CIS 250 NETWORK SECURITY JACKSON STATE COMMUNITY COLLEGE COURSE SYLLABUS



Similar documents
CNA 432/532 OSI Layers Security

NETWORK SECURITY (W/LAB) Course Syllabus

Eleventh Hour Security+

CIS 521/421 Introduction to Information Assurance. Management of Information Security by Whitman and Mattord 2 nd Lecture notes posted on Blackboard

HARFORD COMMUNITY COLLEGE 401 Thomas Run Road Bel Air, MD Course Outline

Network Security Administrator

Security + Certification (ITSY 1076) Syllabus

Course Content Summary ITN 262 Network Communication, Security and Authentication (4 Credits)

Weighted Total Mark. Weighted Exam Mark

CIS 175 NETWORK TECHNICIAN JACKSON STATE COMMUNITY COLLEGE COURSE SYLLABUS

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

CSUS COLLEGE OF ENGINEERING AND COMPUTER SCIENCE Department of Computer Science (RVR 3018; /6834)

Monfort College of Business Semester Course Syllabus ( ) COURSE PREFIX/TITLE: BACS 382 TCP/IP Network Security Sem. Hrs. 3 Ed.

CIS 253. Network Security

Table of Contents. Introduction. Audience. At Course Completion

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

Department of Computer & Information Sciences. INFO-450: Information Systems Security Syllabus

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

IT Networking and Security

Networking: EC Council Network Security Administrator NSA

Bellevue University Cybersecurity Programs & Courses

Security+ P a g e 1 of 5. 5-Day Instructor Led Course

Department of Computer & Information Sciences. CSCI-445: Computer and Network Security Syllabus

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

Ohio Supercomputer Center

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Supplier Information Security Addendum for GE Restricted Data

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

CPSC 467: Cryptography and Computer Security

CompTIA Security+ Certification Study Guide. (Exam SYO-301) Glen E. Clarke. Gravu Hill

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus

HANDBOOK 8 NETWORK SECURITY Version 1.0

ICANWK406A Install, configure and test network security

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

IT SECURITY EDUCATION AWARENESS TRAINING POLICY OCIO TABLE OF CONTENTS

Security Whitepaper: ivvy Products

RYERSON UNIVERSITY Ted Rogers School of Information Technology Management And G. Raymond Chang School of Continuing Education

CHIPOLA COLLEGE COURSE SYLLABUS Chipola s website:

Privacy + Security + Integrity

Passing PCI Compliance How to Address the Application Security Mandates

HIPAA 203: Security. An Introduction to the Draft HIPAA Security Regulations

Controls for the Credit Card Environment Edit Date: May 17, 2007

Sample CDC Certification and Accreditation Checklist For an Application That Is Considered a Moderate Threat

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

System Security Plan University of Texas Health Science Center School of Public Health

CSC 483 Advanced Computer and Network Security (Online)

Information Technology Security Training Requirements APPENDIX A. Appendix A Learning Continuum A-1

BUY ONLINE FROM:

Supplier Security Assessment Questionnaire

CSC 474 Information Systems Security

CTR System Report FISMA

NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus

U.S. Department of the Interior's Federal Information Systems Security Awareness Online Course

MS-55096: Securing Data on Microsoft SQL Server 2012

Govt. of Karnataka, Department of Technical Education Diploma in Computer Science & Engineering. Sixth Semester

John Essner, CISO Office of Information Technology State of New Jersey

MCSE. 50 Cragwood Rd, Suite 350 South Plainfield, NJ Victoria Commons, 613 Hope Rd Building #5, Eatontown, NJ 07724

Strategic Plan On-Demand Services April 2, 2015

How To Pass A Credit Course At Florida State College At Jacksonville

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

CSCI 454/554 Computer and Network Security. Instructor: Dr. Kun Sun

Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.

GREAT PLAINS TECHNOLOGY CENTER COURSE OF STUDY. Adult Students: 1050 Hours

CNT5412/CNT4406 Network Security. Course Introduction. Zhenhai Duan

HIGH-RISK SECURITY VULNERABILITIES IDENTIFIED DURING REVIEWS OF INFORMATION TECHNOLOGY GENERAL CONTROLS

FormFire Application and IT Security. White Paper

Implementing Cisco IOS Network Security v2.0 (IINS)

Securing Data on Microsoft SQL Server 2012

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Security and Privacy Controls for Federal Information Systems and Organizations

CIS 292 Computer and Network Security Proposed Start: Summer Instructor's Name: Office Location: Office Hours: Office Phone:

HIPAA Security Alert

Payment Card Industry Self-Assessment Questionnaire

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

IT Networking and Security

Information Security Basic Concepts

Reference Guide for Security in Networks

External Supplier Control Requirements

ISO 27002:2013 Version Change Summary

PCI DSS Requirements - Security Controls and Processes

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst Page 1 of 7

information security and its Describe what drives the need for information security.

