Catalog Description
Prerequisite: COSC 316 and either COSC 345 or COSC/IFMG 352
Explores mechanisms for protecting networks against attacks. Emphasizes network security applications that are used on the Internet and for corporate networks. Investigates various networking security standards and studies methods for enforcing and enhancing those standards.
Course Outcomes
Upon successful completion of this course, the student should be able to:
- Recognize the basic working principles of computer networks.
- Identify threats to network security.
- Distinguish between various protocols employed to secure networks.
- Utilize network security tools.
- Specify procedures for defending network systems.
- Develop network security policies.
- Specify procedures for recovery from attacks on networks.
Detailed Course Outline
- Review of Networking Fundamentals (3 hours)
- Network reference models (OSI and TCP/IP)
- Network protocols running at various layers (sliding window, PPP, CSMA/CD, IP, TCP, UDP, DNS, etc.)
- Application layer issues
- Network Security Concepts (3 hours)
- Network security definition
- Network protection mechanisms
- Authentication techniques (CHAP, Kerberos, biometrics, etc.)
- Intranets and Extranets
- Hardening software and hardware
- Network address translation
- Attacks to Networks and Countermeasures (10 hours)
- Attackers categorization and motivations
- Basic attacks (software exploits, Math attacks, password guessing, etc.)
- Malicious software
- Identity attacks (replay, session hijacking, etc.)
- Distributed denial of service attacks
- Network security countermeasures
- World Wide Web and Internet Security (6 hours)
- Vulnerabilities in the WWW
- Email and instant messenger security challenges
- FTP and remote access security issues
- Encryption Mechanisms for Network Operations (4 hours)
- Hashing algorithms and digital signature
- Symmetric and asymmetric encryption algorithms
- Public key infrastructure
- Digital certificates and key management
- Applications of cryptography in network security
- Security Protocols (6 hours)
- Secure Socket Layer and Transport Layer Security (SSL/TLS)
- Secure HTTP (HTTPS)
- Virtual Private Networks (VPNs) and tunneling protocols (PPTP & L2TP)
- Directory services (LDAP)
- Wireless security protocols (WEP, WTLS, etc.)
- Intrusion Detection and Prevention Systems (4 hours)
- Categories of IDS and IPS
- Components and deployment of IDS
- Maintenance and performance evaluation
- Organizational Security Issues (4 hours)
- Risk analysis and network modeling
- Assessing the security needs of an enterprise
- Security policies for network operations
- Disaster recovery and business continuity
- Two class tests (2 hours)
Total = 42 hours
Final Exam (during final exam week)
Grading Scale
The standard grading scale will be used.
90%+=A; 80 89%=B; 70 79%=C; 60 69%=D; below 60%=F
Evaluation Methods
- 20% Computer Lab assignments, attendance, and participation.
- 50% Examinations. Two in-class exams and a final exam. Examinations can be given in various formats.
- 30% Projects. Selected projects covering various aspects of network security, especially those that cannot be covered exhaustively in class discussions. This can include research paper(s), case studies, etc.
Textbook
Mark Ciampa, “Security+ Guide to Network Security Fundamentals”, 2nd Edition, Course Technology Incorporated, 2005, ISBN “0-619-21566-6”.
Attendance Policy
Class attendance is regarded as being very important. Individual faculty members may establish penalties for excessive numbers of unexcused absences. Excused absences will be allowed for illness, family emergencies, and involvement in university activities, such as sports. The penalties specified will meet university guidelines and be distributed to students with the course syllabus on the first day of class.
Special Resource Requirements
None
