CIS 250 NETWORK SECURITY JACKSON STATE COMMUNITY COLLEGE COURSE SYLLABUS

Transcription

1 CIS 250 NETWORK SECURITY JACKSON STATE COMMUNITY COLLEGE COURSE SYLLABUS Prerequisites: CIS 175 Course Description This course is designed to give students a fundamental understanding of computer and network security. It will introduce students to a wide variety of concepts related to computer security. This course will help prepare the student for the CompTIA Security + Certification. This course is one of the required courses for obtaining the NSTISSI 4011 and CNSSI 4013 certifications. NSTISSI 4011 Course Objectives NSTISSI 4011 Mapping Details CNSSI 4013 Course Objectives CNSSI 4013 Mapping Details General Objectives Textbook Security+ Guide to Network Security Fundamental. 3rd Edition. Ciampa, Course Technology, Other Reference Materials Air Force Instruction , Volume 3, Emission Security Countermeasures - AFI33-203V3, November Key Management Using ANSI X9.17, U.S. Department of commerce, OMB Circular A-130 NIST Special Publication , An Introduction to Computer Security, October NIST Special Publication , Information Technology Security Training Requirements: A Role- and Performance-Based Model, April NIST Special Publication , Guide for Developing Security Plans for Federal Information Systems, February NIST Special Publication , Security Self-Assessment Guide for Information Technology Systems, November NIST Special Publication , Risk Management Guide for Information Technology Systems, July NIST Special Publication , Contingency Planning Guide for Information Technology Systems, June 2002.

2 NIST Special Publication , Guide for the Security Certification and Accreditation of Federal Information Systems, May 2004 NIST Special Publication , Security Guide for Interconnecting Information Technology Systems, September NIST Special Publication , Building an Information Technology Security Awareness and Training Program, October NIST Special Publication , Recommended Security Controls for Federal Information Systems, December NIST Special Publication , Guideline for Identifying an Information System as a National Security System, August NIST Special Publication , Guide for Mapping Types of Information and Information Systems to Security Categories, June NIST Special Publication , Computer Security Incident Handling Guide, January NIST Special Publication , Security Considerations in the Information System Development Life Cycle, October NIST Special Publication , Guidelines for Media Sanitization, September NIST Special Publication , Information Security Handbook: A Guide for Managers, October CNSS Policy No. 6, National Policy on Certification and Accreditation of National Security Systems, October TEMPEST in a teapot: A note discussing the prevention of electromagnetic eavesdropping of personal computers. Grady Ward The Complete, Unofficial TEMPEST Information Page TEMPEST Information Page. This page is about surveillance technology. Class Participation/Quizzes/Homework Each student is expected to have all reading assignments and homework completed prior to coming to class. A 10% penalty per calendar day will be assessed for late assignments or homework. Tests Four exams, including a comprehensive final, will be given covering material from the text, handouts and class lectures. The tests may include multiple-choice, fill in the blank, short answer, matching, and essay questions. If it is necessary to miss an exam, it will be the student's responsibility to contact the instructor to arrange a time to make up the exam. Make-up exams may not be the same exam given during the regular exam date and must be taken prior to the final exam period. Grading Policy Each student's final grade will be determined by the following: Homework/Lab...70% Tests and Comprehensive Final...30% Total...100% Grading Scale A B C D F...69 or below

3 Attendance Policy Students are expected to attend all classes. After three hours of missed class time, 1 point will be deducted from the student's final grade for each additional one-hour of class time missed. It will be the student's responsibility to obtain all information missed. Tardiness to class will result in the equivalent of a one hour absence for every tardy. Course Format This course will use problem-based learning as its primary mode of knowledge discovery. It will be the student's responsibility to learn based on problems presented. Some classroom discussion periods will be used to clarify what is to be learned. Academic Honesty Plagiarism, cheating, and other forms of academic dishonesty are prohibited. Any student who is caught cheating on a test, exam, lab assignment, etc. will be given a grade of F for the entire course. Other Comments Jackson State will make reasonable accommodations for persons with documented physical, mental or learning disabilities. Students should notify their instructor and the Coordinator of Disabled Student Services located in the Counseling Office, Room 12 of the Student Union Building - of any special needs. Instructors should be notified the first week of class. All discussions remain confidential. No children allowed in the classroom. Cell phones and pagers must be turned off in the classroom. Ringing cell phones and audible pagers will negatively impact the student s class participation grade.

