Information Assurance Syllabus Telecommunications Systems Engineer Course Fort Gordon Revised August 15, 2008 Instructor: Class Dates: Review Date: Final Exam: Homeworks: Class Time: Office Hours: Location: 8/18 Mon. – 8/22 Fri, 8/25 Mon - 8/29 Fri. 9/3 Wed. 9/5 Fri. HW1 (8/22), HW2 (8/26), HW3 (8/29) 15:00 Sharp. 08:30 – 12:30 with 5 minute breaks each hour 13:30 – 15:30 Cobb Hall Rm 127 Course Description The purpose of this module is to provide students with a working knowledge of information security concepts in order to secure networks, design secure protocols, and manage security risks. There will be a lot of hands-on experience with networking tools. Topics include: Security Terms, Applied Cryptography, Secure Protocol Design, Key Management, Network Encryption, Network Protection, Wireless, and Policy Tools include: Wireshark, CWSandbox, Robtex, Tor, Metasploit COURSE OBJECTIVES: • Explain the seven fundamental principles of security • Be able to use the terminology and formulas associated with risk management • Identify the layered approaches to security • Explain threats, vulnerabilities and attacks • Identify types of Malware and their differences • Define terms associated with Cryptography • Explain how symmetric and asymmetric encryption works • Identify various cryptographic attacks • Understand the use of different ciphers • Identify how keys are distributed securely over networks. • Describe Certificate Authorities. • Understand Virtual Private Networks (VPN) and IP Security (IPSec); to include the authentication and encapsulating security payload modes and the transport and tunnel modes. Security association and IPSec key distribution schemes will be covered. • Understand host-to-host security protocols such as: Secure Socket Layer/Transport Layer Security (SSL/TLS), Pretty Good Privacy (PGP), S/MIME. • Define active and passive information security controls that: identify security events, capture event actions, ID key elements, alert appropriate authorities, and facilitate the deployment of corrective and recovery actions. TSEC/Information Assurance/August 2008 1 of 4 • • • • • • • • • Describe the threats, vulnerabilities, and countermeasures related to physically protecting the enterprise’s sensitive info areas. Identify the risk to facilities, data, media, equipment, support systems, and supplies as they relate to physical security. Define active and passive info security controls that: identify security events, capture event actions, ID key elements, alert appropriate authorities, and facilitate the deployment of corrective and recovery actions. Explain Investigative measures and techniques used to determine if a crime has been committed and methods to gather evidence if it has Describe the ethical constraints that provide a code of conduct for the security professional. Describe the various types of evidence. Understand the actions needed to preserve the business in the face of major disruptions to normal business operations. Explain the disaster recovery planning steps. Be familiar with different network encryption methods, such as PKI, IPSec and SSL. Required Textbooks: Computer Security Art and Science, by Matt Bishop Cryptography and Network Security: Principles and Practice, 4rd Ed, by William Stallings TSEC/Information Assurance/August 2008 2 of 4 Prerequisites Students are expected to have gone through the following CBTs on the https://iatraining.us.army.mil/ website and bring a printout of the completion certificate for #3 or email it to Wade Berzett. 1. Site Usage and Introduction 2. HQDA IAA 3. Information Systems Security Monitoring Grading Information The final grades will be determined as follows: Class Participation and CBTs 5% Homework Assignments 40% Final Exam 55% According to the TSEC grading policy, students must receive a 70% overall average grade to pass this module, as well as a minimum of 70% on the Final exam. Course Requirements 1. Class Participation and CBTs (5%) Sessions 1 – 10. Prior to the first session, completion of assigned CBTs from the iatraining.us.army.mil site is required to provide students a common starting level of understanding. There are CBTs on the Retina Scan tool and Incident Handling that will be assigned as well. Prior to each session, students should complete the identified readings. Each student is expected to participate in the discussion, answer questions asked during the lecture, and ask questions as necessary. 2. Homework Assignments: (40%) Assigned Sessions 1 – 5. The volume of information in this module requires outside reading in the textbooks, and problem solving. Therefore, 3 homework assignments and problems will be assigned. Homework must be turned by 15:00 sharp on the due dates. 4. Final Examination. (55%) 11th session There will be an open-notes/open-book final examination designed to help students master the course content. The idea behind the final is to give you the chance to display what you’ve learned (terms/math/algorithms) and apply concepts to unseen problems (I propose a scenario that was not in class, the book, or the homework, and you figure out how to attack the problem). Plagiarism Refer to TSEC Management SOP paragraph 21. Do not locate and use an answer key. I’m warning you. Any problem that I pick out of the book has a wrong answer in the answer keys, or I altered the question. Readings TSEC/Information Assurance/August 2008 3 of 4 Except for the first day, please come to class having read the assigned reading. I will go light on the homework the first day to allow you to catch up. The Stallings book focuses more on cryptography, number theory, and protocols. The Bishop book has better descriptions of security policies and design principles. Bishop readings: in all chapters, the “Research Issues” and “Further Reading” sections are not required, read the examples if they are relevant Special Notes: Make sure that all assignments, due dates and other policies listed in this syllabus blend in well with your other obligations during this course. The course is conducted in accordance with the course syllabus, and it is your responsibility to ensure that you can invest the required time, effort, persistence, and energy to complete the module, as described in this syllabus. This is a demanding course and missing only a few assignments is very difficult to catch up - so stay with it throughout the module. Please alert me promptly to any additional meetings and/or exercises required of you outside the class. Working together on homework is encouraged; however, students must do/show their own work. CHEATING WILL NOT BE TOLERATED! You can ask Mr. Berzett about my ability to detect cheating. TSEC/Information Assurance/August 2008 4 of 4