CMSC-691U/CMSC-491U Syllabus
Special Topics in Computer Science
Security Administration and Policy
UMBC, Spring 2007
Meeting Time and Place
Tuesdays and Thursdays, 5:30–6:45pm, Room ACIV014
Section 0101.
Instructors
Geoff Weiss, CSEE Computer Systems Manager
Room: ITE-302
Phone: 410-455-3959
http://www.cs.umbc.edu/~gweiss/
Email: gweiss at cs.umbc.edu
Office Hours: Tuesdays/Thursdays, 4 p.m. - 5 p.m. (school days), and by appointment
William Farrell, CISSP, CISM
Director, Office of Systems Security Operations Management
Social Security Administration
Email: farrellw at umbc.edu
Email: willliam.l.farrell at ssa.gov
Home Phone: (410) 869-4811
Work Phone: (410) 965-2411
Office hours by appointment only
Instructor of Record (CMSC 691U only):
Alan Sherman, Associate Professor, Computer Science
Room: ITE-224
Phone: 410-455-2666
http://www.cs.umbc.edu/~sherman
Email: dralansherman at starpower.net
Office hour: Wednesday, 10 a.m. - 11:00 a.m., and by appointment
Course Description
In a networked computer environment, the need for a skilled system administrator has become
increasingly obvious. The System Administrator's job can be: assisting users, managing and designing
services and server in a local and possibly a remote network, be familiar with computer programming
for installing software and develop tools, and establish and recommend policies on system use.
In this class, some of the most essential aspects of system administration will be covered, giving
students the opportunity to develop the skills necessary to analyze and troubleshoot problems arising in
every day usage of complex networks, applying equally to single-user systems as well as large-scale
installations.
Topics covered include: operating system installation, shell programming, security policies, network
design, and software installation and maintenance.
This course covers the administration of multi-user computing facilities, including file, web, and mail
servers and their clients. Managing system security for systems and services will also be covered.
Students will have hands-on lab projects to apply the skills that is discussed in class.
The system security policy section of the course will cover all of the functions, topics, and sub-topics
of CNSSI 4012. This standard focuses on the laws underlying security requirements for Federal
information systems, the requirements for certification and accreditation of Federal information
systems, and the requirements of the security lifecycle.
Prerequisites
Junior, senior, or graduate status, or permission of instructor. Students from related fields are welcome,
including students from Information Systems, Policy Science, and Mathematics.
Objectives
This course has two main objectives: (1) To understand the client/server protocol of UNIX services
and be able to troubleshoot and apply proactive security measures following the “best-practice”
methodologies. (2) To expose students to Government requirements for Senior System Administrators
based on the National Information Assurance Training Standard for Senior System Managers (CNSSI
4012).
Required Work
Students in 491U and 691U will have 8-10 homework assignments ranging from solving problems
from the lecture material to computer lab hands-on practice in setting up and running a UNIX system.
Students in 691U will have one additional hands-on lab assignment. Students will be running their
own UNIX system through VMWare Workstation in the ITE 240 CS Lab.
Students in 491U will complete one written assignment demonstrating fluency and understanding of
system security terminology by defining a basic glossary of terms and using them in an appropriate
security related context. Students in 691U will complete the undergraduate assignment plus an
additional written assignment analyzing a contemporary system security incident and identifying the
laws, policies and guidelines applicable to the detection, prevention and/or forensic analysis of the
incident.
Grading Policy
Grades will be assigned as measures of performance on required activities. Semester grades will be
weighted as follows:
System Policy Total (25%): Attendance/Participation – 5%, Written Assignment(s) – 5%, Test – 15%.
Systems Administration Total (75%): UNIX Homework – 50%, Exams – 25%. Total 75%.
Each required activity will receive a numerical grade, to be interpreted as follows:
90–100 (A), 80–89 (B), 70–79 (C), 60–69 (D), 0–59 (F). Incomplete grades will be issued only for
serious medical reasons, or other such dire emergencies.
If a curve is applied to grades in this course, the CMSC-691U enrolled students will be separated from
the CMSC-491U enrolled students. A curve may be applied to one set and not the other. A curve with
different characteristics may be applied to each group. No curve may be applied to either group if the
standard distribution of grades meet the department's expectations.
Text
There is no required text.
References
The follow books are encouraged to be sought for reference:

``Essential System Administration'', 3rd Edition, by Æleen Frisch
ISBN: 0-596-00343-9,
Publisher: O'Reilly & Associates

``Unix System Administration Handbook'', 3rd Edition, by Evi Nemeth, Garth Snyder, Scott
Seebass, Trent R. Hein.
ISBN: 0-13-020601-6,
Publisher: Prentice Hall

