Syllabus - ENMU Tri-Campus Academic Web Server

advertisement
ENMU Ruidoso Branch Community College
Master Syllabus
Course Number: IS 293, CRN 22747 Course Title: Network Security Fundamentals
Credits: 3
Semester: Spring 2010
Instructor information
Instructor: Stephen Miller
Phone: 257-2120 Ext.380
8AM – 5 PM
E-Mail: stephen.miller@enmu.edu
Website: http://academic.enmu.edu/stephen.miller
Office: Room 216, Office Hours: 8:00 A.M. – 5 P.M. Monday – Friday.
Class Times: Online 24 x 7.
Rationale for student taking this course:
Provide students with the necessary understanding and abilities to apply network security
fundamentals and methods. Upon completion of this online course a student should be
able to take the CompTIA’s 2008 Security+ certification exam.
Course description:
This course delivers a comprehensive overview of network security, including general
security concepts. Communication security is studied, including remote access, e-mail, the
Web, directory and file transfer, and wireless data. Common network attacks are
introduced. Cryptography basics are incorporated, and operational/organizational security
is discussed as it relates to physical security, disaster recovery, and business continuity.
Computer forensics is introduced. Upon completion of this online course a student should
be able to take the CompTIA’s 2008 Security+ certification exam.
Specific topic coverage includes:
 Introduction to Security
 System Threats and Risks
 Protecting Systems
 Network Vulnerabilities and Attacks
 Network Defenses
 Wireless Network Security
 Access Control Fundamentals
 Authentication
 Performing Vulnerability Assessments
 Conducting Security Audits
 Basic Cryptography
 Applying Cryptography
 Business Continuity Planning and Procedures
1
CIS 151 Course Syllabus

Policies and Legislation
Prerequisite: CS121 Computing Concepts & IS110 Operating Environments or
1 year computer/network related experience.
Text(s)/Study Guides(s), Manuals:
Required Text:
Mark Ciampa, Security+ Guide to Network Security Fundamentals. Course Technology
Incorporated, 2009, ISBN 13: 978-1-4283-4066-4
Required Material(s):
ENMU E-mail Account
ENMU Ruidoso Blackboard Account
Home computer or laptop
High speed internet access
2
533574614
CIS 151 Course Syllabus
Expected student outcomes or competencies:
Upon successful completion of this course, the student should be able to:
Chapter 2
1) Differentiate among various systems security threats. (2%)
2) Explain the security risks pertaining to system hardware and peripherals. (2%)
3) Explain the purpose and application of virtualization technology. (2%)
Chapter 3
4) Implement OS hardening practices and procedures to achieve workstation and server security. (2%)
5) Carry out the appropriate procedures to establish application security. (2%)
6) Implement security applications. (2%)
Chapter 4
7) Differentiate between the different ports and protocols, their respective threats and mitigation techniques. (2%)
8) Explain the vulnerabilities and mitigations associated with various transmission media. (2%)
Chapter 5
9) Distinguish between network design elements and components. (2%)
10) Determine the appropriate use of network security tools to facilitate network security. (2%)
11) Apply the appropriate network tools to facilitate network security. (2%)
12) Explain the vulnerabilities and mitigations associated with network devices. (2%)
Chapter 6
13) Explain the vulnerabilities and mitigations associated with wireless networking. (2%) (also Chapter 4)
Chapter 7
14) Identify and apply industry best practices for access control methods. (2%)
15) Explain common access control models and the differences between each. (2%)
16) Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights
and privileges. (2%)
17) Apply appropriate security controls to file and print resources. (2%)
18) Compare and implement logical access control methods. (2%)
19) Explain and apply physical access security methods. (2%)
Chapter 8
20) Summarize the various authentication models and identify the components of each. (2%)
21) Deploy various authentication models and identify the components of each. (2%)
22) Explain the difference between identification and authentication (identity proofing). (2%)
Chapter 9
23) Conduct risk assessments and implement risk mitigation. (2%)
24) Carry out vulnerability assessments using common tools. (2%)
25) Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning.