4 Network Security CIS 250 NSTISSI 4011Course Objectives G1. Describe the different types of software-based attacks G2. List types of hardware attacks G3. Define virtualization and explain how attackers are targeting virtual systems G4. Explain how to harden operating systems G5. List ways to prevent attacks through a Web browser G6. Define SQL injection and explain how to protect against it G7. Explain how to protect systems from communications-based attacks G8. Describe various software security applications G9. Explain the types of network vulnerabilities G10. List categories of network attacks G11. Define different methods of network attacks G12. Explain how to enhance security through network design G13. Define network address translation and network access control G14. List the different types of network security devices and explain how they can be used G15. Describe the basic IEEE wireless security protections G16. Define the vulnerabilities of open system authentication, WEP, and device authentication G17. Describe the WPA and WPA2 personal security models G18. Explain how enterprises can implement wireless security G19. Define access control and list the four access control models G20. Describe logical access control methods G21. Explain the different types of physical access control G22. Define authentication G23. Describe the different types of authentication credentials G24. List and explain the authentication models G25. Define authentication servers G26. Describe the different extended authentication protocols G27. Define risk and risk management G28. Describe the components of risk management G29. List and describe vulnerability scanning tools G30. Define privilege audits G31. Describe how usage audits can protect security G32. List the methodologies used for monitoring to detect security-related anomalies G33. Describe the different monitoring tools G34. Define cryptography G35. Describe hashing G36. List the basic symmetric cryptographic algorithms G37. Describe how asymmetric cryptography works G38. List types of file and file system cryptography G39. Explain how whole disk encryption works G40. Define digital certificates G41. List the various types of digital certificates and how they are used G42. Describe the components of Public Key Infrastructure (PKI) including G43. List the tasks associated with key management G44. Describe and domonstrate the different cryptographic transport protocols including how it is applied to dial-up, dedicated, end-to-end access control, public vs private networks. Also, IPSEC, PPP, PPTP and L2TP protocols are addressed as it applies to the transport, tunnel, AH and ESP modes G45. Define environmental controls G46. Describe the components of redundancy planning G47. List disaster recovery procedures G48. Describe incident response procedures G49. Define organizational security policy

5 G50. List the types of security policies G51. Discuss various technological policy and educational solutions relating to personnel/user issues, awareness, training and education, and computer support and operations. G52. Discuss personnel security practices and procedures G53. Explain and discuss examples of administrative security procedural controls including password policies, copyright protection, destruction procedures, computer misuse, repudiation, security plan preparation, sanitization and transportation of media G54. Describe access, control and storage of COMSEC material including destruction procedures for COMSEC material, identify and inventory COMSEC material, key management protocols (bundling, electronic key, over-the-air rekeying), report COMSEC incidents G55. Discuss TEMPEST Security with regards to attenuation, banding, cabling, filtered power, grounding, shielding, TEMPEST separation, zone of control/zoning G56. Students will complete an activities that involve identifying example policy and procedures related to physical security measures, personnel security practices and procedures G57. Students will configure mechanisms to protect information such as setting access privileges, create audit trails, configuring authentication settings, create and implement a password policy and set up auditing on network server. Students will participate in lab exercises using Wireshark to capture and examine network traffic G58. Describe software security policy and procedures including assurance, configuration management (change controls, documentation, programming standards and controls), software security mechanisms to protect information (access privileges, application security features, audit trails and logging, concept of least privilege), identification and authentication, internal labeling, malicious logic protection, need-to-know controls, operating systems security features and segregation of duties). G59. Students will examine samples, when applicable, and discuss security reviews, the effectiveness of security programs, investigations of security breaches, monitoring systems for accuracy and abnormalities, privacy, review of accountability controls, review of audit trails and logs, review of software design standards, verification, validation, testing, and evaluation processes

