Course Content Summary ITN 262 Network Communication, Security and Authentication (4 Credits)



Similar documents
Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

Course Content Summary ITN 267 Legal Topics in Network Security (3 Credits)

Weighted Total Mark. Weighted Exam Mark

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

CIS 250 NETWORK SECURITY JACKSON STATE COMMUNITY COLLEGE COURSE SYLLABUS

Chapter 8. Network Security

IT Networks & Security CERT Luncheon Series: Cryptography

SSL Firewalls

Networking: EC Council Network Security Administrator NSA

Implementing and Administering Security in a Microsoft Windows Server 2003 Network

Curran, K. Tutorials. Independent study (including assessment) N/A

Network Security Fundamentals

Tim Bovles WILEY. Wiley Publishing, Inc.

How To Pass A Credit Course At Florida State College At Jacksonville

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

CS 348: Computer Networks. - Security; 30 th - 31 st Oct Instructor: Sridhar Iyer IIT Bombay

Eleventh Hour Security+

CIS 253. Network Security

VALLIAMMAI ENGINEERING COLLEGE

NETWORK SECURITY (W/LAB) Course Syllabus

Diploma in Information Security Control, Audit and Management (CISSP Certification)

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

Implementing Cisco IOS Network Security v2.0 (IINS)

Security + Certification (ITSY 1076) Syllabus

Cryptography and network security CNET4523

Textbooks: Matt Bishop, Introduction to Computer Security, Addison-Wesley, November 5, 2004, ISBN

CRYPTOG NETWORK SECURITY

BUY ONLINE FROM:

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Description: Objective: Attending students will learn:

Wireless Mobile Internet Security. 2nd Edition

Network Security. Outline of the Tutorial

Implementing Cisco IOS Network Security

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

FBLA Cyber Security aligned with Common Core FBLA: Cyber Security RST RST RST RST WHST WHST

The Seven Habits of State-of-the-Art Mobile App Security

Department of Computer & Information Sciences. CSCI-445: Computer and Network Security Syllabus

Release Notes. NCP Secure Entry Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3. Known Issues

IINS Implementing Cisco Network Security 3.0 (IINS)

How To Encrypt Data With Encryption

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

Chapter 10. Network Security

Lecture 9 - Network Security TDTS (ht1)

Certificate Authorities and Public Keys. How they work and 10+ ways to hack them.

Network Security Course Specifications

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

CRIPT - Cryptography and Network Security

Cornerstones of Security

Computer Networks. Secure Systems

EXAM questions for the course TTM Information Security May Part 1

Joseph Migga Kizza. A Guide to Computer Network Security. 4) Springer

Introduction to Cyber Security / Information Security

MS-55096: Securing Data on Microsoft SQL Server 2012

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Security Goals Services

City University of Hong Kong. Information on a Course offered by Department of Electronic Engineering with effect from Semester A in 2012/2013

Introduction. Haroula Zouridaki Mohammed Bin Abdullah Waheed Qureshi

Information Security and Cryptography

Topics in Network Security

Table of Contents. Bibliografische Informationen digitalisiert durch

Lectures for the course: Electronic Commerce Technology (IT 60104)

Securing Cisco Network Devices (SND)

Computer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON

Lesson Plans Administering Security in a Server 2003 Network

Securing Data on Microsoft SQL Server 2012

Chapter 8 Network Security. Slides adapted from the book and Tomas Olovsson

CRYPTOGRAPHY AND NETWORK SECURITY

CS 356 Lecture 28 Internet Authentication. Spring 2013

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

Bellevue University Cybersecurity Programs & Courses

Network Security and Firewall 1

TLS and SRTP for Skype Connect. Technical Datasheet

CS 758: Cryptography / Network Security

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

Network Security - ISA 656 Review

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

How To Understand And Understand The Security Of A Key Infrastructure

Chapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

McAfee Firewall Enterprise 8.2.1

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Client Server Registration Protocol

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli

Exam Questions SY0-401

Securing IP Networks with Implementation of IPv6

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

Release Notes. NCP Secure Entry Mac Client. Major Release 2.01 Build 47 May New Features and Enhancements. Tip of the Day