(2%)
Chapter 10
26) Use monitoring tools on systems and networks and direct security-related anomalies. (2%)
27) Compare and contrast various types of monitoring. (2%)
28) Execute proper logging procedures and evaluate the results. (2%)
29) Conduct periodic audits of system security settings. (2%)
Chapter 11
30) Explain general cryptography concepts. (2%) (Also Chapter 12)
31) Explain basic hashing concepts and map various algorithms to appropriate applications. (2%)
32) Explain basic encryption concepts and map various algorithms to appropriate applications. (2%) (Also Chapter 6)
Chapter 12
33) Explain and implement protocols. (2%)
34) Explain core concepts of public key cryptography. (2%)
35) Implement PKI and certification management. (2%)
Chapter 13
36) Explain redundancy planning and its components. (2%)
37) Implement disaster recovery procedures. (2%)
38) Differentiate between and execute appropriate incident response procedures. (2%)
Chapter 14
39) Identify and explain applicable legislation and organizational policies. (2%)
40) Explain the importance of environmental controls. (2%)
41) Explain the concept of and how to reduce the risk of social engineering. (2%)
Chapters 1 - 14
42) Successfully complete CompTia Security + exam. (18%)
3
533574614
CIS 151 Course Syllabus
Requisites for the course:
There is no formal prerequisite for this course. However, students taking this course should be familiar with the
use of a standard computer keyboard and mouse, and be able to type at a reasonable speed. Students who
have never worked with a computer, or are unfamiliar with the keyboard, should take CAS 101 prior to taking this
course
Integration of critical skills:
Upon satisfactory completion of this course, the student will develop the following critical skills:
1) Extensive use of security fundamentals will develop computer use skills in both stand-alone and networked
environments.
2) Writing skills will be developed through group discussion exercises, internet research assignments, and the
use of presentation software.
3) Critical thinking skills will be developed through problem solving exercises in related network and computing
areas of security.
4) Skills in group work will be developed during computer network operation and group discussions.
5) Public communication skills will be developed through group discussions.
Requirements for course outline:
1) Course Grading and Evaluation
EXAMS: (200 points)
There will be two exams a Mid-tern and a final exam. Each exam will have a value of 100 points (200 points
total), covering the material taught in-class and assigned from the textbook. The final exam will be
comprehensive, covering material from the entire course. Student have a one week window to complete an
exam, the exam must be completed in the designated time-frame or receive a zero.
Group
interaction
amounts to
50% of your
grade.
GROUP DISCUSSION PROJECTS: (200 points)
There will be 4 group projects, 50 points each for a total of 200 points total.
INDIVIDUAL WEEKLY DISCUSSION TOPICS: (160 points)
There will be 2 – 3 weekly discussion topics that students are required to participate
in at least one discussion topic a week. The discussion topics are worth 10 points
each based on content, and applicability of comments. A student can receive up to
160 points from discussion topics.
CHAPTER ASSESSMENTS: (140 points)
There will be 14 Quiz Assessments, one for each chapter in the book and in the online chapter learning
module. Each assessment is worth 10 points for a total of 140 points.
Final grades will be awarded based on the total points earned for the course, according to the following
scale:
A=620 – 700 Points (90%)
B = 540 – 619.9 Points (80%)
D=380 – 459.9 Points (60%)
C=460 – 539.9 Points (70%)
F= Below 380 Points
The textbook will be heavily used for this class. Students are expected to read the assigned sections and
follow along in the book while completing the online learning modules. Students should expect to put in
extra time in order to complete all assignments and projects.
4
533574614
CIS 151 Course Syllabus
2) Student Conduct
Administrative Withdrawal for Nonparticipation
An instructor will recommend that a student be withdrawn from class if that student has an
unexcused absence from 6-8 consecutive hours of instruction OR misses 20% of the regularly
scheduled class meetings. Instructors will recommend administrative withdrawal for online students
if they do not access the course for 10 consecutive days without contacting the instructor. Course
withdrawal for nonattendance will be initiated by Instructors, reviewed by a Student Advisor, and
approved by the Vice President for Student Learning.