6 Network Security CIS 250 NSTISSI 4011Mapping Details (G) NSTISS Policies and Procedures: Course objectives G1 G21, G29, G51. Course lectures include an extensive review of the threat and vulnerabilities that exist in an AIS/telecommunications system. In addition, how to protect against these threats are both discussed and applied in various labs throughout the course. The NIST Handbook Special Publication NIST pdf Chapters 10, 13 and 14 discuss various technological policy and educational solutions relating to personnel/user issues, awareness, training and education, and computer support and operations. o (G1a) Physical Security Measures: The NIST Handbook Special Publication NIST pdf Chapter 15 and course objectives G19 G21, G56 covers alarms, building construction, cabling, communications centers, environmental controls (humidity and air conditioning), filtered power, information systems centers, physical access control systems (key cards, locks and alarms), power controls (regulator, uninterrupted power service (UPS), and emergency poweroff switch), protected distributed systems, shielding, stand-alone systems and peripherals and storage area controls. Students will complete an activity that involves identifying example policy and procedures related to physical security measures. These examples will be found on web sites such as o (G1b) Personnel Security Practices and Procedures: The NIST Handbook Special Publication NIST pdf Chapter 10 and 13 and course objectives G27 G28, G49 G50, G52, G56 discusses access authorization/verification (need-to-know), contractors, employee clearances, position sensitivity, security training and awareness (initial and refresher) and systems maintenance personnel. Students will complete an activity that involves identifying example policy and procedures related to personnel security practices and procedures. These examples will be found on web sites such as o (G1c) Software Security: The NIST Handbook Special Publication NIST pdf Chapters 9, 13, 14, 17 and 18 and course objectives G1 G7, G19 - G26 and G30 G33, G57 - G58 covers assurance, configuration management (change controls), configuration management (documentation), configuration management (programming standards and controls), software security mechanisms to protect information (access privileges), software security mechanisms to protect information (application security features), software security mechanisms to protect information (audit trails and logging), software security mechanisms to protect information (concept of least privilege), software security mechanisms to protect information (identification and authentication), software security mechanisms to protect information (internal labeling), software security mechanisms to protect information (malicious logic protection), software security mechanisms to protect information (need-to-know controls), software security mechanisms to protect information (operating systems security features), software security mechanisms to protect information (segregation of duties). Students will complete an activity that will require them to set configure mechanisms to protect information such as setting access privileges, create audit trails and configuring authentication settings. o (G1d) Network Security: The NIST Handbook Special Publication NIST pdf Chapter 19 and course objectives G19 - G21, G32 G33, G40 G44 covers dial-up vs dedicated, end-to-end access control, privileges (class, nodes), public vs private, traffic analysis. This chapter specifically addresses IPSEC and discuss transport protocol such as PPP, PPTP and L2TP. Students will participate in lab exercises using Wireshark to capture and examine network traffic. o (G1e) Administrative Security Procedural Controls: The NIST Handbook Special Publication NIST pdf Chapter 8, 10, 14 and 16, NIST Information Security Handbook: A Guide for Managers NIST pdf Chapter 3 and 8, NIST Guidelines for Media Sanitization NIST pdf Chapter 4 and course objectives G19 G21, G36 G37, G40 G42, G53, G57 discusses

7 attribution, construction, changing, issuing and deleting passwords, copyright protection and licensing, destruction of media, documentation, logs and journals, emergency destruction, external marking of media, media downgrade and declassification, preparation of security plans, reporting of computer misuse or abuse, repudiation, sanitization of media, transportation of media. Students will do a lab involving create and implement a password policy. o (G1f) Auditing and Monitoring: The NIST Handbook Special Publication NIST pdf Chapter 4 and 18, NIST Information Security Handbook: A Guide for Managers NIST pdf Chapter 7, and course objectives G30 G33, G57, G59 covers conducting security reviews, effectiveness of security programs, investigation of security breaches, monitoring systems for accuracy and abnormalities, privacy, review of accountability controls, review of audit trails and logs, review of software design standards, verification, validation, testing, and evaluation processes. Students will do a lab that will have them set up auditing on network server. They will them review logs that show the results of the audit. o (G1g) Cryptosecurity: The NIST Handbook Special Publication NIST pdf Chapter 19, and course objectives G34 G44 covers cryptovariable or key, electronic key management system and encryption/decryption method, procedure, algorithm. o (G1h) Key Management: The NIST Handbook Special Publication NIST pdf Chapter 19, Key Management Using ANSI X9.17.pdf and course objectives G34 G44, G54 covers access, control and storage of COMSEC material, destruction procedures for COMSEC material, identify and inventory COMSEC material, key management protocols (bundling, electronic key, over-the-air rekeying), report COMSEC incidents. o (G1i) Transmission Security: Covered in the CIS 175 course. o (G1j) TEMPEST SECURITY: AIR FORCE INSTRUCTION , VOLUME 3, EMISSION SECURITY COUNTERMEASURES - AFI33-203V3 TEMPEST.pdf Chapter 8, The NIST Handbook Special Publication NIST pdf Chapter 15, TEMPEST in a teapot, The Complete, Unofficial TEMPEST Information Page and course objectives G45 and G55 covers attenuation, banding, cabling, filtered power, grounding, shielding, TEMPEST separation, zone of control/zoning.