CSCI 454/554 Computer and Network Security. Final Exam Review

The Information Security Problem

Introduction to Computer Security

Transcription:

Page 1 of 5 Course Content Summary ITN 262 Network Communication, Security and Authentication (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Covers an in-depth exploration of various communication protocols with a concentration on TCP/IP. Explores communication protocols from the point of view of the hacker in order to highlight protocol weaknesses. Includes Internet architecture, routing, addressing, topology, fragmentation and protocol analysis, and the use of various utilities to explore TCP/IP. Lecture 4 hours per week. Statement of Purpose: This course provides a detailed study of networking protocols such as TCP/IP and supporting technologies. The student will learn how to use packet sniffing tools, such as Wireshark, in order to learn how to review network traffic for the purpose of detecting attack signatures. The student will be able to demonstrate, given specific attack scenarios, an understanding of how to apply encryption and authentication technologies, such as IPSec and SSL, as countermeasures. This course also includes content, as indicated below in parenthesis behind each learning objective that directly maps to DHS/NSA s Center of Academic Excellence 2 Year (CAE2Y) criteria. Course Prerequisites / Corequisites: ITN 260. Required Text: Elementary Information Security, latest edition. Author: Smith, Richard E. Publisher: Jones & Bartlett Learning.

Page 2 of 5 COURSE OBJECTIVES Upon successful completion of this course, the student will have a working knowledge of: 1.0 Fundamental Security Design Principles. 2.0 Network Security Policy. 3.0 Fundamental TCP/IP concepts and supporting technologies. 4.0 Network Authentication. 5.0 Network Encryption. 6.0 Wireless Security. 7.0 Required Additional Topics. STUDENT LEARNING OUTCOMES 1.0 Fundamental Security Design Principles 1.1 Understand the role of security design as an enforcer/implementation tool for desired security policies. 1.2 Describe the Security System Development Life Cycle. (IA4) 1.3 Understand basic security design roles, including the role of separation (of domains) and isolation, simplicity of design, minimization of implementation, fail safe defaults vs. fail secure, modulatory, layering, principle of Least Astonishment, open design, and usability. (FS1, FS2, FS4, FS5, FS6, FS7, FS8, FS10, FS11) 1.4 Describe the system mode of operation (i.e. compartmented/partitioned, dedicated, multilevel, system-high) and the impact to security architecture and policy. 1.5 Describe security models, including Bell La-Padula, Biba, Clark-Wilson, Non-Interference Model, Chinese Wall and other models. (IA8) 1.6 Analyze common security failures and identify specific design principles that are in error. (FS) 1.7 When provided with a specific scenario, be able to identify the needed design principle to resolve the security problem. (FS) 1.8 Be able to understand the importance of minimizing the effects of security mechanisms to enable usability and describe why good human machine interfaces are important to system use. (FS) 1.9 Be able to examine the architecture of a typical complex system and identify significant vulnerabilities, risks, and points at which specific security technologies/methods should be employed. (IA) 1.10 Understand and demonstrate how to obtain and use information relating to security threats from government websites such as the Computer Emergency Response Team (CERT). (CT13)