Note: Students should be aware that administrative withdrawal for nonparticipation may reduce the
amount of financial aid they receive, delay their graduation, or necessitate repayment of aid already
received.
No Smoking on Campus - A new NM State Statute became law June 15, 2007. The Dee Johnson
Clean Indoor Air Act prohibits smoking at all workplaces and public facilities. In order to comply
with the new provisions of the law, effective immediately, smoking is banned inside, or within 30
feet of any ENMU property or leased facilities including Ruidoso High School, Lincoln County
Works, and any other location where classes are held.
Cell Phones Prohibited in Classrooms – Cell phones, whether set to audibly ring or vibrate, are
prohibited from all classrooms. Students needing a cell phone for emergency use may seek
instructor approval prior to bringing a cell phone to class.
Student Code of Conduct – For the complete Student Code of Conduct please refer to the Student
Handbook available at http://www.ruidoso.enmu.edu/docs/studenthnbk.pdf . Instructors at ENMURuidoso will not tolerate poor student behavior including plagiarism. Plagiarism is:
 Offering the work of another as one's own;
 Offering the work of another without acknowledgment or
 Failing to give credit for quotations or essentially identical expressions of material taken
from books, encyclopedias, magazines, other reference works, term papers, reports or
sources of any other individual.
Punishment is left up to the instructor and may range from a written warning to expulsion from the
university.
Americans with Disabilities Act:
If you have physical or learning needs that require accommodation, contact your instructor or Sue
Kluthe, Student Affairs Coordinator (257-2120) at the beginning of the semester. All efforts will be
made to accommodate these needs or to provide equipment necessary to accomplish the
requirements for this course. Discussions and documentation will be kept confidential.
Course cancellation policy:
Classes may not be cancelled by the instructor. If the instructor is ill or unable to hold class for
reasons beyond his or her control, a substitute instructor will hold class or students will be given the
opportunity to make up missed class time through an alternative meeting time (agreeable to all
students) or by completion of an outside assignment.
5
533574614
CIS 151 Course Syllabus
Course Calendar (Tentative)
Week /
Exams/
Readings
Assignments
Chapter 1
Learning Module 1
Topics
Date
1
Chapter
Introduction to Security
Quiz 1
1/19 -25
2
Chapter 2
System Threats and Risks
1/26 – 2/1
3
Quiz 2
Chapter 3
Protecting Systems
Network Vulnerabilities and Attacks
Chapter 4
Chapter 5
Network Defenses
Chapter 6
Wireless Network Security
2/23 – 3/1
7
Chapter 7
Access Control Fundamentals
9
Review Chapters 1 - 7
Chapters
Mid-term
1 - 7
Exam
N/A
Spring Break
Chapter 8
Authentication
Learning Module 8
Quiz 8
3/23 - 29
10
Learning Module 7
Quiz 7
3/9 - 15
3/14 – 3/20
Learning Module 6
Quiz 6
3/2 - 8
8
Learning Module 5
Quiz 5
2/16 - 22
6
Learning Module 4
Quiz 4
2/9 - 15
5
Learning Module 3
Quiz 3
2/2 - 8
4
Learning Module 2
Performing Vulnerability Assessments
3/30 – 4/5
Chapter 9
Learning Module 9
Quiz 9
6
533574614
CIS 151 Course Syllabus
Conducting Security Audits
11
4/6 - 12
Basic Cryptography
12
4/13 - 19
Applying Cryptography
13
4/20 - 26
Business Continuity Planning and Procedures
14
4/27 – 5/3
Policies and Legislation
15
5/4 - 10
Review Chapters 8 - 14
16
Chapter
Learning Module 10
10
Quiz 10
Chapter
Learning Module 11
11
Quiz 11
Chapter
Learning Module 12
12
Quiz 12
Chapter
Learning Module 13
13
Quiz 13
Chapter
Learning Module 14
14
Quiz 14
Chapters
Final Exam
8 - 14
5/11 - 14
Note: The dates and topics shown in the calendar are subject to change.
4. Web Resources
See Blackboard “Web Links” tab within IS 293 Network Security Fundamentals course.
7
533574614
Download