8 Network Security CIS 250 CNSSI 4013Course Objectives F1A1. Describe the basic IEEE wireless security protections and policies F1A2. Define, describe and identify EMSEC/TEMPEST Security procedures, controls and policies, identify the Certified EMSEC/TEMPEST Technical Authority (CTTA) and describe EMSEC/TEMPEST security countermeasures and safeguards F1A3. Describe and demonstrate the different cryptographic transport protocols including how it is applied to dial-up, dedicated, end-to-end access control, public vs private networks. Also, IPSEC, PPP, PPTP and L2TP protocols are addressed as it applies to the transport, tunnel, AH and ESP modes F1A4. List and describe the different types of network security devices and explain how they can be used F1A5. Define and describe network address translation and network access control including wide area network security policies F1A6. Explain how to enhance security through network design including policy development F1A7. Define and describe different methods of network attacks F1A8. List categories of network attacks F1A9. Explain the types of network vulnerabilities F1A10.Explain how to harden operating systems and discuss examples of procedures needed to assure operating systems security F1A11. List ways to prevent attacks through a Web browser F1A12.Define SQL injection and explain how to protect against it F1A13.Explain how to protect systems from communications-based attacks F1A14.Describe various software security applications F1A15.Students will complete lab activities that focus on hardening operating systems. F1A16.Students will complete activities that involve identifying example policy and procedures related to physical security measures, personnel security practices and procedures F1A17.Define and describe zoning and zone of control policy F1B1 Define environmental controls F1B2 Define, describe and identify EMSEC/TEMPEST Security procedures, controls and policies, identify the Certified EMSEC/TEMPEST Technical Authority (CTTA) and describe EMSEC/TEMPEST security countermeasures and safeguards F1B3 Describe and demonstrate the different cryptographic transport protocols including how it is applied to dial-up, dedicated, end-to-end access control, public vs private networks. Also, IPSEC, PPP, PPTP and L2TP protocols are addressed as it applies to the transport, tunnel, AH and ESP modes F1B4 Explain how to harden operating systems and discuss examples of procedures needed to assure operating systems security F1B5 List ways to prevent attacks through a Web browser F1B6 Define SQL injection and explain how to protect against it F1B7 Explain how to protect systems from communications-based attacks F1B8 Describe various software security applications F1B9 Students will complete lab activities that focus on hardening operating systems. F1B10 Define, describe and identify EMSEC/TEMPEST Security procedures, controls and policies, identify the Certified EMSEC/TEMPEST Technical Authority (CTTA) and describe EMSEC/TEMPEST security countermeasures and safeguards F1B11 Define, describe and identify EMSEC/TEMPEST Security procedures, controls and policies, identify the Certified EMSEC/TEMPEST Technical Authority (CTTA) and describe EMSEC/TEMPEST security countermeasures and safeguards F1D1 Define, describe and identify EMSEC/TEMPEST Security procedures, controls and policies, identify the Certified EMSEC/TEMPEST Technical Authority (CTTA) and describe EMSEC/TEMPEST security countermeasures and safeguards F1F1 Describe the different types of software-based attacks including Keyloggers