PCI Compliance for Cloud Applications

Credit Card Security

---Information Technology (IT) Specialist (GS-2210) IT Security Competency Model---

National Identity Exchange Federation (NIEF) Trustmark Signing Certificate Policy. Version 1.1. February 2, 2016

Fundamentals of Network Security - Theory and Practice-

CSCI 454/554 Computer and Network Security. Final Exam Review

Syllabus. No: CIS 200. Title: Fundamentals of Network Security. Credits: 4. Coordinator: Dr. B. Dike-Anyiam, Computer Science & Networking Lecturer

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

Network Access Security. Lesson 10

INFORMATION SECURITY SPECIFIC VENDOR COMPLIANCE PROGRAM (VCP) ACME Consulting Services, Inc.

REGULATIONS FOR THE SECURITY OF INTERNET BANKING

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

form approved June/2006 revised Page 1 of 7

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶

Information Technology Career Cluster Advanced Cybersecurity Course Number:

CHIPOLA COLLEGE COURSE SYLLABUS Chipola s website:

Transcription:

CIS 250 NETWORK SECURITY JACKSON STATE COMMUNITY COLLEGE COURSE SYLLABUS Prerequisites: CIS 175 Course Description This course is designed to give students a fundamental understanding of computer and network security. It will introduce students to a wide variety of concepts related to computer security. This course will help prepare the student for the CompTIA Security + Certification. This course is one of the required courses for obtaining the NSTISSI 4011 and CNSSI 4013 certifications. NSTISSI 4011 Course Objectives NSTISSI 4011 Mapping Details CNSSI 4013 Course Objectives CNSSI 4013 Mapping Details General Objectives Textbook Security+ Guide to Network Security Fundamental. 3rd Edition. Ciampa, Course Technology, 2009. Other Reference Materials Air Force Instruction 33-203, Volume 3, Emission Security Countermeasures - AFI33-203V3, November 2005. Key Management Using ANSI X9.17, U.S. Department of commerce, OMB Circular A-130 NIST Special Publication 800-12, An Introduction to Computer Security, October 1995. NIST Special Publication 800-16, Information Technology Security Training Requirements: A Role- and Performance-Based Model, April 1998. NIST Special Publication 800-18, Guide for Developing Security Plans for Federal Information Systems, February 2006. NIST Special Publication 800-26, Security Self-Assessment Guide for Information Technology Systems, November 2001. NIST Special Publication 800-30, Risk Management Guide for Information Technology Systems, July 2002. NIST Special Publication 800-34, Contingency Planning Guide for Information Technology Systems, June 2002.

NIST Special Publication 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems, May 2004 NIST Special Publication 800-47, Security Guide for Interconnecting Information Technology Systems, September 2002. NIST Special Publication 800-50, Building an Information Technology Security Awareness and Training Program, October 2003. NIST Special Publication 800-53, Recommended Security Controls for Federal Information Systems, December 2006. NIST Special Publication 800-59, Guideline for Identifying an Information System as a National Security System, August 2003. NIST Special Publication 800-60, Guide for Mapping Types of Information and Information Systems to Security Categories, June 2004. NIST Special Publication 800-61, Computer Security Incident Handling Guide, January 2004. NIST Special Publication 800-64, Security Considerations in the Information System Development Life Cycle, October 2003. NIST Special Publication 800-88, Guidelines for Media Sanitization, September 2006. NIST Special Publication 800-100, Information Security Handbook: A Guide for Managers, October 2006. CNSS Policy No. 6, National Policy on Certification and Accreditation of National Security Systems, October 2005. TEMPEST in a teapot: A note discussing the prevention of electromagnetic eavesdropping of personal computers. Grady Ward The Complete, Unofficial TEMPEST Information Page TEMPEST Information Page. This page is about surveillance technology. Class Participation/Quizzes/Homework Each student is expected to have all reading assignments and homework completed prior to coming to class. A 10% penalty per calendar day will be assessed for late assignments or homework. Tests Four exams, including a comprehensive final, will be given covering material from the text, handouts and class lectures. The tests may include multiple-choice, fill in the blank, short answer, matching, and essay questions. If it is necessary to miss an exam, it will be the student's responsibility to contact the instructor to arrange a time to make up the exam. Make-up exams may not be the same exam given during the regular exam date and must be taken prior to the final exam period. Grading Policy Each student's final grade will be determined by the following: Homework/Lab...70% Tests and Comprehensive Final...30% Total...100% Grading Scale A...92-100 B...83-91 C...75-82 D...70-74 F...69 or below

