Principles of Information Assurance Syllabus



Similar documents
Information Technology Cluster

Track 2: Introductory Track PREREQUISITE: BASIC COMPUTER EXPERIENCE

SCP - Strategic Infrastructure Security

Table of Contents. Introduction. Audience. At Course Completion

167 th Air Wing Fast Track Cyber Program Blue Ridge Community and Technical College

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

167 th Air Wing Fast Track Cyber Security Blue Ridge Community and Technical College

LINUX / INFORMATION SECURITY

CCNA Security v1.0 Scope and Sequence

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

E M P I R E C O L L E G E

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Information Technology Career Cluster Advanced Cybersecurity Course Number:

Managing and Maintaining a Microsoft Windows Server 2003 Environment

Network Security Administrator

FORBIDDEN - Ethical Hacking Workshop Duration

CSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security

Loophole+ with Ethical Hacking and Penetration Testing

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

Bellevue University Cybersecurity Programs & Courses

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY

Windows 7, Enterprise Desktop Support Technician

CCNA Security v1.0 Scope and Sequence

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

Security + Certification (ITSY 1076) Syllabus

Minnesota State Community and Technical College Detroit Lakes Campus

Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks

Course overview. CompTIA A+ Certification (Exam ) Official Study Guide (G188eng verdraft)

Introduction to Cyber Security / Information Security

A Systems Engineering Approach to Developing Cyber Security Professionals

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

"Charting the Course to Your Success!" MOC D Windows 7 Enterprise Desktop Support Technician Course Summary

Fundamentals of a Windows Server Infrastructure Course 10967A; 5 Days, Instructor-led

CYBERTRON NETWORK SOLUTIONS

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

NETWORK SECURITY (W/LAB) Course Syllabus

EC-Council Ethical Hacking and Countermeasures

Security for. Industrial. Automation. Considering the PROFINET Security Guideline

Hackers are here. Where are you?

Windows 7, Enterprise Desktop Support Technician Course 50331: 5 days; Instructor-led

FedVTE Training Catalog SPRING advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

Associate in Science Degree in Computer Network Systems Engineering

APPLICATION FOR BOARD APPROVAL. of Locally Developed Course. MCP CERTIFICATION 11/12a/12b/12c

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

Troubleshooting and Supporting Windows 7 in the Enterprise

Administering Microsoft Exchange Server ; 5 Days, Instructor-led

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

ADMINISTERING MICROSOFT EXCHANGE SERVER 2016

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs

Critical Controls for Cyber Security.

External Supplier Control Requirements

How are we keeping Hackers away from our UCD networks and computer systems?

CCA CYBER SECURITY TRACK

Module 3: Resolve Software Failure This module explains how to fix problems with applications that have problems after being installed.

EC Council Certified Ethical Hacker V8

information security and its Describe what drives the need for information security.

Information Systems Security Certificate Program

CCNA Security 2.0 Scope and Sequence

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

FedVTE Training Catalog SUMMER advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

Certified Ethical Hacker (CEH)

Table of Contents. Introduction. Audience. At Course Completion

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

For more information, please contact Anne Arundel Community College s Center for Workforce Solutions at

Course Description. Course Audience. Course Outline. Course Page - Page 1 of 12

Managing and Maintaining Windows Server 2008 Servers

Build Your Own Security Lab

IT and Cyber Security Training Courses

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Medical Image Manager (MIM) Version 6.1.

Installing and Configuring Windows Server 2012

Configuring, Managing and Maintaining Windows Server 2008 Servers

Brandman University. School of CCNA

Web Security School Final Exam

Cisco Certified Security Professional (CCSP)

Preliminary Course Syllabus

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA

Network Security Foundations

Web Security School Entrance Exam

NOTE: Labs in this course are based on the General Availability release of Windows Server 2012 R2 and Windows 8.1.

Remote Administration

What IT Auditors Need to Know About Secure Shell. SSH Communications Security

Diploma in Network (LAN/WAN) Administration

AV-006: Installing, Administering and Configuring Windows Server 2012

White Paper: Consensus Audit Guidelines and Symantec RAS

Computer System Security Updates

Networking: EC Council Network Security Administrator NSA

Installing and Configuring Windows Server 2012

INFORMATION SECURITY TRAINING CATALOG (2015)

Thanks for showing interest in Vortex IIT Delhi & What After College (WAC) Ethical Hacking Workshop.