``UNIX in a Nutshell'', 3rd Edition, by Arnold Robbins
ISBN: 1-56592-427-4
Publisher: O'Reilly & Associates

``Principles of Network and System Administration'', 2nd Edition, by Mark Burgess
ISBN: 0470868074
Publisher: John Wiley & Sons

``The Practice of System and Network Administration'', by Thomas A. Limoncelli & Christine
Hogan
ISBN: 0-20170-271-1
Publisher: Addison-Wesley

``Analytical Network and System Administration : Managing Human-Computer Systems'', by
Mark Burgess
ISBN: 0-470-86100-2
Publisher: Wiley & Sons
Web sites:
The System Administrators' Code of Ethics – http://www.sage.org/ethics/ethics.html
Job Descriptions for System Administrators – http://www.sage.org/field/jobs-descriptions.html
Committee on National Security Systems and CNSSI 4012 – http://www.cnss.gov/
National Institute of Standards and Technology – http://csrc.nist.gov/
UMBC Center for Information Security and Assurance (CISA)
This course meets the CISA specifications to be applied towards an Information Assurance certificate.
See http://www.cisa.umbc.edu/ for more details.
Academic Integrity
``By enrolling in this course, each student assumes the responsibilities of an active participant in
UMBC's scholarly community in which everyone's academic work and behavior are held to the highest
standards of honesty. Cheating, fabrication, plagiarism, and helping others to commit these acts are all
forms of academic dishonesty, and they are wrong. Academic misconduct could result in disciplinary
action that may include, but is not limited to, suspension or dismissal. To read the full Student
Academic Conduct Policy, consult the UMBC Student Handbook, the Faculty Handbook, or the
UMBC Policies section of the UMBC Directory (or for graduate courses, the Graduate School
website)’’ [from http://www.umbc.edu/provost/integrity].
One serious type of misconduct is plagiarism, which in its many forms, involves representing someone
else’s work as your own. For example, copying homework solutions found on the Internet is
misconduct. Buying, selling, acquiring term papers, or facilitating such activities, is also misconduct.
In this course, students are allowed and encouraged to work together while solving problems.
However, each student must write up his solution entirely independently, without looking at anyone
else’s written solution and without showing anyone his or her written solution.
Students are expected to be familiar with UMBC’s computer usage polices. Students who have
enrolled in security-related courses, including this one, have an especially high responsibility for
abiding by these policies. Any such student who violates these policies will be offered no leniency.
Course Schedule
Week 1
January 30
 Administrative activities
1. Introduction of instructors and students.
2. Schedule of classes and weekly topics
3. Review Syllabus.
 Overview of CNSSI No. 4012 and the 10 functional areas of competency for Senior System
Managers
 Introduction to UNIX
February 1
 File Systems and Disks
Week 2
February 6
 User/Group Access
February 8
 UNIX Shell Programming
Week 3
February 13
 UNIX Shell Programming, continued.
February 15



Information system classification schemes
Overview of CNSSI No. 4012 and the 10 functional areas of competency for Senior System
Managers
CNSSI 4012 Function—Verify Compliance
I.
Laws related to information assurance and security
II.
Policy directives
III.
Security requirements
Week 4
February 20
 Being root; ethics
February 22
 CNSSI 4012 Function—Ensure establishment of security controls
I. Administration
II. Access
III. Incident handling and response
IV. Continuity of operations planning
Week 5
February 27
 UNIX startup and shutdown
March 1
 CNSSI 4012 Function—Assess network security
I.
Connectivity
II. Emissions security (EMSEC) and TEMPEST
III. Wireless technology
Week 6
March 6
 UNIX Exam 1
March 8
 CNSSI 4012 Function—Define criticality and sensitivity
I.
Aggregation
II. Disclosure of classified/sensitive information
Week 7
March 13
 Regular Expressions
March 15
 CNSSI 4012 Function—Review Accreditation
I.
Threats
II.
Countermeasures
III.
Vulnerability
IV.
Risk management
Week 8
March 20
 Spring Break
March 22
 Spring Break
Week 9
March 27
 TCP Networks
March 29
 CNSSI 4012 Function—Ensure program managers define security in acquisitions
I.
Acqisition
II.
Lifecycle management
Week 10
April 3
 DNS and Routing
April 5
 CNSSI 4012 Function—Overview of remaining functions
Week 11
April 10
 inetd, RCP, NFS
April 12
 Review of CNSSI 4012 material
 Written assignments on CNSSI 4012 due
Week 12
April 17
 HTTP
April 19
 Exam covering CNSSI 4012 portion of class
Week 13
April 24
 SMTP
April 26
 Users
Week 14
May 1

Automation
May 3
 Logging
Week 15
May 8
 Backups
May 10
 Security
Week 16
May 15
 UNIX administration review.
May 17
 Final exam 6:00 p.m.