of the following directory security concepts and file transfer protocols and concepts
- SSL / TLS (Secure Sockets Layer / Transport Layer Security)
- Explain the benefits offered by centralized enterprise directory services such as LDAP (Lightweight Directory Access Protocol) over traditional authentication systems
- Identify the major vulnerabilities of the FTP method of exchanging data
- Describe S/FTP (File Transfer Protocol), the major alternative to using Blind FTP (File Transfer Protocol) / Anonymous, in order to better secure your network infrastructure
- Illustrate the threat posed to your network by unmonitored file shares
- Vulnerabilities
- Packet Sniffing
- 8.3 Naming Conventions
Wireless and Instant Messaging
Recognize and understand the administration of the following wireless technologies and concepts
- Understand security issues related to wireless data transfer
- Understand the 802.11x standards
- Understand the Wireless Application Protocol (WAP) and how it works
- Understand the Wireless Transport Layer Security (WTLS) protocol and how it works
- Understand the Wired Equivalent Privacy (WEP) and how it works
- Conduct a wireless site survey
- Understand instant messaging
Unit 3 – Infrastructure Security
Devices and Media, Medium
Understand security concerns and concepts of the following types of devices
- Understand the purpose of a network firewall and the different kinds of firewall technology available on the market
- Understand the role of routers, switches, modems, and other networking hardware in security
- Determine when VPN (Virtual Private Network) or RAS (Remote Access Server) technology works to provide a secure network connection
Understand the security concerns for the following types of media
- Coaxial Cable
- UTP / STP (Unshielded Twisted Pair / Shielded Twisted Pair)
- Fiber Optic Cable
- Removable Media
- Tape
- CD-R (Recordable Compact Disks)
- Hard Drives
- Diskettes
- Flashcards
- Smartcards
- Identify and discuss the various types of transmission media
- Explain how to physically protect transmission media adequately
- Identify and discuss the various types of storage media
- Know how to lessen the risk of catastrophic loss of information
- Understand the various ways to encrypt data
- Properly maintain or destroy stored data
- Wireless
- Telecom / PBX (Private Branch Exchange)
- IDS (Intrusion Detection System)
- Network Monitoring / Diagnostics
- Workstations
- Servers
- Mobile Devices
Network Security Topologies
Understand the concepts behind the following kinds of Security Topologies
- Explain the network perimeter’s importance to an organization’s security policies
- Identify the place and role of the DMZ (Demilitarized Zone) in the network
- Explain how NAT (Network Address Translation) is used to help secure networks
- Spell out the role of Tunneling in network security
- Describe the security features of VLANs (Virtual Local Area Network)
- Intranet
- Extranet
Intrusion Detection
Differentiate the following types of intrusion detection, be able to explain the concepts of each type, and understand the implementation and configuration of each kind of intrusion detection system
- Explain what intrusion detection systems are and identify some of the major characteristics of intrusion detection products
- Detail the differences between Host-Based and Network-Based intrusion detection
- Identify Active Detection and Passive Detection features of both Host- and Network-Based IDS products
- Explain what Honey Pots are and how they are employed to increase network security
- Clarify the role of security Incident Response teams in the organization
Security Baselines
Understand the following concepts of Security Baselines, be able to explain what a Security Baseline is, and understand the implementation and configuration of each kind of intrusion detection system
- Gain an understanding of OS/NOS (Operating System / Network Operating System) vulnerabilities and hardening practices
- Understand the operation of a file system and how to secure a file system
- Explore common Network Hardening practices, including firmware updates (Hotfixes, Service Packs, Patches) and configuration best practices
- Updates (Firmware)
- Configuration
- Enabling and Disabling Services and Protocols
- Access Control Lists
- Identify network services that are commonly exploited by attackers and learn about best practices for writing access control lists
- Explore vulnerabilities regarding network services such as Web, FTP, DNS, DHCP, Mail, File/Print Servers and Data Repositories as well as best practices in securing such devices
- Application Hardening
- Updates (Hotfixes, Service Packs, Patches)
- Web Servers
- E-mail Servers
- FTP (File Transfer Protocol) Servers
- DNS (Domain Name Service) Servers
- NNTP (Network News Transfer Protocol) Servers
- File / Print Servers
- DHCP (Dynamic Host Configuration Protocol) Servers
- Data Repositories
- Directory Services
- Databases
Unit 4
Cryptography
Be able to identify and explain the of the following different kinds of cryptographic algorithms
- Hashing
- Symmetric
- Asymmetric
Understand how cryptography addresses the following security concepts
- Confidentiality
- Integrity
- Digital Signatures
- Authentication
- Non-Repudiation
- Digital Signatures
- Access Control
Understand and be able to explain the following concepts of PKI (Public Key Infrastructure)
- Certificates
- Certificate Policies
- Certificate Practice Statements
- Revocation
- Trust Models
Identify and be able to differentiate different cryptographic standards and protocols
Understand and be able to explain the following concepts of Key Management and Certificate Lifecycles
- Centralized vs. Decentralized
- Storage
- Hardware vs. Software
- Private Key Protection
- Escrow
- Expiration
- Revocation
- Status Checking
- Suspension
- Status Checking
- Recovery
- M-of-N Control (Of M appropriate individuals, N must be present to authorize recovery)
- Renewal
- Destruction
- Key Usage
- Multiple Key Pairs (Single, Dual)
- Understand the basics of algorithms and how they are used in modern cryptography
- Identify the differences between asymmetric and symmetric algorithms
- Have a basic understanding of the concepts of cryptography and how they relate to network security
- Discuss the characteristics of PKI certificates and the policies and procedures surrounding them
- Understand the implications of key management and a certificate’s lifecycle
Unit 5
Physical Security and Disaster Recovery with Business Continuity
Understand the application of the following concepts of physical security
- Access Control
- Physical Barriers
- Biometrics
- Social Engineering
- Environment
- Wireless Cells
- Location
- Shielding
- Fire Suppression
Understand the security implications of the following topics of disaster recovery
- Backups
- Off Site Storage
- Secure Recovery
- Alternate Sites
- Disaster Recovery Plan
Understand the security implications of the following topics of business continuity
- Utilities
- High Availability / Fault Tolerance
- Backups
Understand the concepts and uses of the following types of policies and procedures
- Security Policy
- Acceptable Use
- Due Care
- Privacy
- Separation of Duties
- Need to Know
- Password Management
- SLAs (Service Level Agreements)
- Disposal / Destruction
- HR (Human Resources) Policy
- Termination (Adding and revoking passwords and privileges, etc.)
- Hiring (Adding and revoking passwords and privileges, etc.)
- Code of Ethics
- Incident Response Policy
Explain the following concepts of privilege management
- User / Group / Role Management
- Single Sign-on
- Centralized vs. Decentralized
- Auditing (Privilege, Usage, Escalation)
- MAC / DAC / RBAC (Mandatory Access Control / Discretionary Access Control / Role Based Access Control)
- Understand the importance of physical security
- Discuss the impact of location on a facility’s security
- Identify major material factors when constructing a facility
- Understand how various physical barriers can enhance the protection of vital resources
- Discuss the various biometric techniques used for access control
- Understand the importance of fire safety and fire detection
- Understand business continuity
- Understand the disaster recovery planning process
- Explain the importance of defining and documenting security policies and procedures
- Discuss the implications of privilege management and its impact on disaster recovery and business continuity
Computer Forensics and Advanced Topics
Understand the concepts of the following topics of forensics