Table Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10

CompTIA Security+ (Exam SY0-410)

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

Transcription:

Course Number: Pre-requisite: Career Cluster/Pathway: Career Major: Locations: Length: 8130 (OHLAP Approved) Fundamentals of Technology or equivalent industry certifications and/or work experience. Information Technology/Network Systems Computer Security Specialist, Cyber Security Compliance Specialist, Cyber Security Forensics Specialist, Cyber Security Professional (Networking Emphasis), Network Security Compliance Technician, Network Security Professional (Networking Emphasis), Network Security Professional (Systems Emphasis), Network Security Technician, Network Systems and Data Communications Analyst, Supervisory Control and Data Acquisition Technician (SCADA) Various Technology Centers across Oklahoma ½ Carnegie Unit (60 hours theory/ 30 hours lab) Course Description: Students will be introduced to basic security principles, giving the student an understanding of the current threats and vulnerabilities of the cyber landscape, plus other topics relating to the information assurance field. Specific Learning Competencies - Upon successful completion of this course, the student will be able to: 1. Ethics: In this topic, students learn the importance of recognizing and practicing ethical behavior in computer security and its related fields. A score of 100 percent is required before moving on to the next module. The student signs an ethical behavior agreement. a. Gain an insight into what makes up computer ethics. b. Examine and discuss the hacker mentality through a review of a hacker s manifesto. c. Review the Ten Commandments of Computer Ethics. d. Read and sign a computer ethics statement. 2. Security Concepts: In this topic, students explore the core concepts and components of computer, network, and physical security. Principles of Information Assurance Page 1

a. Examine and understand the general security concepts and relationships outlined in the Common Criteria. b. Identify and describe each component of the security CIA triad. c. Distinguish between the roles of identification, authentication, and nonrepudiation. d. Define and explain the operational model of security. e. Compare and contrast host and network security. f. Describe the concept of least privilege in security. g. Explain the importance of layered and diversified security with minimal complexity. h. List and describe the three methods of access control. i. Compare and contrast the confidentiality and integrity security models, providing examples of each. j. Explain the roles of security policies, standards, guidelines, and procedures. k. List and describe six security concerns associated with people. l. Identify two components of physical security and discuss the implications presented by wireless networks. m. Explore security issues related to the physical environment. n. Explain the importance of business continuity planning and disaster recovery. o. Research, define and describe security risks associated with several common categories of malware and scripting languages. p. Research, define and explore common cryptographic terms and concepts. 3. Physical Security: In this topic, students identify the physical security measures used to secure not only automated information systems hardware and software, but also those used to secure the facilities in which those systems are housed. a. Identify the principles of physical security. b. Learn ways to mitigate risk as concerned with physical security. c. Complete a physical security checklist in regards to your own facility. 4. Identifying Security Threats and Attack Techniques: In this topic, students discover the common threats to which automated information systems are exposed, and the countermeasures used to mitigate those threats. Given examples, students learn how to map networks, identify network operating system types, and scan for potential holes in those operating systems. The concepts behind viruses, worms, and Trojan Horses are examined. Students will identify password-cracking techniques, and explore and discuss basic scripting techniques. a. Explore, discuss, and identify social engineering attack techniques. b. Describe audit attacks. c. Identify hardware attacks. d. Identify the major categories of network threats. Principles of Information Assurance Page 2

e. Differentiate between a virus, a worm, and a Trojan horse. f. Identify the elements of a virus protection plan. g. Identify the components of local network security. h. Identify network authentication methods. i. Identify major data encryption methods and technologies. j. Identify the primary techniques used to secure Internet connections. k. Define the process of network reconnaissance. l. Map, sweep, and scan a network. m. Perform local and remote Vulnerability Scanning. n. Gain control over a network system. o. Record keystrokes with software and hardware. p. Crack encrypted passwords on Linux and Microsoft machines. q. Investigate potential ways that unauthorized administrator access can be achieved. r. Hide the evidence from an attack. s. Perform a Denial of Service on a target host. 5. Common Criteria: In this topic, students are introduced to the Common Criteria (CC), including its historical development, and terms and definitions. Students explore CC literature, including CC Parts 1, 2, and 3, and the CC Users Guide. Students identify the roles of Protection Profiles (PP), Security Targets (ST), and Targets of Evaluation (TOE) in the certification process. Security Functional Requirements and Security Assurance Requirements are reviewed in order to show how selected functional and assurance components are suitable to counter the threats in an intended environment. The seven Evaluation Assurance Levels (EALs) are examined, assessing the rising scale of assurance associated with the increasing rigor represented by each EAL. a. Understand the history and function of the Common Criteria. b. Identify the terms and definitions used in the Common Criteria. c. Define and identify the roles of Protection Profiles, Security Targets, and Targets of Evaluation in the certification process. d. Consider how the Common Criteria serves the interests of its target audience (TOE consumers, TOE developers, and TOE evaluators). e. Identify and define the seven Evaluation Assurance Levels used in the Common Criteria. f. Identify the general purpose of each Functional Class and explore the families, components, and elements comprised therein. g. Identify the general purpose of each Assurance Class and explore the families, components, and elements comprised therein. h. Define system security architecture and determine the appropriate functional and assurance components for a given automated information system in a particular environment. i. Discuss how the Centralized Certified Products List (CCPL) allows for products, such as firewalls and operating systems, to be selected so as to provide an appropriate level of Information Assurance. Principles of Information Assurance Page 3