Attendance Policy Students are expected to attend all classes. After three hours of missed class time, 1 point will be deducted from the student's final grade for each additional one-hour of class time missed. It will be the student's responsibility to obtain all information missed. Tardiness to class will result in the equivalent of a one hour absence for every tardy. Course Format This course will use problem-based learning as its primary mode of knowledge discovery. It will be the student's responsibility to learn based on problems presented. Some classroom discussion periods will be used to clarify what is to be learned. Academic Honesty Plagiarism, cheating, and other forms of academic dishonesty are prohibited. Any student who is caught cheating on a test, exam, lab assignment, etc. will be given a grade of F for the entire course. Other Comments Jackson State will make reasonable accommodations for persons with documented physical, mental or learning disabilities. Students should notify their instructor and the Coordinator of Disabled Student Services located in the Counseling Office, Room 12 of the Student Union Building - of any special needs. Instructors should be notified the first week of class. All discussions remain confidential. No children allowed in the classroom. Cell phones and pagers must be turned off in the classroom. Ringing cell phones and audible pagers will negatively impact the student s class participation grade.

Network Security CIS 250 NSTISSI 4011Course Objectives G1. Describe the different types of software-based attacks G2. List types of hardware attacks G3. Define virtualization and explain how attackers are targeting virtual systems G4. Explain how to harden operating systems G5. List ways to prevent attacks through a Web browser G6. Define SQL injection and explain how to protect against it G7. Explain how to protect systems from communications-based attacks G8. Describe various software security applications G9. Explain the types of network vulnerabilities G10. List categories of network attacks G11. Define different methods of network attacks G12. Explain how to enhance security through network design G13. Define network address translation and network access control G14. List the different types of network security devices and explain how they can be used G15. Describe the basic IEEE 802.11 wireless security protections G16. Define the vulnerabilities of open system authentication, WEP, and device authentication G17. Describe the WPA and WPA2 personal security models G18. Explain how enterprises can implement wireless security G19. Define access control and list the four access control models G20. Describe logical access control methods G21. Explain the different types of physical access control G22. Define authentication G23. Describe the different types of authentication credentials G24. List and explain the authentication models G25. Define authentication servers G26. Describe the different extended authentication protocols G27. Define risk and risk management G28. Describe the components of risk management G29. List and describe vulnerability scanning tools G30. Define privilege audits G31. Describe how usage audits can protect security G32. List the methodologies used for monitoring to detect security-related anomalies G33. Describe the different monitoring tools G34. Define cryptography G35. Describe hashing G36. List the basic symmetric cryptographic algorithms G37. Describe how asymmetric cryptography works G38. List types of file and file system cryptography G39. Explain how whole disk encryption works G40. Define digital certificates G41. List the various types of digital certificates and how they are used G42. Describe the components of Public Key Infrastructure (PKI) including G43. List the tasks associated with key management G44. Describe and domonstrate the different cryptographic transport protocols including how it is applied to dial-up, dedicated, end-to-end access control, public vs private networks. Also, IPSEC, PPP, PPTP and L2TP protocols are addressed as it applies to the transport, tunnel, AH and ESP modes G45. Define environmental controls G46. Describe the components of redundancy planning G47. List disaster recovery procedures G48. Describe incident response procedures G49. Define organizational security policy

G50. List the types of security policies G51. Discuss various technological policy and educational solutions relating to personnel/user issues, awareness, training and education, and computer support and operations. G52. Discuss personnel security practices and procedures G53. Explain and discuss examples of administrative security procedural controls including password policies, copyright protection, destruction procedures, computer misuse, repudiation, security plan preparation, sanitization and transportation of media G54. Describe access, control and storage of COMSEC material including destruction procedures for COMSEC material, identify and inventory COMSEC material, key management protocols (bundling, electronic key, over-the-air rekeying), report COMSEC incidents G55. Discuss TEMPEST Security with regards to attenuation, banding, cabling, filtered power, grounding, shielding, TEMPEST separation, zone of control/zoning G56. Students will complete an activities that involve identifying example policy and procedures related to physical security measures, personnel security practices and procedures G57. Students will configure mechanisms to protect information such as setting access privileges, create audit trails, configuring authentication settings, create and implement a password policy and set up auditing on network server. Students will participate in lab exercises using Wireshark to capture and examine network traffic G58. Describe software security policy and procedures including assurance, configuration management (change controls, documentation, programming standards and controls), software security mechanisms to protect information (access privileges, application security features, audit trails and logging, concept of least privilege), identification and authentication, internal labeling, malicious logic protection, need-to-know controls, operating systems security features and segregation of duties). G59. Students will examine samples, when applicable, and discuss security reviews, the effectiveness of security programs, investigations of security breaches, monitoring systems for accuracy and abnormalities, privacy, review of accountability controls, review of audit trails and logs, review of software design standards, verification, validation, testing, and evaluation processes