Page 3 of 5 2.0 Network Security Policy 2.1 Describe Authorization, Authentication, Confidentiality and Non-Repudiation. 2.2 Define risk management and its role in creating the network security policy. 2.3 Describe the risk management phases and the activities associated with each phase. 2.4 Define the process of identifying attack surfaces/vectors and attack trees. (CT9) (CT10) 2.5 Describe network security goals, philosophy and decisions related to creating a security policy. 2.6 Define the difference between policies, standards, guidelines and procedures. 2.7 Explain the elements of the security policy as it relates to users, maintenance personnel, contractors, clearances, position description and sensitivity. 2.8 Describe administrative security control as it relates to such topics as attribution, passwords, copyrights and classification of media and its handling. 2.9 Describe the Security Assessment and Authorization (SAA) and other compliance methods for ensuring that systems are compliant with security policies.. 3.0 TCP/IP Protocols 3.1 Describe the encapsulation process and its employment in the OSI model. (FS3) 3.2 Explain attacks against the data link layer, network and transport protocols. 3.3 Explain the use of firewalls and other security devices in defending against attacks on network protocols. 3.4 Explain the employment and operation of the Network Address Translation (NAT). 3.5 Explain the employment and operation of TCP Wrappers. 3.6 Explain the employment and operation of security protocols such as SSL, TLS, and IPSec. (CD3) (FS3) 4.0 Network Authentication 4.1 Recognize how authentication, authorization and identification techniques are used to protect the network. 4.2 Describe the three major authentication principles (factors). 4.3 Describe the most common attacks against passwords, smart cards (i.e. microprobing), and biometrics and the defense against those attacks, including multifactor authentication and HSPD-12. (CT4) 4.4 Describe False Acceptance Rates (FARs), False Rejection Rates (FRRs), and Cross-Over Error Rates (CER) and the impact on FARs and FRRs when tuning biometric systems. 4.5 Explain the employment of Kerberos and other authentication protocols, their operation, strengths and weaknesses.

Page 4 of 5 5.0 Network Encryption 5.1 Explain the security functions of cryptography (confidentiality, integrity, and authentication). (CD3) (IC10) 5.2 Define such terms as encryption, cryptography, cryptanalysis, encryption key, and encryption algorithm. 5.3 Explain and identify common symmetric key cryptosystems, their strengths and weaknesses. (IC1) 5.4 Explain asymmetric key cryptosystems, their strength and weaknesses. (IC1) 5.5 Understand the function and operation of the AES encryption algorithm and the evolution from DES to AES. (IC9) 5.6 Understand the function and operation of the Diffie-Hellman key exchange. 5.7 Understand the function and operation of the RSA encryption algorithm. (IC2) 5.8 Explain the function and operation of digital signatures. 5.9 Explain the function and operation of the Public Key Infrastructure (PKI), including the role of the CA and protection of the keying material and CA environment. (IC2) 5.10 Explain the function and operation of the common hashing algorithms(md4, MD5, SHA-1, SHA-2, SHA-3) for protecting integrity, protecting authentication data, and their relative resistance to collisions. (IC3) 5.11 Explain the Digital Signature Standard. (IC4) 5.12 Explain the function and operation of common cryptographic protocols such as SSL and IPSec and their use in Virtual Private Networks. (CD4) (IC8) (FS3) 5.13 Explain Key Management (creation, exchange/distribution issues, revocation, suspension, escrow). (IC5) 5.14 Explain the different types of cryptographic attacks, including brute force, chosen plaintext, known plaintext, differential and linear cryptanalysis, etc. (IC7) 6.0 Wireless Security 6.1 Explain cellular-based wireless systems and Wireless Local Area networks. 6.2 Describe current attacks on mobile phones and wireless systems. 6.3 Describe the various components of the Wireless Local Area Network. 6.4 Describe the different Wireless Local Area Network types. 6.5 Describe the operation of CSMA/CA. 6.6 Describe wireless topology. 6.7 Describe WEP, WPA, and WPA2 and their advantages and vulnerabilities. Describe the various mobile and wireless threats and their mitigations. (CT4) 7.0 Required Additional Topics 7.1 Describe emanations security, including TEMPEST and the various elements and requirements of TEMPEST security, including attenuation, banding, cabling, filtered power, grounding, shielding, TEMPEST separation, and zone of control/zoning. 7.2 Social engineering techniques. (CT6) 7.3 Describe Trustworthy systems and the concepts of mutual, one-way, transitive and intransitive trust. (CD6)

Page 5 of 5 CAE2Y Knowledge Unit Domain Index Course Content KU Indicator BD BS CD CT FS IA IC IT NC PL SA CAE2Y KU Full Domain Name Basic Data Analysis Basic Scripting Cyber Defense Cyber Threats Fundamental Security Design Principles Information Assurance Fundamentals Introduction to Cryptography Information Technology System Components Networking Concepts Policy legal Ethics and Compliance Systems Administration NOTE: the number following the KU Indicator represents the KU Domain topic as shown in the KU mapping matrix (Excel file).

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information