9 F1F2 List types of hardware attacks including Keyloggers F4A1 Define, describe and identify EMSEC/TEMPEST Security procedures, controls and policies, identify the Certified EMSEC/TEMPEST Technical Authority (CTTA) and describe EMSEC/TEMPEST security countermeasures and safeguards as it applies to the risk management process F4A2 Explain how to harden operating systems and discuss examples of procedures needed to assure operating systems security F4A3 List ways to prevent attacks through a Web browser F4A4 Define SQL injection and explain how to protect against it F4A5 Explain how to protect systems from communications-based attacks F4A6 Describe various software security applications F4A7 Students will complete lab activities that focus on hardening operating systems. F4A8 Describe what zoning and zone of control ratings are based F4A9 Address authentication, biometrics, access, access control software, account management and procedures with the work force and staff and describe data access F4B1 Define and describe decentralized/distributed single sign on, discretionary and mandatory access controls and security domains F4B2 describe access control physical, logical, and administrative configurations, access rights and permissions, techniques and policies and identify access control attacks F4B3 Explain how to harden operating systems and discuss examples of procedures needed to assure operating systems security F4B4 List ways to prevent attacks through a Web browser F4B5 Define SQL injection and explain how to protect against it F4B6 Explain how to protect systems from communications-based attacks F4B7 Describe various software security applications F4B8 Students will complete lab activities that focus on hardening operating systems. F4E1 Explain how to harden operating systems and discuss examples of procedures needed to assure operating systems security F4E2 List ways to prevent attacks through a Web browser F4E3 Define SQL injection and explain how to protect against it F4E4 Explain how to protect systems from communications-based attacks F4E5 Describe various software security applications F4E6 Students will complete lab activities that focus on hardening operating systems. F5A1 Address authentication, biometrics, access, access control software, account management and procedures with the work force and staff and describe data access F5A2 Define decentralized/distributed single sign on, discretionary and mandatory access controls and security domains F5B1 Address authentication, biometrics, access, access control software, account management and procedures with the work force and staff and describe data access F5C1 Define and describe decentralized/distributed single sign on, discretionary and mandatory access controls and security domains F5C2 Address authentication, biometrics, access, access control software, account management and procedures with the work force and staff and describe data access

10 o o Network Security CIS 250 CNSSI 4013 Mapping Details (F1) Function 1 Secure Use (F1A) General Security Policy (F1A15) Wireless Security. The course textbook identifies organizational wireless security policies. Course objective F1A1 (F1A16) EMSEC/TEMPEST (Emanations Security/Short name referring to the investigation, study, and control of compromising emanations from IS equipment): TEMPEST SECURITY: AIR FORCE INSTRUCTION , VOLUME 3, EMISSION SECURITY COUNTERMEASURES - AFI33-203V3 TEMPEST.pdf Chapter 8, The NIST Handbook Special Publication NIST pdf Chapter 15, TEMPEST in a teapot, The Complete, Unofficial TEMPEST Information Page and course textbook define, describe and identify EMSEC/TEMPEST security and control policies. Course objectives F1A2 and F1A3 o (F1A29) Network: The NIST Handbook Special Publication NIST pdf Chapter 19 and the course textbook describe computer network defense, policies relevant to network security and wide area network security policies. Course objectives F1A4 F1A9 o (F1A30) Operating System: Course textbook defines functional requirements for operating system integrity. Course objectives F1A10 F1A15 o (F1A33) Physical Security: The NIST Handbook Special Publication NIST pdf Chapter 15 and the course textbook define physical security. Course objective F1A16 o (F1A45) Zone: TEMPEST SECURITY: AIR FORCE INSTRUCTION , VOLUME 3, EMISSION SECURITY COUNTERMEASURES - AFI33-203V3 TEMPEST.pdf Chapter 8, The NIST Handbook Special Publication NIST pdf Chapter 15, TEMPEST in a teapot, The Complete, Unofficial TEMPEST Information Page and course textbook define and describe zoning and zone of control policies. Course objective F1A17 (F1B) General Procedures o (F1B9) EMSEC/TEMPEST: TEMPEST SECURITY: AIR FORCE INSTRUCTION , VOLUME 3, EMISSION SECURITY COUNTERMEASURES - AFI33-203V3 TEMPEST.pdf Chapter 8, The NIST Handbook Special Publication NIST pdf Chapter 15, TEMPEST in a teapot, The Complete, Unofficial TEMPEST Information Page and course textbook define and identify EMSEC/TEMPEST security procedures and identify certified EMSEC/TEMPEST technical authority (CTTA). Course objectives F1B2 F1B3 o (F1B18) IPSEC: Course textbook discusses IPSEC authentication and confidentiality. Course objective F1B3 o (F1B25) Operating System: Course textbook defines and describes operating systems security procedures. Student will be required to complete lab activities that focus on hardening operating systems. Course objectives F1B4 F1B9 (F1D) General Awareness, Training and Education (AT&E) o (F1D10) EMSEC/TEMPEST: TEMPEST SECURITY: AIR FORCE INSTRUCTION , VOLUME 3, EMISSION SECURITY COUNTERMEASURES - AFI33-203V3 TEMPEST.pdf Chapter 8, The NIST Handbook Special Publication NIST pdf Chapter 15, TEMPEST in a teapot, The Complete, Unofficial TEMPEST Information Page and course