Network Security CIS 250 NSTISSI 4011Mapping Details (G) NSTISS Policies and Procedures: Course objectives G1 G21, G29, G51. Course lectures include an extensive review of the threat and vulnerabilities that exist in an AIS/telecommunications system. In addition, how to protect against these threats are both discussed and applied in various labs throughout the course. The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapters 10, 13 and 14 discuss various technological policy and educational solutions relating to personnel/user issues, awareness, training and education, and computer support and operations. o (G1a) Physical Security Measures: The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapter 15 and course objectives G19 G21, G56 covers alarms, building construction, cabling, communications centers, environmental controls (humidity and air conditioning), filtered power, information systems centers, physical access control systems (key cards, locks and alarms), power controls (regulator, uninterrupted power service (UPS), and emergency poweroff switch), protected distributed systems, shielding, stand-alone systems and peripherals and storage area controls. Students will complete an activity that involves identifying example policy and procedures related to physical security measures. These examples will be found on web sites such as www.sans.org. o (G1b) Personnel Security Practices and Procedures: The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapter 10 and 13 and course objectives G27 G28, G49 G50, G52, G56 discusses access authorization/verification (need-to-know), contractors, employee clearances, position sensitivity, security training and awareness (initial and refresher) and systems maintenance personnel. Students will complete an activity that involves identifying example policy and procedures related to personnel security practices and procedures. These examples will be found on web sites such as www.sans.org. o (G1c) Software Security: The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapters 9, 13, 14, 17 and 18 and course objectives G1 G7, G19 - G26 and G30 G33, G57 - G58 covers assurance, configuration management (change controls), configuration management (documentation), configuration management (programming standards and controls), software security mechanisms to protect information (access privileges), software security mechanisms to protect information (application security features), software security mechanisms to protect information (audit trails and logging), software security mechanisms to protect information (concept of least privilege), software security mechanisms to protect information (identification and authentication), software security mechanisms to protect information (internal labeling), software security mechanisms to protect information (malicious logic protection), software security mechanisms to protect information (need-to-know controls), software security mechanisms to protect information (operating systems security features), software security mechanisms to protect information (segregation of duties). Students will complete an activity that will require them to set configure mechanisms to protect information such as setting access privileges, create audit trails and configuring authentication settings. o (G1d) Network Security: The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapter 19 and course objectives G19 - G21, G32 G33, G40 G44 covers dial-up vs dedicated, end-to-end access control, privileges (class, nodes), public vs private, traffic analysis. This chapter specifically addresses IPSEC and discuss transport protocol such as PPP, PPTP and L2TP. Students will participate in lab exercises using Wireshark to capture and examine network traffic. o (G1e) Administrative Security Procedural Controls: The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapter 8, 10, 14 and 16, NIST Information Security Handbook: A Guide for Managers 800-100 NIST 800-100.pdf Chapter 3 and 8, NIST Guidelines for Media Sanitization 800-88 NIST 800-88.pdf Chapter 4 and course objectives G19 G21, G36 G37, G40 G42, G53, G57 discusses

