TCOM 562 Network Security Fundamentals

Similar documents
Course Syllabus Revised: Dec. 20, 2011.

Department of Computer & Information Sciences. INFO-450: Information Systems Security Syllabus

Lessons from Defending Cyberspace

CSCI 454/554 Computer and Network Security. Instructor: Dr. Kun Sun

RYERSON UNIVERSITY Ted Rogers School of Information Technology Management And G. Raymond Chang School of Continuing Education

CIS 6930/4930 Computer and Network Security. Dr. Yao Liu

CNT5412/CNT4406 Network Security. Course Introduction. Zhenhai Duan

Syllabus: AIT Information Systems Infrastructure Lifecycle Management

BBM 461: SECURE PROGRAMMING INTRODUCTION. Ahmet Burak Can

Lecture 1 - Overview

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY-274 Privacy, Ethics & Computer Forensics

CIS 4204 Ethical Hacking Fall, 2014

CS 464/564 Networked Systems Security SYLLABUS

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

EC-Council. Certified Ethical Hacker. Program Brochure

Major prerequisites by topic: Basic concepts in operating systems, computer networks, and database systems. Intermediate programming.

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Certified Cyber Security Analyst VS-1160

Weighted Total Mark. Weighted Exam Mark

UVic Department of Electrical and Computer Engineering

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

HARFORD COMMUNITY COLLEGE 401 Thomas Run Road Bel Air, MD Course Outline

Cyber Attacks. Protecting National Infrastructure Student Edition. Edward G. Amoroso

CSC 474 Information Systems Security

Contact Information I usually try to check once per day and respond within 48 hours or sooner, except on weekends and holidays.

Syllabus. No: CIS 200. Title: Fundamentals of Network Security. Credits: 4. Coordinator: Dr. B. Dike-Anyiam, Computer Science & Networking Lecturer

CSG 1205 Microsoft PowerPoint - Web

1. COURSE DESCRIPTION

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses

Syllabus: AIT Information Systems Infrastructure Lifecycle Management

Defending Against Data Beaches: Internal Controls for Cybersecurity

Symantec Advanced Threat Protection: Network

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

COURSE SYLLABUS BMIS 342 CYBER SECURITY

CS4320 Computer and Network Security. Fall 2015 Syllabus

Information Security Course Specifications

ABNORMAL PSYCHOLOGY (PSYCH 238) Psychology Building, Rm.31 Spring, 2010: Section K. Tues, Thurs 1:45-2:45pm and by appointment (schedule via )

AUGUST 28, 2013 INFORMATION TECHNOLOGY INCIDENT RESPONSE PLAN Siskiyou Boulevard Ashland OR 97520

Managing Information Resources and IT Security

THE UNIVERSITY OF TEXAS AT AUSTIN ACC 380K.12 Computer Audit & Systems Security (03100) Course Syllabus FALL 2015

COURSE SYLLABUS. Instructor Background: M.S. Computer Information Systems, Nova Southeastern University

Trends in Malware DRAFT OUTLINE. Wednesday, October 10, 12

Grading. The grading components are as follows: Midterm Exam 25% Final Exam 35% Problem Set 10% Project Assignment 20% Class Participation 10%

Cybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015

STATE OF CYBER SECURITY IN ETHIOPIA

External Supplier Control Requirements

The Information Security Problem

Common Syllabus Revised

NUMBER: IA-643 CREDIT HOURS: 3 PREREQUISITE: IA

Student Tech Security Training. ITS Security Office

Security and Computer Forensics ITP 477 (4 Units)

Spyware. Michael Glenn Technology Management 2004 Qwest Communications International Inc.

CNA 432/532 OSI Layers Security

GB 401 Business Ethics COURSE SYLLABUS: Fall nd 8 Week Syllabus Mr. Robert Wells COURSE OVERVIEW

CS 458 / 658 Computer Security and Privacy. Course mechanics. Course website. Module 1 Introduction to Computer Security and Privacy.

Course Outline Computing Science Department Faculty of Science. COMP Credits Computer Network Security (3,1,0) Fall 2015

MHR 305: Human Resource Management A Strategic Approach. Fall 2011

CIS 253. Network Security

Information, Network & Cyber Security

Cybersecurity for the C-Level

Comprehensive i-safe Curriculum International Scope of Lessons and Language Availability

CSUS COLLEGE OF ENGINEERING AND COMPUTER SCIENCE Department of Computer Science (RVR 3018; /6834)

CYBERSECURITY NEXUS ROBERT E STROUD INTERNATIONAL PRESIDENT, ISACA RAMSÉS GALLEGO INTERNATIONAL VICE PRESIDENT, ISACA

DATA BREACH COVERAGE

Computer Security (EDA263 / DIT 641)

Cybercrime in Canadian Criminal Law

Legal Issues / Estonia Cyber Incident

Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement

Keynote: FBI Wednesday, February 4 noon 1:10 p.m.

