CIS 156. Firewalls and Intrusion Detection

Transcription

1 CIS 156 Firewalls and Intrusion Detection Approved: May 6, 2011 EFFECTIVE DATE: Fall 2011

2 COURSE PACKAGE FORM Team Leader and Members Andra Goldberg, Matt Butcher, Dave White, Steve Sorden Date of proposal to Curriculum Sub-committee: 5/6/2011 Purpose: New _X_Change Retire If this is a change, what is being changed? (Check ALL that apply) Update Prefix Title Learning Units _X Competencies Format Change _X_ Course Description Course Number _X_ Textbook Credits Prerequisite Effective Semester/Year Fall 2011 Spring 20 Summer 20 COURSE INFORMATION Prefix & Number: Title: CIS 156 Firewalls and Intrusion Detection Catalog Course Description: This course presents basic concepts of network firewall security to prevent intrusion and destruction of computerized information. Credit Hours: 3 Prerequisite(s) Lecture Hours: Lab Hours: 3 0 CIS 153 Network Essentials or permission of Academic Chair Co-requisite(s) Does this course need a separately scheduled lab component? Yes Does this course require additional fees? If so, please explain. Yes _X No _X No Is there a similar course in the course bank? Yes (Please identify.) _X No Articulation: Is this course or an equivalent offered at other two and four-year No X_Yes (Identify the college, subject,

3 universities in Arizona? prefix, number and title: Elective credit at ASU and NAU Writing Across the Curriculum Rationale: Mohave Community College firmly supports the idea that writing can be used to improve education; students who write in their respective content areas will learn more and retain what they learn better than those who don t. Courses in the core curriculum have been identified as Writing Across the Curriculum courses. Minimum standards for the Writing Across the Curriculum riculum component are: 1. The writing assignments should total words. For example, a single report which is 1500 words in length OR a series of essay questions and short papers (example: four 375-word assignments) which total 1500 words could meet the requirement. 2. The writing component will represent at least 10% of a student s final grade in the course. Is this course identified as a Writing Across the Curriculum course? Yes _X No (See addendum for writing rubrics) Intended Course Goals. By the end of the semester, students will be able to: 1. Describe the types and limitations of firewall protection and be able to determine the best hardware and software selections for effective protection. 2. Develop a security policy that defines the responses to security violations and that also reflect an organization s overall security approach. 3. Identify different firewall configuration strategies based on the needs and desired security level of an organization. 4. Configure firewall software and hardware to authenticate and identify users and encrypt data. 5. List the components and essential operations of Virtual Private Networks (VPNs) and create VPN setups such as mesh or hub-and-spoke configurations. 6. Develop an Intrusion Detection System (IDS) and describe appropriate filter rules. Course Competencies and Objectives Competency 1 Explain the basic concepts of network security Objective 1.1 Define the TCP/IP networking design Objective 1.2 Describe the threats to network security Objective 1.3 Explain the goals of network security Objective 1.3 Describe a layered approach to network defense Competency 2 Describe the fundamental concepts and different approaches in analyzing risk analysis Objective 2.1 Explain the process of risk analysis Objective 2.2 Describe the recommended techniques to minimize risk Objective 2.3 Develop a security policy that addresses how an organization should respond to

