Syllabus - Heinz College Home

advertisement
CARNEGIE MELLON UNIVERSITY
Heinz College
95-758 Introduction to Network Security
Section A Spring 2015
Syllabus, v1.0
General
Joseph Mayes
jmayes@cert.org
jmayes@andrew.cmu.edu
(412) 268-5181
Office Hours and Location: TBD
Course Management
All course materials will be managed through Blackboard. Blackboard will also be used to post
announcements of assignments and other information. Please be sure to check these
announcements frequently to ensure you have the latest information about the course.
The course will make extensive use of topical readings that support the course lectures. These
readings will be posted to Blackboard on Wednesday mornings preceding the next class lecture.
Students are expected to read the material and be prepared to discuss it during the class. In some
cases, these readings will be integrated to homework assignments.
Course Updates and Changes
This syllabus represents the course plan as conceived at the beginning of the semester but is
subject to change and modification by the instructor at any time. Advanced notice will be
provided to students through Blackboard announcements, and when necessary, an updated
syllabus will be issued.
Course Description
This course is intended to give students an introduction to the design, operation and security of
enterprise data networks. The course will focus on applying infrastructure and security principles
related to organizational networks as well as managerial and policy topics. The purpose of the
course lectures, assignments, readings, and examinations are to ensure students have sufficient
technical awareness and managerial competence that will enable them to pursue advanced study
in information security policy and management as they progress through the program. There is
95758 Syllabus
Spring 2015
no prerequisite for this course, however successful students will have fundamental knowledge
of information and computer systems, and a general awareness of security issues in these
systems.
Course Objectives
Upon completion of this course, the student will obtain confidence in understanding and applying
key concepts, including:


A working knowledge of the need to properly design networks to properly support an
organization, properly accommodate networking protocols, and properly secure an
organization’s cyber assets through its network infrastructure
Specific topics covered include:
o Application of security principles to computer networking
o The OSI and TCP/IP models of network communication
o Network security at different layers of the OSI and TCP/IP models
o Enterprise systems for AAA
o Designing networks on selected protocols to support business operations while
maintaining identified levels of network security
o Supporting secondary network connectivity (wireless, VPNs, BYOD devices,
partner networks, cross-domain and other connectivity types)
o Designing networks to support Resiliency Management, Business Continuity,
Disaster Recovery and other principles to avoid network failures that negatively
impact the organization’s ability to deliver on its core mission
o Methods to prevent, detect and respond to security breaches, including the role
of Incident Response Teams.
Textbooks
There are no textbooks for this course.
Students who feel they need additional studies in networking may enroll at no cost in a
supplemental online training course offered by the Cisco Networking academy. For more
information, see the web link below and speak with me about the program.
Cisco Networking academy CCNA Routing and Switching
https://www.netacad.com/web/about-us/ccna-rs
Page 2
95758 Syllabus
Spring 2015
Assignments and Exams
There will be four homework assignments, a midterm and final exam, and a group project.
Homework
The four homework assignments will be focused on analysis of topics relevant to the course
lectures and current events in network design and security. Each assignment will be announced
on Blackboard with requirements for submission.
Mid-term Exam
The mid-term exam will be 30 multiple choice questions on course material covered through the
class meeting date preceding the exam date. The exam will be administered and graded via
Blackboard. Optional extra credit questions will be provided.
Final Exam
The final exam will be 30 questions that cover the entire body of course work through the
semester. The exam will be administered and graded via Blackboard, and optional extra credit
questions will be provided as with the mid-term. The final exam will be administered in the final
week of the semester as scheduled by the Heinz College.
Network Design Analysis (Group Project)
Students of management and policy absolutely must gain skills and confidence in expressing
difficult technical and managerial concepts to decision and policy makers, particularly those who
provide funding for key organizational initiatives. For this reason, students in this course will
work in teams to complete a final project. The project will be to examine an existing network
design, and improve the design to improve network security while also improving the usefulness
of the network in support of the organizational mission. The grade for this project will be based
on the infrastructure design of the network, the security design of the network, and the
demonstrated ability of the team to communicate technical constructs/challenges/issues clearly
and effectively.
Grading
The following constitutes the composition of the final course score:
 Homework assignments = 5 points each, or 20%
 Mid-term Exam = 20 points, or 20%
 Comprehensive Final Exam = 30 points, or 30%
 Comprehensive Group Project = 30 points, or 30%
Page 3
95758 Syllabus
Spring 2015
Grading rubric:
Letter
Interpretation
Point Totals
GPA
A+
A
AB+
B
BC+
C
D
Exceptional
Excellent
Very Good
Good
Acceptable
Fair
Poor
Very Poor
Failing
97 – 100
93 – 97
90 – 93
87 – 90
83 – 87
80 – 83
75 – 80
70 – 75
Below 70
4.33
4.00
3.67
3.33
3.00
2.67
2.33
2.00
0
Proposed Agenda
Course
Date
Topic
1/15
Introduction, and the Need to Apply Security Principles to
Networking
Network Design Principles and Constraints
Enterprise AAA Technologies
Models: OSI, TCP/IP, and Related Protocols and Technologies
Network Segmentation and Security at the Physical and Virtual
Layers
Network Segmentation and Security at the Logical Layer
Network Segmentation and Security at the Session and
Application Layers
Mid-Term Exam
Securing Data With Encryption
802.11 Wireless Networks and Security
ExtraNet Connections: (Partners, BYOD, Cross-domain, etc.)
Security and Insider Threats
Design and Implementation of Network Security Monitoring
Network Security Incident Response
Course Review and Summary
Group Project Deliveries
1/22
1/29
2/5
2/12
2/19
2/26
3/5
3/12
3/19
3/26
4/2
4/9
4/16
4/23
4/30
Week of
5/4
Final Exam Week
Notes
Homework 1 Assigned
Homework 2 Assigned
Final Project assigned
Homework 3 Assigned
Homework 4 Assigned
Group Project
deliveries
Final Exam
(May 7)
Page 4
95758 Syllabus
Spring 2015
Academic Integrity Policy
Credibility and ethical character are essential to careers in information and cyber security. In the
classroom, the University expects that all students will prepare their own work and take their
own exams, will not plagiarize existing published works, and will cite reference works properly
and accurately. Violations of the University’s policies can result in penalties as required. Please
refer to the University’s policies here: http://www.cmu.edu/policies/StudentPolicy.html
Page 5
Download