attribution, construction, changing, issuing and deleting passwords, copyright protection and licensing, destruction of media, documentation, logs and journals, emergency destruction, external marking of media, media downgrade and declassification, preparation of security plans, reporting of computer misuse or abuse, repudiation, sanitization of media, transportation of media. Students will do a lab involving create and implement a password policy. o (G1f) Auditing and Monitoring: The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapter 4 and 18, NIST Information Security Handbook: A Guide for Managers 800-100 NIST 800-100.pdf Chapter 7, and course objectives G30 G33, G57, G59 covers conducting security reviews, effectiveness of security programs, investigation of security breaches, monitoring systems for accuracy and abnormalities, privacy, review of accountability controls, review of audit trails and logs, review of software design standards, verification, validation, testing, and evaluation processes. Students will do a lab that will have them set up auditing on network server. They will them review logs that show the results of the audit. o (G1g) Cryptosecurity: The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapter 19, and course objectives G34 G44 covers cryptovariable or key, electronic key management system and encryption/decryption method, procedure, algorithm. o (G1h) Key Management: The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapter 19, Key Management Using ANSI X9.17.pdf and course objectives G34 G44, G54 covers access, control and storage of COMSEC material, destruction procedures for COMSEC material, identify and inventory COMSEC material, key management protocols (bundling, electronic key, over-the-air rekeying), report COMSEC incidents. o (G1i) Transmission Security: Covered in the CIS 175 course. o (G1j) TEMPEST SECURITY: AIR FORCE INSTRUCTION 33-203, VOLUME 3, EMISSION SECURITY COUNTERMEASURES - AFI33-203V3 TEMPEST.pdf Chapter 8, The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapter 15, TEMPEST in a teapot, The Complete, Unofficial TEMPEST Information Page and course objectives G45 and G55 covers attenuation, banding, cabling, filtered power, grounding, shielding, TEMPEST separation, zone of control/zoning.

Network Security CIS 250 CNSSI 4013Course Objectives F1A1. Describe the basic IEEE 802.11 wireless security protections and policies F1A2. Define, describe and identify EMSEC/TEMPEST Security procedures, controls and policies, identify the Certified EMSEC/TEMPEST Technical Authority (CTTA) and describe EMSEC/TEMPEST security countermeasures and safeguards F1A3. Describe and demonstrate the different cryptographic transport protocols including how it is applied to dial-up, dedicated, end-to-end access control, public vs private networks. Also, IPSEC, PPP, PPTP and L2TP protocols are addressed as it applies to the transport, tunnel, AH and ESP modes F1A4. List and describe the different types of network security devices and explain how they can be used F1A5. Define and describe network address translation and network access control including wide area network security policies F1A6. Explain how to enhance security through network design including policy development F1A7. Define and describe different methods of network attacks F1A8. List categories of network attacks F1A9. Explain the types of network vulnerabilities F1A10.Explain how to harden operating systems and discuss examples of procedures needed to assure operating systems security F1A11. List ways to prevent attacks through a Web browser F1A12.Define SQL injection and explain how to protect against it F1A13.Explain how to protect systems from communications-based attacks F1A14.Describe various software security applications F1A15.Students will complete lab activities that focus on hardening operating systems. F1A16.Students will complete activities that involve identifying example policy and procedures related to physical security measures, personnel security practices and procedures F1A17.Define and describe zoning and zone of control policy F1B1 Define environmental controls F1B2 Define, describe and identify EMSEC/TEMPEST Security procedures, controls and policies, identify the Certified EMSEC/TEMPEST Technical Authority (CTTA) and describe EMSEC/TEMPEST security countermeasures and safeguards F1B3 Describe and demonstrate the different cryptographic transport protocols including how it is applied to dial-up, dedicated, end-to-end access control, public vs private networks. Also, IPSEC, PPP, PPTP and L2TP protocols are addressed as it applies to the transport, tunnel, AH and ESP modes F1B4 Explain how to harden operating systems and discuss examples of procedures needed to assure operating systems security F1B5 List ways to prevent attacks through a Web browser F1B6 Define SQL injection and explain how to protect against it F1B7 Explain how to protect systems from communications-based attacks F1B8 Describe various software security applications F1B9 Students will complete lab activities that focus on hardening operating systems. F1B10 Define, describe and identify EMSEC/TEMPEST Security procedures, controls and policies, identify the Certified EMSEC/TEMPEST Technical Authority (CTTA) and describe EMSEC/TEMPEST security countermeasures and safeguards F1B11 Define, describe and identify EMSEC/TEMPEST Security procedures, controls and policies, identify the Certified EMSEC/TEMPEST Technical Authority (CTTA) and describe EMSEC/TEMPEST security countermeasures and safeguards F1D1 Define, describe and identify EMSEC/TEMPEST Security procedures, controls and policies, identify the Certified EMSEC/TEMPEST Technical Authority (CTTA) and describe EMSEC/TEMPEST security countermeasures and safeguards F1F1 Describe the different types of software-based attacks including Keyloggers