4 an attach and the procedure for employees to safely handle data and resources Competency 3 Formulate a security policy and identify security policy procedures Objective 3.1 Explain best practices in security policies including gathering support from every level in the company and keeping these policies current Objective 3.2 Explain the importance of ongoing risk analysis and define incident-handling Objective 3.3 Describe the components of conducting risk assessments and security reviews Competency 4 Analyze network traffic signatures as they relate to suspicious events Objective 4.1 Describe the concepts of signature analysis Objective 4.2 Detect normal and suspicious traffic signatures Objective 4.3 Explain the Common Vulnerabilities and Exposures (CVE) standard Competency 5 Explain basic Virtual Private Network (VPN ) concepts Objective 5.1 Define encapsulation, encryption, and authentication in VPNs Objective 5.2 Summarize the advantages and disadvantages of VPNs Objective 5.3 Discuss the rationale for developing a VPN in a business including convenience and cost effectiveness as compared to the higher security risks of such a system Competency 6 Implement a VPN Objective 6.1 Describe the steps and software necessary to configure a VPN with and without firewalls Objective 6.2 Construct packet-filtering rules for VPNs Objective 6.3 Develop appropriate guidelines for auditing VPNs and VPN policies Competency 7 Identify the components of an Intrusion Detection System (IDS) Objective 7.1 List the appropriate steps of detecting unauthorized access to a networked system including : gathering data, sending alert messages, and automatic responses from an IDS system Objective 7.2 Describe options for implementing intrusion detection systems Objective 7.3 Evaluate different types of IDS products Competency 8 Configure an IDS and create filter rules Objective 8.1 Construct a security incident response team or contact person for your organization Objective 8.2 Explain the six-step incident response process Objective 8.3 Describe the recommended procedure in responding to false alarms to reduce reoccurrences Competency 9 Evaluate firewall hardware and software options Objective 9.1 List the functions of a firewalls Objective 9.2 Create a set of rules and restrictions for a firewall Objective 9.3 Compare the reliability, costs, and difficulty of implementation of various hardware and software firewalls Competency 10 Describe the requirements for securing network perimeters Objective 10.1 Define a bastion host and its function as a gateway between an inside and an outside network Objective 10.2 Explain how to supplement a firewall with a proxy server Objective 10.3 List the considerations necessary when deciding what type of authentication to use: user, session, or client Competency 11 Describe the recommended procedures in firewall management to improve security of digital information Objective 11.1 Manage firewalls to improve security Objective 11.2 Describe the types of log files that most of the firewalls offer, including: security, system, traffic, active, and audit logs Objective 11.3 Explain the parameters needed when choosing a firewall computer including the processor speed, amount of available Random Access Memory (RAM), and cache storage Competency 12 Develop procedures to manage and improve information security Objective 12.1 Compare the advantages and disadvantages of centralized data collection Objective 12.2 Describe the events that you need to monitor, including: logins, creation of

5 user accounts and groups, correct handling of attachments, backups, and antivirus scanning and control Objective 12.3 Describe the steps for training your security personnel to respond to security incidents and the importance of keeping informed of industry trends and innovations in the security field Teacher s Guide Course Textbook, Materials and Equipment Textbook(s) Title Guide to Firewalls and VPNs, 3rd Edition or most recent edition Author(s) Weaver Publisher Course Technology 2011 ISBN Software/ Equipment Textbook Costs Title Author(s) Publisher ISBN Please indicate how much the textbook would cost if purchased through Barnes & Noble: $ Modality X On-ground X On-line Course Assessments Description of Possible Course Assessments (Essays, multiple choice, etc.) Exams standardized for this course? Midterm Final Other (Please specify): Are exams required by the department? Yes _X No If Yes, please specify: Where can faculty members locate or access the required standardized exams for this course? (Contact Person and Location) Example: NCK Academic Chair Office Student Outcomes: Identify the general education goals for student learning that is a component of this course. Check all that apply: 1. Communicate effectively. a. Read and comprehend at a college level. b. Write effectively in a college setting. 2. Demonstrate effective quantitative reasoning and Method of Assessment Develop a security policy plan for distribution to all employees in an organization.

6 problem solving skills. 3. Demonstrate effective qualitative reasoning skills. Evaluate security options for effectiveness and costs to prevent loss of information data. 4. Apply effective methods of inquiry. a. Generate research paper by gathering information from varied sources, analyzing data and organizing information into a coherent structure. b. Employ the scientific method. 5. Demonstrate sensitivity to diversity a. Experience the creative products of humanity. b. Describe alternate historical, cultural, global perspectives.