CIS 253. Network Security

Transcription

1 CIS 253 Network Security Approved: May 6, 2011 EFFECTIVE DATE: Fall 2011

2 COURSE PACKAGE FORM Team Leader and Members Andra Goldberg, Matt Butcher, Steve Sorden, Dave White Date of proposal to Curriculum Sub-committee: 5/6/2011 Purpose: New _X_Change Retire If this is a change, what is being changed? (Check ALL that apply) Update Prefix Title Learning Units _X Competencies Format Change _X_ Course Description Course Number _X_ Textbook Credits Prerequisite Effective Semester/Year Fall 2011 Spring 20 Summer 20 COURSE INFORMATION Prefix & Number: Title: CIS 253 Network Security Catalog Course Description: This course presents network security concepts and discusses the tools and techniques necessary to safeguard computer stored data. Credit Hours: 3 Prerequisite(s) Lecture Hours: Lab Hours: 3 0 Prerequisite CIS 153 Network Essentials or Permission of Academic Chair Co-requisite(s) Does this course need a separately scheduled lab component? Yes Does this course require additional fees? If so, please explain. Yes X No X No Is there a similar course in the course bank? Yes (Please identify.) _X No Articulation: Is this course or an equivalent offered at other two and four-year universities in Arizona? No _X Yes (Identify the college, subject, prefix, number and title: Elective credit to ASU and NAU

3 Writing Across the Curriculum Rationale: Mohave Community College firmly supports the idea that writing can be used to improve education; students who write in their respective content areas will learn more and retain what they learn better than those who don t. Courses in the core curriculum have been identified as Writing Across the Curriculum courses. Minimum standards for the Writing Across the Curriculum riculum component are: 1. The writing assignments should total words. For example, a single report which is 1500 words in length OR a series of essay questions and short papers (example: four 375-word assignments) which total 1500 words could meet the requirement. 2. The writing component will represent at least 10% of a student s final grade in the course. Is this course identified as a Writing Across the Curriculum course? Yes X No (See addendum for writing rubrics) Intended Course Goals By the end of the semester, students will be able to: 1. Define security principles and recommended security baselines to assist organizations in defending against attacks on their networked computer systems and mobile systems such as tablets, netbooks and smart phones. 2. Through security policy and procedures, protect both internal and external communications from unauthorized access. 3. Identify the types of basic attacks, i.e. password guessing, social engineering, and identity attacks, and the best procedures to guard against these intrusions. 4. Use effective authentication methods including usernames and passwords, biometrics, and multifactor authentication methods. 5. Describe the steps necessary to secure a network infrastructure using security zones and Virtual Local Area Networks (VLANs). 6. Use Cryptography to create digital signatures and encryption so that information cannot be viewed by unauthorized users when it is transmitted or stored. 7. Design a security policy that includes a password management policy, privacy policy, and acceptable use policy (AUP). Course Competencies and Objectives By the end of the semester, students will be able to:

4 Competency 1 Define information security and identify the critical challenges for information security professionals Objective 1.1 List and define information security terminology Objective 1.2 List the challenges for security personnel when protecting a network from attacks including the speed of attacks, distributed attacks, and the need for faster detection of weaknesses Objective 1.3 Describe the general roles available in information security careers including security management, security engineering, and security administration. Competency 2 Describe attackers and their motives for harming systems that store, process, and exchange that information Objective 2.1 Develop attacker profiles Objective 2.2 Describe basic attacks and identity attacks Objective 2.3 Identify denial of service attacks Competency 3 Describe the basic principles for designing a secure system which includes access control, authentication, and auditing Objective 3.1 Describe security principles such as layering and obscuring critical data Objective 3.2 Use effective authentication methods Objective 3.3 Control access to computer systems and audit information security schemes Objective 3.4 List the steps necessary to disable nonessential systems and ensure updates to systems are conducted on a routine basis Competency 4 Create policies to protect the network and organizational infrastructure Objective 4.1 Design and/or document a network topology of an organization Objective 4.2 Secure removable media by establishing security policies and procedures Objective 4.3 Define a VLAN Virtual Local Area Network and its advantages and disadvantages when addressing security concerns Objective 4.4 Construct a security zone to separate secure users from outsiders Objective 4.5 Describe security provisions and unique security features needed for tablets, netbooks, smart phones, and other mobile devices. Competency 5 Develop the procedures necessary to protect electronic communication Objective 5.1 Define the common attacks of systems including malware, spam, and hoaxes Objective 5.2 Define repurposed programming or using programming tools in ways more harmful than for what they were originally intended as it relates to Web attacks Objective 5.3 Describe the steps necessary to protect Web communications using Secure Sockets Layer/Transport Layer Security protocol Objective 5.4 Define tunneling protocols as the technique of encapsulating one packet of data within another type to create a secure link of transportation, Competency 6 Explain cryptography concepts and define the terminology of encryption Objective 6.1 Define cryptography and security procedures using hashing algorithms Objective 6.2 List the steps to protect data with symmetric and asymmetric encryption algorithms Objective 6.3 Develop a digital signature to secure communication data Objective 6.4 Explain cryptography strengths and vulnerabilities Competency 7 Develop an operational security plan Objective 7.1 List the three most important procedures for developing a security plan, 1) establish a physical security perimeter, 2) establish a business continuity plan, and 3) plan for disaster recovery Objective 7.2 Define two types of defenses that are commonly referenced when shielding wireless signals: Telecommunications Electronics Material Protected from Emanating Spurious Transmissions, or TEMPEST and Faraday cage. Objective 7.3 Construct a disaster recovery plan (DRP) that addresses what to do if a major catastrophe occurs that could cause the organization to cease functioning

5 Competency 8 Develop a security policy for protecting computer information systems in an organization Objective 8.1 Design a security policy and that includes compliance monitoring and evaluation Objective 8.2 Describe the security policy cycle Objective 8.3 Define types of security policies including acceptable use policy, human resource policy, password management policy, privacy policy, disposal and destruction policy, and service-level agreement Competency 9 Develop a security management plan Objective 9.1 Define identity management and digital rights management Objective 9.2 Develop an effective training and education program for users Objective 9.3 Create a plan that considers changes in system architecture and classifications of sensitive documents Competency 10 Describe security careers and the skills necessary to become a security professional Objective 10.1 Define computer forensics and the proper response to an incident Objective 10.2 List information security jobs and skills Objective 10.3 Describe host intrusion prevention (HIP) and behavior blocking as two of the latest defenses in network security Teacher s Guide Course Textbook, Materials and Equipment Textbook(s) Title Security + Guide to Network Security Fundamentals, 4th ed. or most recent edition Author(s) Ciampa Publisher Course Technology ISBN Software/ Equipment Textbook Costs Title Author(s) Publisher ISBN Please indicate how much the textbook would cost if purchased through Barnes & Noble: $ Modality _X On-ground _X On-line Course Assessments Description of Possible Course Assessments (Essays, multiple choice, etc.) Exams standardized for this course? Midterm Final Other (Please specify): Are exams required by the department? Yes _X No If Yes, please specify: Where can faculty members locate or access the required

6 standardized exams for this course? (Contact Person and Location) Example: NCK Academic Chair Office Student Outcomes: Identify the general education goals for student learning that is a component of this course. Check all that apply: 1. Communicate effectively. a. Read and comprehend at a college level. b. Write effectively in a college setting. Method of Assessment Create a security procedures document for institutional policy. 2. Demonstrate effective quantitative reasoning and problem solving skills. 3. Demonstrate effective qualitative reasoning skills. Present solutions to case problems involving data security policies and procedures. 4. Apply effective methods of inquiry. a. Generate research paper by gathering information from varied sources, analyzing data and organizing information into a coherent structure. b. Employ the scientific method. 5. Demonstrate sensitivity to diversity a. Experience the creative products of humanity. b. Describe alternate historical, cultural, global perspectives.