F1F2 List types of hardware attacks including Keyloggers F4A1 Define, describe and identify EMSEC/TEMPEST Security procedures, controls and policies, identify the Certified EMSEC/TEMPEST Technical Authority (CTTA) and describe EMSEC/TEMPEST security countermeasures and safeguards as it applies to the risk management process F4A2 Explain how to harden operating systems and discuss examples of procedures needed to assure operating systems security F4A3 List ways to prevent attacks through a Web browser F4A4 Define SQL injection and explain how to protect against it F4A5 Explain how to protect systems from communications-based attacks F4A6 Describe various software security applications F4A7 Students will complete lab activities that focus on hardening operating systems. F4A8 Describe what zoning and zone of control ratings are based F4A9 Address authentication, biometrics, access, access control software, account management and procedures with the work force and staff and describe data access F4B1 Define and describe decentralized/distributed single sign on, discretionary and mandatory access controls and security domains F4B2 describe access control physical, logical, and administrative configurations, access rights and permissions, techniques and policies and identify access control attacks F4B3 Explain how to harden operating systems and discuss examples of procedures needed to assure operating systems security F4B4 List ways to prevent attacks through a Web browser F4B5 Define SQL injection and explain how to protect against it F4B6 Explain how to protect systems from communications-based attacks F4B7 Describe various software security applications F4B8 Students will complete lab activities that focus on hardening operating systems. F4E1 Explain how to harden operating systems and discuss examples of procedures needed to assure operating systems security F4E2 List ways to prevent attacks through a Web browser F4E3 Define SQL injection and explain how to protect against it F4E4 Explain how to protect systems from communications-based attacks F4E5 Describe various software security applications F4E6 Students will complete lab activities that focus on hardening operating systems. F5A1 Address authentication, biometrics, access, access control software, account management and procedures with the work force and staff and describe data access F5A2 Define decentralized/distributed single sign on, discretionary and mandatory access controls and security domains F5B1 Address authentication, biometrics, access, access control software, account management and procedures with the work force and staff and describe data access F5C1 Define and describe decentralized/distributed single sign on, discretionary and mandatory access controls and security domains F5C2 Address authentication, biometrics, access, access control software, account management and procedures with the work force and staff and describe data access

o o Network Security CIS 250 CNSSI 4013 Mapping Details (F1) Function 1 Secure Use (F1A) General Security Policy (F1A15) Wireless Security. The course textbook identifies organizational wireless security policies. Course objective F1A1 (F1A16) EMSEC/TEMPEST (Emanations Security/Short name referring to the investigation, study, and control of compromising emanations from IS equipment): TEMPEST SECURITY: AIR FORCE INSTRUCTION 33-203, VOLUME 3, EMISSION SECURITY COUNTERMEASURES - AFI33-203V3 TEMPEST.pdf Chapter 8, The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapter 15, TEMPEST in a teapot, The Complete, Unofficial TEMPEST Information Page and course textbook define, describe and identify EMSEC/TEMPEST security and control policies. Course objectives F1A2 and F1A3 o (F1A29) Network: The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapter 19 and the course textbook describe computer network defense, policies relevant to network security and wide area network security policies. Course objectives F1A4 F1A9 o (F1A30) Operating System: Course textbook defines functional requirements for operating system integrity. Course objectives F1A10 F1A15 o (F1A33) Physical Security: The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapter 15 and the course textbook define physical security. Course objective F1A16 o (F1A45) Zone: TEMPEST SECURITY: AIR FORCE INSTRUCTION 33-203, VOLUME 3, EMISSION SECURITY COUNTERMEASURES - AFI33-203V3 TEMPEST.pdf Chapter 8, The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapter 15, TEMPEST in a teapot, The Complete, Unofficial TEMPEST Information Page and course textbook define and describe zoning and zone of control policies. Course objective F1A17 (F1B) General Procedures o (F1B9) EMSEC/TEMPEST: TEMPEST SECURITY: AIR FORCE INSTRUCTION 33-203, VOLUME 3, EMISSION SECURITY COUNTERMEASURES - AFI33-203V3 TEMPEST.pdf Chapter 8, The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapter 15, TEMPEST in a teapot, The Complete, Unofficial TEMPEST Information Page and course textbook define and identify EMSEC/TEMPEST security procedures and identify certified EMSEC/TEMPEST technical authority (CTTA). Course objectives F1B2 F1B3 o (F1B18) IPSEC: Course textbook discusses IPSEC authentication and confidentiality. Course objective F1B3 o (F1B25) Operating System: Course textbook defines and describes operating systems security procedures. Student will be required to complete lab activities that focus on hardening operating systems. Course objectives F1B4 F1B9 (F1D) General Awareness, Training and Education (AT&E) o (F1D10) EMSEC/TEMPEST: TEMPEST SECURITY: AIR FORCE INSTRUCTION 33-203, VOLUME 3, EMISSION SECURITY COUNTERMEASURES - AFI33-203V3 TEMPEST.pdf Chapter 8, The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapter 15, TEMPEST in a teapot, The Complete, Unofficial TEMPEST Information Page and course