11 textbook describe EMSEC/TEMPEST security countermeasures and safeguards. Course objective F1D1 (F1F) Operations Policies/Procedures o (F1F9) Privacy: Course textbook outlines known means of keystroke monitoring. Course objectives F1F1 F1F2 (F4A3) EMSEC/TEMPEST: TEMPEST SECURITY: AIR FORCE INSTRUCTION , VOLUME 3, EMISSION SECURITY COUNTERMEASURES - AFI33-203V3 TEMPEST.pdf Chapter 8, The NIST Handbook Special Publication NIST pdf Chapter 15, TEMPEST in a teapot, The Complete, Unofficial TEMPEST Information Page and course textbook defines and describes EMSEC/TEMPEST security as it relates to the risk management process. Course objective F4A1 (F4A8) Operating Systems: The course textbook describes operating system integrity. Course objectives F4A2 F4A7 (F4A11) Zone: TEMPEST SECURITY: AIR FORCE INSTRUCTION , VOLUME 3, EMISSION SECURITY COUNTERMEASURES - AFI33-203V3 TEMPEST.pdf Chapter 8, The NIST Handbook Special Publication NIST pdf Chapter 15, TEMPEST in a teapot, The Complete, Unofficial TEMPEST Information Page and course textbook describe what zoning and zone of control ratings are based. Course objective F4A8 (F4B1) Access Control: The NIST Handbook Special Publication Chapter 2, 5, 15, 16 and 17 and the course textbook addresses access control software management and procedures with the work force and staff, defines decentralized/distributed single sign on, discretionary and mandatory access controls and security domains. These sources also describe access control physical, logical, and administrative configurations, access rights and permissions, techniques and policies and identify access control attacks. Course objectives F4B1 F4B3 (F4B9) Operating Systems: The course textbook describes operating system security features. Course objectives F4B3 F4B8 (F4E4) Operating Systems: The course textbook describes operating system security features. Course objectives F4E1 F4E6 (F5A1) Access Control: The NIST Handbook Special Publication Chapter 2, 5, 15, 16 and 17 and the course textbook addresses access control software management and procedures with the work force and staff, access management and procedures with the work force and staff, access account management procedures with work force and describe data access. Course objectives F5A1 and F5A2 (F5A2) Accounts: The NIST Handbook Special Publication Chapter 2, 5, 15, 16 and 17 and the course textbook addresses account management with staff. Course objective F5A1 (F5A3) Authentication: The NIST Handbook Special Publication Chapter 2, 5, 15, 16 and 17 and the course textbook address authentication procedures with work force and staff. Course objective F5A1 (F5A5) Biometrics: The NIST Handbook Special Publication Chapter 2, 5, 15, 16 and 17 and the course textbook address biometric access management with staff. Course objective F5A1 (F5B2) Authentication: The NIST Handbook Special Publication Chapter 2, 5, 15, 16 and 17 and the course textbook address authentication procedures with work force and staff. Course objective F5B1 (F5B3) Biometrics: The NIST Handbook Special Publication Chapter 2, 5, 15, 16 and 17 and the course textbook address biometric access management with staff. Course objective F5B1 (F5C1) Access Control: The NIST Handbook Special Publication Chapter 2, 5, 15, 16 and 17 and the course textbook define and describe discretionary and mandatory access controls. Course objectives F5C1 (F5C4) Biometrics: The NIST Handbook Special Publication Chapter 2, 5, 15, 16 and 17 and the course textbook describe biometrics. Course objective F5C2