j. Discuss the role of system custodians and system security officers as defined in Part 1 of the Common Criteria. 6. Hardening Linux Computers: In this topic, students are introduced to the core operational principles of Linux. Students learn to manage users, groups, and file system permissions, and configure Pluggable Authentication Modules (PAMs). System information, services, and processes are examined such that students develop an understanding of how to manipulate them for security. Shell scripts, network protocols, and security tools are utilized to harden and manage Linux security. a. Perform fundamental Linux administrative functions. b. Examine system information and investigate the management of processes in Linux. c. Determine and implement appropriate Linux user and filesystem security. d. Evaluate and utilize built-in and add-on services and network protocols to configure Linux network security. e. Create and evaluate simple shell scripts executing Linux command strings. f. Evaluate and implement various security tools, including Bastille and Tripwire, to improve Linux security. 7. Hardening Windows Server 2003: In this topic, students investigate the concepts and procedures required to secure Microsoft Windows computers. Students examine an advanced range of security principles and management tools, including authentication, auditing and logging, group policy, security templates, the Registry, Encrypting File System (EFS), Active Directory, Windows Firewall, and various network security components and protocols. a. Study Windows 2003 infrastructure security concepts and create a custom Group Policy Object. b. Examine the fundamentals of authentication in Windows 2003 and describe the local logon process. c. Investigate and implement Windows 2003 security configuration tools, including security templates, secedit.exe, and the Security Configuration and Analysis snapin. d. Examine and configure security settings in the Registry. e. Configure auditing and logging, and analyze Security Log Event IDs. f. Examine the components of and implement the Encrypting File System on Windows 2003. g. Study and configure the systems available to secure Windows 2003 network communications, including Windows Firewall and hardening TCP/IP. 8. Security on the Internet and the WWW: In this topic, students learn how to identify the security issues associated with the Internet and World Wide Web. The major components of the Internet and their functions are explored. This is followed by an examination of Principles of Information Assurance Page 4

techniques used to attack the Internet s components contrasted against those used to attack the Internet s users. a. Identify and describe the functions of the major components comprising the Internet. b. Identify and explain the roles of the organizations governing the Internet. c. Evaluate and discuss some of the major disruptions that have occurred over the last several years. d. Identify the role of and risk mitigation techniques for Domain Name Services (DNS). e. Discuss areas of vulnerability associated with the Internet, and analyze where attacks have the highest probability of occurring and what those attacks are likely to be. f. Identify the risks faced by Internet users and discuss ways in which to mitigate these risks. Instruction: Foundations of Network Security Data Confidentiality, Integrity, and Availability Securing Windows and Linux Computers Routing and Access Control Lists Security on the Internet and the World Wide Web Physical Security Measures Attack Techniques Threats and Countermeasures Legal and Ethical Issues in Cyber Security Methods of Instruction: (Choose method(s) of instruction examples are: lectures, class discussions, hands-ontraining, demonstrations, projects and performance evaluation.) Required Certifications: Security Certified Network Specialist (SCNS): Security Certified Network Professional (SCNP): (Select one of the following options) Tactical Perimeter Defense (SCO-451) Strategic Infrastructure Security (SCO-471) Cyber Security Education Consortium: CSEC End-of-Course Exam Brainbench: ITAA Information Security Awareness Principles of Information Assurance Page 5

CompTIA: inet+ OR Network+ Recommended Certifications: Brainbench: Check Point FireWall-1 Administration Information Technology Security Fundamentals Internet Security Network Security Recognized Primary Course Textbooks and Instructional Resources: Security Certified Program (SCP) curriculum: Strategic Infrastructure Security Warren Peterson Reference Texts: Guide to Disaster Recovery, 1st Edition Michael Erbschloe. ISBN - 0-619-13122-5 Security+; Chuck Swanson, Andrew Lapage, Robyn Feiock, Nancy Curtis ISBN: 0-7580-5598-6 Cisco Networking Academy Program: IT Essentials I: PC Hardware and Software Companion Guide, Second Edition ISBN: 1-58713-136-6 IT Essentials II: Network Operating Systems Companion Guide ISBN: 1-58713-097-1 CCNA 1 and 2 Companion Guide, Revised Third Edition ISBN: 1-58713-150-1 CCNA 3 and 4 Companion Guide, Third Edition ISBN: 1-58713-113-7 Career Cluster Resources for Information Technology http://www.careerclusters.org/resources/clusterdocuments/itdocuments/itfinal.pdf Principles of Information Assurance Page 6

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information