textbook describe EMSEC/TEMPEST security countermeasures and safeguards. Course objective F1D1 (F1F) Operations Policies/Procedures o (F1F9) Privacy: Course textbook outlines known means of keystroke monitoring. Course objectives F1F1 F1F2 (F4A3) EMSEC/TEMPEST: TEMPEST SECURITY: AIR FORCE INSTRUCTION 33-203, VOLUME 3, EMISSION SECURITY COUNTERMEASURES - AFI33-203V3 TEMPEST.pdf Chapter 8, The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapter 15, TEMPEST in a teapot, The Complete, Unofficial TEMPEST Information Page and course textbook defines and describes EMSEC/TEMPEST security as it relates to the risk management process. Course objective F4A1 (F4A8) Operating Systems: The course textbook describes operating system integrity. Course objectives F4A2 F4A7 (F4A11) Zone: TEMPEST SECURITY: AIR FORCE INSTRUCTION 33-203, VOLUME 3, EMISSION SECURITY COUNTERMEASURES - AFI33-203V3 TEMPEST.pdf Chapter 8, The NIST Handbook Special Publication 800-12 - NIST 800-12.pdf Chapter 15, TEMPEST in a teapot, The Complete, Unofficial TEMPEST Information Page and course textbook describe what zoning and zone of control ratings are based. Course objective F4A8 (F4B1) Access Control: The NIST Handbook Special Publication 800-12 Chapter 2, 5, 15, 16 and 17 and the course textbook addresses access control software management and procedures with the work force and staff, defines decentralized/distributed single sign on, discretionary and mandatory access controls and security domains. These sources also describe access control physical, logical, and administrative configurations, access rights and permissions, techniques and policies and identify access control attacks. Course objectives F4B1 F4B3 (F4B9) Operating Systems: The course textbook describes operating system security features. Course objectives F4B3 F4B8 (F4E4) Operating Systems: The course textbook describes operating system security features. Course objectives F4E1 F4E6 (F5A1) Access Control: The NIST Handbook Special Publication 800-12 Chapter 2, 5, 15, 16 and 17 and the course textbook addresses access control software management and procedures with the work force and staff, access management and procedures with the work force and staff, access account management procedures with work force and describe data access. Course objectives F5A1 and F5A2 (F5A2) Accounts: The NIST Handbook Special Publication 800-12 Chapter 2, 5, 15, 16 and 17 and the course textbook addresses account management with staff. Course objective F5A1 (F5A3) Authentication: The NIST Handbook Special Publication 800-12 Chapter 2, 5, 15, 16 and 17 and the course textbook address authentication procedures with work force and staff. Course objective F5A1 (F5A5) Biometrics: The NIST Handbook Special Publication 800-12 Chapter 2, 5, 15, 16 and 17 and the course textbook address biometric access management with staff. Course objective F5A1 (F5B2) Authentication: The NIST Handbook Special Publication 800-12 Chapter 2, 5, 15, 16 and 17 and the course textbook address authentication procedures with work force and staff. Course objective F5B1 (F5B3) Biometrics: The NIST Handbook Special Publication 800-12 Chapter 2, 5, 15, 16 and 17 and the course textbook address biometric access management with staff. Course objective F5B1 (F5C1) Access Control: The NIST Handbook Special Publication 800-12 Chapter 2, 5, 15, 16 and 17 and the course textbook define and describe discretionary and mandatory access controls. Course objectives F5C1 (F5C4) Biometrics: The NIST Handbook Special Publication 800-12 Chapter 2, 5, 15, 16 and 17 and the course textbook describe biometrics. Course objective F5C2