Business Ethics (BUS 105) Cycle II, Spring, 2012 Semester

Thursday 11:00 a.m. - 12:00 p.m. and by appointment

Professor: Dr. Esra Memili Office: 370 Bryan Office Hours: Monday 2:00-6:00pm and 8:50-9:50pm, and by appointment

Korea s experience of massive DDoS attacks from Botnet

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

v. 03/03/2015 Page ii

CS 340 Cyber Security Weisberg Division of Computer Science College of Information Technology & Engineering Marshall University

INTERENT SAFETY AND RESPONSIBILITY CYBER SECURITY

T141 Computer Systems Technician MTCU Code Program Learning Outcomes

Course Title: ITAP 3471: Web Server Management

Syllabus: IST451. Division of Business and Engineering. Penn State Altoona

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led

Introduction to Information Security Management

Political Science 103: Introduction to International Relations Spring 2014 Tuesday/ Thursday 2:30-3:45 Bascom Hall 272

Computer Security (EDA263 / DIT 641)

Report on CAP Cybersecurity November 5, 2015

A Cyber Security Integrator s perspective and approach

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

PRESENTATION TO THE UNIVERSITY SYSTEM OF MARYLAND S BOARD OF REGENTS

Evaluation of Pace University's Master's Degree Program for BNY Mellon Employees

Client Update NFA Adopts Interpretive Notice Regarding Information Systems Security Programs

GB 401 Business Ethics COURSE SYLLABUS: Fall Week Online Syllabus Ms. Jessica Robin COURSE OVERVIEW

Transcription:

TCOM 562 Network Security Fundamentals George Mason University Fall 2009 Jerry Martin Fairfax Campus Tel: (703) 993-3810 Email: gmartin@gmu.edu Office Hours: by appointment only 1. Announcements The class will meet in Robinson Hall, Rm A249 on Mondays, 7:20 10:00 p.m., beginning on August 31 st, 2009. The specific class meeting days are provided below in section 10. The Final Exam is scheduled for Monday December 21 st, 2009, from 7:20 10:00 p.m. 2. Expected Background Students are expected to be familiar with basic network technology. The course is designed as an introductory element treating network security issues in more depth. If you are a student with a disability and you need academic accommodations, please see me and contact the Disability Resource Center (DRC) at 993-2474. All academic accommodations must be arranged through the DRC. 3. Expected Learning Experience An introduction to the full spectrum of network security. Topics include Taxonomy - language commonality in incident handling; National Strategy to Secure Cyberspace; Cybersecurity Organizations - organizational structure for network defense; Best Practices, Security Policy, Threats - actors and tools, countermeasures, vulnerability identification/correction, intrusion detection, and impact assessment; Firewalls and Intrusion Detection Systems; Anti-Virus Software; Defense; Disaster Recovery; and Law Enforcement and Privacy Issues. The course reviews threats and vulnerabilities in network systems based on reports, case studies available in the literature, and actual experience. No textbook addresses the course completely. One textbook is identified as mandatory, supplemented with on-line resources. The course will be based on lecture notes provided in PowerPoint slides and amplified with the readings. Case studies and tests will be based on these notes. The PowerPoint slides will be available to the class on a website.

4. Required Book A. Mandatory Textbook Network Security Bible, Cole, Krutz and Conley B. Supplemental readings will be discussed during lectures, but will be for those students wishing to investigate a particular subject in more depth. 5. Lecture Notes As noted earlier, Power Point slides for the lectures will be available on a website prior to the class. The set of slides for the first class will be posted on the TCOM web site without restriction within one week of the start of classes in August. Subsequent lecture slides will be available thereafter on the class web site. 6. Homework 1. Two one-page case studies will be assigned during the semester and are due on the dates listed on the syllabus (approximately every three weeks). The format will be discussed in the first class. The third homework assignment will be based on an interactive CD (provided at class) exercise. 2. The case studies will be electronically transmitted to the instructor prior to the class date/time when it is due. Homework will be graded. Late homework will not be accepted unless prior permission is granted. PLEASE put your name in either the header or footer field. 3. A 7 10 page paper will be due two weeks prior to the final (the last class). Topic selection and format will be discussed during class. The paper will be electronically transmitted to the instructor prior to the class date/time when it is due. Late papers will not be accepted unless prior permission is granted. PLEASE put your name in either the header or footer field. IMPORTANT NOTE Students are encouraged to find, and use, any and every source they may locate to answer a question or for a research topic. HOWEVER: if elements of a paper or research note have been downloaded from the web or transcribed from another source, STUDENTS MUST WITHOUT FAIL acknowledge the source document. If the elements used are exact copies, those passages must be within quotation marks to note they are not original statements of the student. This includes written sections, diagrams, and pictures. Failure to acknowledge a source used is considered to contravene the copyright act and may also be subject to honor code proceedings if the student claims the work to be original when it is copied from another person or source. 7. Tests One midterm will be given (in class) during the semester. It will be a closed book, closed notes test of about two hours. The midterm will cover class work up to and including the lecture prior to the day of the midterm. The test will come from the slides, lecture accompanying the slides as supplemented by the readings.

