Philadelphia University Faculty of Administrative & Financial Sciences

advertisement
Philadelphia University
Faculty of Administrative & Financial Sciences
Department of Business Networking and Systems
Management
Second semester, 2009/2010
Course Syllabus
Course Title: Systems & Networks
Security and Firewalls.
Course code: 371410
Course prerequisite (s) and/or co requisite (s):
Course Level: fourth year
371251
Lecture Time: 8:15-9:30
Credit hours: 3
Mon, Wed
Academic Staff Specifics
Name
Rank
Office Number and Location
Office
Hours
E-mail Address
12-13,
Ahmad Al-Ghoul
M.Sc.
32404
14-15
ahmad4_2_69@hotmail.com
Su.Tu.thu
Course module description:
This course provides end-to-end, detailed coverage of the state of the art in all aspects of
computer security. Starting with a clear, in-depth review of cryptography, it also covers
specific options for securing software and data against malicious code and intruders; the
special challenges of securing networks and distributed systems; firewalls; ways to
administer security on personal computers; analyzing security risks and benefits; and the
legal and ethical issues surrounding computer security.
Course module objectives:




Provides a comprehensive introduction to information security issues,
concepts and technologies.
Understand the technologies of access control, cryptography, digital signatures,
authentication, network firewalls, and network security services and
mechanisms
Explain the threat of viruses and other rogue programs, and recommended
countermeasures
Understand and explain the specification, verification, and design of secure
networks using rigorous and formal logical methods.
1
Course/ module components
 Books
Text book:
Security in Computing, by Charles P. Pfleeger, Prentice Hall 2003
ISBN : 0-13-035548-8
In addition to the above, the students will be provided with handouts by the lecturer.
Homework guide .
HOMEWORK: Homework is an essential part of the educational process.
The homework in this course will reinforce the material covered in the classroom and
provide time for practice. Students will earn points for each homework assignment
completed. Homework assignments will be graded based on completion.
Teaching methods:



Duration: 16 weeks in first semester, 48 hours in total
Lectures: 32 hours (2.5 hours per week),
Laboratories: 16 hours, 1 per week
Learning outcomes:
 Knowledge and understanding
A student completing this module should:
-Define security and understand security statistics
- List the attributes of an effective security system and create a security policy
- Use authentication techniques and access control to secure your network
- Define encryption, and encryption types and uses
- Describe the elements involved in the use of firewalls
- Describe firewall strategies, goals, and designs
- Plan for proactive detection of and appropriate responses to a security breach
Cognitive skills (thinking and analysis).
The lecturer will present the material in the text book in an interactive way that
stimulates the thinking side of students.
Conducting the learning objectives for each module components in clear manner to
insure the material is digested by the students.
 - Analyzing, summarizing and integrating information from a variety of media.
 The student must be to understand different available tools, techniques and
methods to apply security different, have the ability and understanding of using
the suitable method depends on cases.
Communication skills (personal and academic).
-Module language: English
-For every lecture the last five minutes will be open for discussion. For further
discussion, the students are welcome at the lecturer s office hour as appeared in first
page.
Time Management: Assignments are varied, integrated, and overlapping, and students
must focus on multiple issues, projects, and demands. Students must, therefore, take
responsibility for planning and pacing their own work as well as developing time
management skills.
Project Development: Groups of approximately two to three students develop
projects, complete research, schedule meetings, write papers and reports, and deliver a
20-30 minute oral presentation using visual aids.
Group Management: Students work on group projects to practice interpersonal skills
by communicating with group members, other groups, and peers outside the group.
2
Practical and subject specific skills (Transferable Skills).
The student is able to analyze and design security system using the suitable method
and tools.
Assessment instruments




Short reports and/ or presentations, and/ or Short research projects
Quizzes.
Home works
Final examination: 50 marks
Allocation of Marks
Assessment Instruments
Mark
First examination
15
Second examination
15
Final examination: 50 marks
50
Reports, research projects, Quizzes,
20
Home works, Projects
Total
100
Documentation and academic honesty
This course is given from the textbook mentioned above. It is
copyright protected. Students are encouraged to purchase this
textbook from the university bookshop.
Definition of Plagiarism
Plagiarism is the unacknowledged borrowing of another writer’s words or ideas.
How Can Students Avoid Plagiarism?
To avoid plagiarism, you must give credit whenever you use