12 Network Security CIS 250 General Course Objectives 1. Address authentication, biometrics, access, access control software, account management and procedures with the work force and staff and describe data access 2. Define access control and list the four access control models 3. Define and describe decentralized/distributed single sign on, discretionary and mandatory access controls and security domains 4. Define and describe different methods of network attacks 5. Define and describe network address translation and network access control including wide area network security policies 6. Define and describe zoning and zone of control policy 7. Define authentication 8. Define authentication servers 9. Define cryptography 10. Define decentralized/distributed single sign on, discretionary and mandatory access controls and security domains 11. Define different methods of network attacks 12. Define digital certificates 13. Define environmental controls 14. Define information security and explain why it is important 15. Define network address translation and network access control 16. Define organizational security policy 17. Define penetration testing 18. Define privilege audits 19. Define risk and risk management 20. Define SQL injection and explain how to protect against it 21. Define the vulnerabilities of open system authentication, WEP, and device authentication 22. Define virtualization and explain how attackers are targeting virtual systems 23. Define, describe and identify EMSEC/TEMPEST Security procedures, controls and policies, identify the Certified EMSEC/TEMPEST Technical Authority (CTTA) and describe EMSEC/TEMPEST security countermeasures and safeguards as it applies to the risk management process 24. Describe access control physical, logical, and administrative configurations, access rights and permissions, techniques and policies and identify access control attacks 25. Describe access, control and storage of COMSEC material including destruction procedures for COMSEC material, identify and inventory COMSEC material, key management protocols (bundling, electronic key, over-the-air rekeying), report COMSEC incidents 26. Describe and demonstrate the different cryptographic transport protocols including how it is applied to dial-up, dedicated, end-to-end access control, public vs private networks. Also, IPSEC, PPP, PPTP and L2TP protocols are addressed as it applies to the transport, tunnel, AH and ESP modes 27. Describe hashing 28. Describe how asymmetric cryptography works 29. Describe how education and training can limit the impact of social engineering 30. Describe how usage audits can protect security 31. Describe incident response procedures 32. Describe logical access control methods 33. Describe software security policy and procedures including assurance, configuration management (change controls, documentation, programming standards and controls), software security mechanisms to protect information (access privileges, application security features, audit trails and logging, concept of least privilege), identification and authentication, internal labeling, malicious logic protection, need-to-know controls, operating systems security features and segregation of duties). 34. Describe the basic IEEE wireless security protections and policies

13 35. Describe the challenges of securing information 36. Describe the components of Public Key Infrastructure (PKI) 37. Describe the components of redundancy planning 38. Describe the components of risk management 39. Describe the different cryptographic transport protocols 40. Describe the different extended authentication protocols 41. Describe the different monitoring tools 42. Describe the different types of authentication credentials 43. Describe the different types of software-based attacks 44. Describe the different types of software-based attacks including Keyloggers 45. Describe the five steps in a defense 46. Describe the WPA and WPA2 personal security models 47. Describe various software security applications 48. Describe what zoning and zone of control ratings are based 49. Discuss personnel security practices and procedures 50. Discuss TEMPEST Security with regards to attenuation, banding, cabling, filtered power, grounding, shielding, TEMPEST separation, zone of control/zoning 51. Discuss various technological policy and educational solutions relating to personnel/user issues, awareness, training and education, and computer support and operations. 52. Explain and discuss examples of administrative security procedural controls including password policies, copyright protection, destruction procedures, computer misuse, repudiation, security plan preparation, sanitization and transportation of media 53. Explain how a virtual private network functions 54. Explain how enterprises can implement wireless security 55. Explain how to enhance security through network design 56. Explain how to enhance security through network design including policy development 57. Explain how to harden operating systems 58. Explain how to harden operating systems and discuss examples of procedures needed to assure operating systems security 59. Explain how to protect systems from communications-based attacks 60. Explain how whole disk encryption works 61. Explain the different types of information security careers and how the Security+ certification can enhance a security career 62. Explain the different types of physical access control 63. Explain the types of network vulnerabilities 64. Identify the types of attackers that are common today 65. List and describe the different types of network security devices and explain how they can be used 66. List and describe vulnerability scanning tools 67. List and explain the authentication models 68. List categories of network attacks 69. List disaster recovery procedures 70. List the basic steps of an attack 71. List the basic symmetric cryptographic algorithms 72. List the different types of network security devices and explain how they can be used 73. List the methodologies used for monitoring to detect security-related anomalies 74. List the tasks associated with key management 75. List the types of security policies 76. List the various types of digital certificates and how they are used 77. List types of file and file system cryptography 78. List types of hardware attacks 79. List types of hardware attacks including Keyloggers 80. List ways to prevent attacks through a Web browser 81. Students will complete activities that involve identifying example policy and procedures related to physical security measures, personnel security practices and procedures 82. Students will complete lab activities that focus on hardening operating systems.

14 83. Students will configure mechanisms to protect information such as setting access privileges, create audit trails, configuring authentication settings, create and implement a password policy and set up auditing on network server. Students will participate in lab exercises using Wireshark to capture and examine network traffic 84. Students will examine samples, when applicable, and discuss security reviews, the effectiveness of security programs, investigations of security breaches, monitoring systems for accuracy and abnormalities, privacy, review of accountability controls, review of audit trails and logs, review of software design standards, verification, validation, testing, and evaluation processes 85. Students will participate in lab exercises using Wireshark to capture and examine network traffic