8. Final Exam A closed book, closed notes final exam of about two hours will be given on Monday December 21 st, 2009. The work covered in this exam will concentrate on class work after the second test, but it will also include some questions from the first part of the course. 9. Course Grades: Final Grades will be determined by a weighted average of the case studies, the midterm, the paper, and the final exam in approximately the following manner: Homework: 15% Midterm: 35% Paper: 15% Final: 35% 10. Course Outline and Book Sections to be Covered Lecture No. 1 August 31 st, 2009 (reading: SANDIA REPORT, SAND98-8667, Unlimited Release, Printed October 1998: A Common Language for Computer Security Incidents by John D. Howard, Thomas A. Longstaff http://www.cert.org/research/taxonomy_988667.pdf), Course Overview and a Common Language: COMPUSEC taxonomy: standardizing terminology, categorization, identification, and response. Labor Day September 7 th, 2009 No class Lecture No. 2 September 14 th, 2009 (reading: National Strategy to Secure Cyberspace, www.whitehouse.gov and draft available at web site; Chapter 19) Protecting the National Infrastructure: An cursory review of the published direction the US administration has chosen to safeguard national assets. Best Practices: A review and discussion of best practices from backbone ISP perspective down to individual home user.

Lecture No. 3, September 21 st, 2009 (reading: Dancho Danchev Building and Implementing a Successful Information Security Policy (www.windowsecurity.com) and Chapter 2) Security Policy: The development of comprehensive organizational policies and the importance of implementation and enforcement. Case Study #1 due (Electronic Safety and Soundness, The Roles of Public and Private Sectors pp 34 37) Lecture No. 4, September 28 th, 2009 (reading: Chapter 4, pp 145-148, Chaper 17, pp 557-559) Threats: Viruses: speed of proliferation, damage, costs. Worms: damage, means of transmittal. Trojans: tools, availability, concept, targets, objectives. Malicious logic. Actors. Lecture No. 5, October 5 th, 2009 (reading: Chapter 9 pp 326-329) Threats: Bots and botnets. DoS attacks: tools, availability, concept, targeting, goals, actors. DDoS attacks: concept, objectives, tools, actors. Lecture No. 6, October 13 th, 2009 (reading: Chapter 13 pp 442-444; Chapter 17 pp.559-560) Threats: DNS/BGP concept, attacks, tools, actors. Paper topic, Case Study #2 due Lecture No. 7, October 19 th, 2009 (reading: Chapter 17 pp 560-567) Threats: Intrusions: concepts, objectives, tools, actors. Lecture No. 8, October 26 th, 2009 (reading: Chapter 4, pp 148-149; Chapter 6, pp 218-219, 266-267; Chapter 8, pp 285-288) Threats: Phishing, spyware/adware, spam, identity theft: tools, availability, concept, goals Lecture No. 9, November 2 nd, 2009 Midterm covering Lectures 1-8

Lecture No. 10, November 9 th, 2009 (reading: Chapter 13; Chapter 17, pp 567-571) Firewalls, Intrusion Detection Systems and Anti-Virus protection: tools, availability, concept, goals Homework #3 due Lecture No. 11, November 16 th, 2009 (reading: Know Your Enemy: Defining Virtual Honeynets Different types of Virtual Honeynets. Honeynet Project. http://www.honeynet.org/papers/virtual/index.html 27 January, 2003 and Chapter 17, pp 573-577) Deception Technologies: Techniques, tools and procedures to proactively respond to cyber attacks. Lecture No. 12, November 23 rd, 2009 (reading: Chapter 2, pp 59-67; Chapter 12; Chapter 17, pp 577-589) Disaster Recovery/Continuity of Operations/Mitigation: Techniques and activities to recover from major cyber attacks. Wireless (in)security Lecture No. 13, November 30 th, 2009 (reading: Chapter 2 pp 75-77 ) Law Enforcement and Privacy Issues. Law enforcement: applicable laws, jurisdiction, forensics, international law. Lecture No. 14, December 7 th, 2009 Challenges for the Future. 7-10 page paper due. Final Exam, December 21 st, 2009

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information