Network Security CIS 250 General Course Objectives 1. Address authentication, biometrics, access, access control software, account management and procedures with the work force and staff and describe data access 2. Define access control and list the four access control models 3. Define and describe decentralized/distributed single sign on, discretionary and mandatory access controls and security domains 4. Define and describe different methods of network attacks 5. Define and describe network address translation and network access control including wide area network security policies 6. Define and describe zoning and zone of control policy 7. Define authentication 8. Define authentication servers 9. Define cryptography 10. Define decentralized/distributed single sign on, discretionary and mandatory access controls and security domains 11. Define different methods of network attacks 12. Define digital certificates 13. Define environmental controls 14. Define information security and explain why it is important 15. Define network address translation and network access control 16. Define organizational security policy 17. Define penetration testing 18. Define privilege audits 19. Define risk and risk management 20. Define SQL injection and explain how to protect against it 21. Define the vulnerabilities of open system authentication, WEP, and device authentication 22. Define virtualization and explain how attackers are targeting virtual systems 23. Define, describe and identify EMSEC/TEMPEST Security procedures, controls and policies, identify the Certified EMSEC/TEMPEST Technical Authority (CTTA) and describe EMSEC/TEMPEST security countermeasures and safeguards as it applies to the risk management process 24. Describe access control physical, logical, and administrative configurations, access rights and permissions, techniques and policies and identify access control attacks 25. Describe access, control and storage of COMSEC material including destruction procedures for COMSEC material, identify and inventory COMSEC material, key management protocols (bundling, electronic key, over-the-air rekeying), report COMSEC incidents 26. Describe and demonstrate the different cryptographic transport protocols including how it is applied to dial-up, dedicated, end-to-end access control, public vs private networks. Also, IPSEC, PPP, PPTP and L2TP protocols are addressed as it applies to the transport, tunnel, AH and ESP modes 27. Describe hashing 28. Describe how asymmetric cryptography works 29. Describe how education and training can limit the impact of social engineering 30. Describe how usage audits can protect security 31. Describe incident response procedures 32. Describe logical access control methods 33. Describe software security policy and procedures including assurance, configuration management (change controls, documentation, programming standards and controls), software security mechanisms to protect information (access privileges, application security features, audit trails and logging, concept of least privilege), identification and authentication, internal labeling, malicious logic protection, need-to-know controls, operating systems security features and segregation of duties). 34. Describe the basic IEEE 802.11 wireless security protections and policies

35. Describe the challenges of securing information 36. Describe the components of Public Key Infrastructure (PKI) 37. Describe the components of redundancy planning 38. Describe the components of risk management 39. Describe the different cryptographic transport protocols 40. Describe the different extended authentication protocols 41. Describe the different monitoring tools 42. Describe the different types of authentication credentials 43. Describe the different types of software-based attacks 44. Describe the different types of software-based attacks including Keyloggers 45. Describe the five steps in a defense 46. Describe the WPA and WPA2 personal security models 47. Describe various software security applications 48. Describe what zoning and zone of control ratings are based 49. Discuss personnel security practices and procedures 50. Discuss TEMPEST Security with regards to attenuation, banding, cabling, filtered power, grounding, shielding, TEMPEST separation, zone of control/zoning 51. Discuss various technological policy and educational solutions relating to personnel/user issues, awareness, training and education, and computer support and operations. 52. Explain and discuss examples of administrative security procedural controls including password policies, copyright protection, destruction procedures, computer misuse, repudiation, security plan preparation, sanitization and transportation of media 53. Explain how a virtual private network functions 54. Explain how enterprises can implement wireless security 55. Explain how to enhance security through network design 56. Explain how to enhance security through network design including policy development 57. Explain how to harden operating systems 58. Explain how to harden operating systems and discuss examples of procedures needed to assure operating systems security 59. Explain how to protect systems from communications-based attacks 60. Explain how whole disk encryption works 61. Explain the different types of information security careers and how the Security+ certification can enhance a security career 62. Explain the different types of physical access control 63. Explain the types of network vulnerabilities 64. Identify the types of attackers that are common today 65. List and describe the different types of network security devices and explain how they can be used 66. List and describe vulnerability scanning tools 67. List and explain the authentication models 68. List categories of network attacks 69. List disaster recovery procedures 70. List the basic steps of an attack 71. List the basic symmetric cryptographic algorithms 72. List the different types of network security devices and explain how they can be used 73. List the methodologies used for monitoring to detect security-related anomalies 74. List the tasks associated with key management 75. List the types of security policies 76. List the various types of digital certificates and how they are used 77. List types of file and file system cryptography 78. List types of hardware attacks 79. List types of hardware attacks including Keyloggers 80. List ways to prevent attacks through a Web browser 81. Students will complete activities that involve identifying example policy and procedures related to physical security measures, personnel security practices and procedures 82. Students will complete lab activities that focus on hardening operating systems.

83. Students will configure mechanisms to protect information such as setting access privileges, create audit trails, configuring authentication settings, create and implement a password policy and set up auditing on network server. Students will participate in lab exercises using Wireshark to capture and examine network traffic 84. Students will examine samples, when applicable, and discuss security reviews, the effectiveness of security programs, investigations of security breaches, monitoring systems for accuracy and abnormalities, privacy, review of accountability controls, review of audit trails and logs, review of software design standards, verification, validation, testing, and evaluation processes 85. Students will participate in lab exercises using Wireshark to capture and examine network traffic

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information