Assiut University Faculty of Computers & Information Department of Information Technology Quality Assurance Unit Network Security Course Specifications2011-2012 Relevant program B.Sc. in Computers and Information (Information Technology) Department offers the program Information Technology Department offers the course Information Technology Academic year 4 th Year Date of specification approval 24/9/2012 A. Basic Information 1. Course Title: Network Security 2. Course Code: IT422 3. Course hours per week: Lecture Tutorial / Practical Total 3 2 5 B. Professional Information 1. Overall aims of the course Upon completing this course the student will have learned, through appropriate classroom and laboratory experiences, the following. The basic issues, concepts, principles, and mechanisms in information security. Providing a comprehensive understanding of network security techniques. Common attack techniques, application of cryptography in security, authentication and authorization, network security, enterprise network defense, web security, and economics of security. Gaining an experience in applying the theory to practice. IT Program 4 th Year (2 nd Semester) Page 8-1
2. Intended Learning Outcomes (ILOs) of the course a. Knowledge and Understanding Skills On successful completion of the course, graduates should be able to: a1. Provide a deeper understanding of legal, professional and moral aspects of the exploitation of IT. a2. Show a critical understanding of the challenges inherent in the maintenance and evolution of IT-based systems, and the techniques and best practices currently available for dealing with them. a3. Understand the importance of security systems. a4. Understand types of security threats, system vulnerabilities and security goals and services. a5. Understand the basic concepts and techniques of data security. a6. Understand the basic key distribution techniques. a7. Understand the basic authentication and web security methods. a8. Knowledge of the methods used in defining and assessing criteria for measuring the extent to which a computer system is appropriate for its current deployment and future evolution. b. Intellectual Skills On successful completion of this course, graduates should be able to: b1. Define traditional and nontraditional information technology systems problems, set goals towards solving them, observe results, reason and apply judgment. b2. Identify a range of solutions and critically evaluate and justify proposed design solutions. b3. Solve information technology problems with pressing commercial or industrial constraints. b4. Appreciate the subtleties related to different attacks on data security. b5. Evaluate different types of security algorithms in order to use the appropriate one. b6. Express, present and defend the developed security program. b7. Analyze the security of some security packages. b8. Define and assess criteria to measure the appropriateness of a computer system for its current deployment and future evolution, and to interpret the results thereof. b9. Reach computing judgments considering balanced costs, benefits, safety, quality, reliability, and environmental impact. c. Professional and Practical Skills On successful completion of this course, graduates should be able to: c1. Specify, investigate, analyze, design and develop computer-based systems using appropriate tools and techniques. c2. Recognize risks or safety aspects involved in the operation of computer-based systems. c3. Evaluate systems in terms of their quality and possible trade-offs, evaluate appropriate hardware and software solutions for given scenarios. c4. Implement some of classical ciphering techniques. c5. Use DES and 3-DES algorithm. c6. Use RSA algorithm. c7. Professionally present security package. IT Program 4 th Year (2 nd Semester) Page 8-2
d. General and Transferable Skills On successful completion of this course, graduates should be able to: d1. Effectively employ information-retrieval skills, (including the use of browsers, search engines, and on-line library catalogues), communicate effectively using a variety of communication methods, and communicate effectively with team members, managers and customers. d2. Lead and motivate individuals. d3. Work as part of a development team and to recognize the different roles of its members. d4. Prepare their work in the form of reports, oral presentations or an internet web site. d5. Ability to work independently and as part of a team with minimum guidance. d6. Communicate effectively. 3. Contents No Topic taught 1 Discussion of the need for network security, describe various threats, attack types and hackers. 2 Explain authentication, encryption & encryption standard. Secret Key, public key algorithm authentication protocols, digital certificate. 3 Virtual private network, (VPN), secure sockets layer (SSL). Firewalls, and firewalls topology, packet filters and proxy servers. No. of hours Lecture Tut/Prac ILOs 12 8 a1-a4, a8, b1-b4, b8, c2, d1-d6 15 10 a1, a4-a8, b1-b9, c4-c6, d1-d6 15 10 a1, a4, a5-a8, b1-b9, c1, c3, c7, d1-d6 4. Teaching and Learning Methods 4a. Lectures 4b. Tutorial Exercises 5. Student Assessment 5a. Tools Final Exam Mid-Term Exam Practical Exam Class Work Projects To measure knowledge, understanding, intellectual and professional skills. To measure following up and understanding the studied topics To measure professional and general skills To measure the participation of the student during the tutorial, professional and general skills. To measure professional and general skills IT Program 4 th Year (2 nd Semester) Page 8-3
5b. Time Schedule Assessment Week No Final Exam 16 Mid-Term Exam 8 5c. Grading System Assessment Grade % Final Exam 70% Mid-Term Exam 15% 5d. Formative Assessment Regular quizzes distributed along the whole semester. 6. List of References 6a. Course Notes o Short course notes available at doctor s office. 6b. Required Books (Textbooks) o. 6c. Recommended Books o. 7. Facilities Required for Teaching and Learning A lecture hall is equipped with a projector and a computer. Labs are equipped with computers and Internet facilities. Tutorial rooms are equipped with projectors and computers. A library. Course Coordinator: Prof. Dr. Yousef B. Mahdy Signature: Date: 24/9/2012 Department Head: Prof. Hosny M. Ibrahim Signature: Date: 24/9/2012 IT Program 4 th Year (2 nd Semester) Page 8-4
Criteria Oral Exam Class Work Practical Exam Mid-Term Exam Final Exam Data Collections Case Study Projects Workshops Practical Exercises Tutorial Exercises Lectures Student evaluation, course file, exam results Course Name Network Security Course Matrix Course Code IT422 ILOs Teaching and Learning Methods Assessment Tools Course Aims Course Content Teaching Weeks a s b s c s d s The basic issues, concepts, principles, and mechanisms in information security. Providing a comprehensive understanding of network security techniques. Common attack techniques, application of cryptography in security, authentication and authorization, network security, enterprise network defense, web security, and economics of security. Gaining an experience in applying the theory to practice. Discussion of the need for network security, describe various threats, attack types and hackers. Explain authentication, encryption & encryption standard. Secret Key, public key algorithm authentication protocols, digital certificate. Virtual private network, (VPN), secure sockets layer (SSL). Firewalls, and firewalls topology, packet filters and proxy servers. 1-4 1-4,8 1-4,8 2 1-6 5-9 1, 4-8 1-9 4-6 1-6 9-13 1, 4, 5-8 1-9 1, 3, 7 1-6 Course Coordinator Prof. Dr. Yousef B. Mahdy Signature Department Head Prof. Hosny M. Ibrahim Signature IT Program 4 th Year (2 nd Semester) Page 8-5
IT Program 4 th Year (2 nd Semester) Page 8-6