another person’s idea, opinion, or theory;
any facts, statistics, graphs, drawings—any pieces of information—that are not
common knowledge;
quotations of another person’s actual spoken or written words; or
Paraphrase of another person’s spoken or written words.
If you are in doubt about whether what you are doing is inappropriate, consult your
instructor. A claim that “you didn’t know it was wrong” will not be accepted as
an excuse.
Penalty for Plagiarism
The minimum penalty for an act of plagiarism is a 0 on the assignment, homework,
and project. Serious cases of plagiarism may result in failure in the course as a whole,
or expulsion from the university.
3
Course/module academic calendar
week
(1)
(2)
(3)
(4)
(5)
(6)
First
examination
(7)
(8)
(9)
(10)
(11)
Second
examination
Basic and support material to be
covered
Information cycle, what is security, what is the threat
& risk, effective security systems, ensure security in a
network & enhancing security by, security procedures
& security phases
Planning a security policy, system classification,
security Goals, creating a security policy, Types of
Threat, Risk, Attack
Tutorial 1
Elements of security, security standards, & security
architecture, authentication, access control, building a
defense
Encryption & method of defense, basic encryption
and decryption, encryption strategy, encryption with
key
Tutorial 2
Public key encryption, uses of encryption, digital
signature
H/W and S/W Security, physical Security, secure
encryption systems
Definition of protocols, types of protocols, key
distribution, types of ciphers, Tutorial 3
Error prevention and detection, one-way encryption,
cipher block chain
Repetition (encryption), Tutorial 4
Viruses & types of viruses, how viruses attach & how
viruses gain control, homes for viruses, virus
signature, source of viruses, preventing virus
infection, facts and misconceptions about viruses,
examples of malicious codes
What is a firewall, packet filters, proxy servers and
circuit-level gateways, application-level gateway
proxy server
, Tutorial 5
Second Exam, - Practical implementation (The Cisco
PIX Firewall)
4
Homework/reports
and their due dates
(12)
building a firewall (bastion host), common firewall
designs & Firewalls Design Approaches
(13)
Personal Computer Security Management, UNIX
Security Management, risks Analysis & Security
Planning, organizational Security Policies, Tutorial 6
(14)
Authentication methods, use of passwords,
authentication protocols, PAP, CHAP, RADIUS,
SSL, TLS, IPSec, Kerberos, Tutoria7.
Introduction to ISA server, using caching, using
firewalls, deployment scenarios for ISA server
(15)
(16)
Final
Examination
Installing ISA server, installing and configuring ISA
server clients, maintaining ISA server, tutorial 8
Expected workload:
On average students need to spend 2 hours of study and preparation for each 50-minute
lecture/tutorial.
Attendance policy:
Absence from lectures and/or tutorials shall not exceed 15%. Students who exceed the 15% limit
without a medical or emergency excuse acceptable to and approved by the Dean of the relevant
college/faculty shall not be allowed to take the final examination and shall receive a mark of zero
for the course. If the excuse is approved by the Dean, the student shall be considered to have
withdrawn from the course.
Module references
Books
Students will be expected to give the same attention to these references as given to the
Module textbook(s)
[1] Cisco
Network Security by James Pike, Prentice Hall
[2] Internet Security Protocols: Protecting IP Traffic: 1/e , Uyless Black
[3]Security Warrior
By Anton Chuvakin, Cyrus Peikari
Publisher
: O'Reilly
Pub Date
: January 2004
ISBN
: 0-596-00545-8
[4] MCSE Training Kit—Designing Microsoft Windows 2000 Network Security
[5] Building Internet Firewalls
Elizabeth D. Zwicky, Simon Cooper & D. Brent Chapman
Second Edition, June 2000
ISBN: 1-56592-871-7
5
[6] Network
Intrusion Detection, Third Edition
By Stephen Northcutt, Judy Novak
Publisher : New Riders Publishing
Pub Date : August 28, 2002
ISBN : 0-73571-265-4
[7] CRYPTOGRAPHY Theory and Practice
Douglas R.stinson
Publisher : CRC
ISBN : 0-8493-8521-0
Website(s):
.http://www.microsoft.com/isaserver/techinfo/howto/
http://www.alw.nih.gov/Security/
http://www.cert.org/homeusers/HomeComputerSecurity/
http://www.jmu.edu/computing/security/
http://www.networkcomputing.com/channels/security/
http://dmoz.org/Computers/Security/
http://security.fnal.gov/
http://gaim-encryption.sourceforge.net/
http://www.windowsecurity.com/articles_tutorials/
www.cisco.com
6
Download