Upload
willis-quinn
View
212
Download
0
Embed Size (px)
Citation preview
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY
Welcome toWelcome toIntroduction to Network Introduction to Network
Security!Security!Course Name – IT286-01 Introduction to Network Security – 1203 C Term Instructor – Jan McDanolds, MS, Security+ Contact Information: AIM – JMcDanolds Email: [email protected] Phone: 641-649-2980
Office Hours: Tuesday, 7:00 PM ET or Thursday, 7:00 PM ET
INTRODUCTION
Exercise…get to know your classmatesPractice a little human networking…
1. Type in the text chat: Short answers – your general location
(area/state), your experience/years in IT/security/computers and something unusual/memorable that you can share with the class. (Ex: ride a Harley, dog lover, sing, etc - one sentence)
2. NEXT: type another student’s name, their location, and their memorable thing.
3. Continue: Select classmates until everyone has been entered at least three entries.
4. After last one, answer the following question: How is this exercise similar to the way computers communicate over a network? Example: source and destination, protocol, security
CLASS CONTENT
Course Syllabus1. The Syllabus link is located under Course Home2. Please read the ENTIRE document 3. Review the section on Discussion requirements 4. Ask questions. Yes, you do need to participate in
the seminar or you need to take the quiz.
1203C TermBegins July 5th and ends September 11th Holiday: Labor Day, Sept 1st through Sept 3rd
CLASS CONTENT
Textbook as eBook1. The textbook for this course is:
CompTIA Security+ Study Guide2. Each chapter of the textbook is posted in Doc
Sharing (eBook)3. The front cover section shows a Security+ Study
Guide outline for Exam SY0-201 (if you wish to study for the Security+ exam)
4. CompTIA exam is vendor-neutral. Study material available for a reduced cost. There are a number of ways to study for the exam.
5. This class does NOT teach the exam.
CLASS CONTENT
Course OutcomesBy the end of this course, you should be able to: 1. Describe systems security concepts.2. Explain general communication and network infrastructure security concepts.3. Examine physical and logical access control methods.4. Summarize security assessment and auditing techniques.5. Define general cryptography concepts technologies.6. Examine operational and organization security components and procedures. General Education Outcomes: the following General Education outcomes are assessed during this course:1. Formulate a logical solution to a problem.2. Demonstrate college-level communication through the composition of original materials in Standard American English.
CLASS SUCCESS
Success in Class1. This class requires you to write college-level
essays.
2. All project assignment (essays) are to be submitted in APA Style format.
3. Submit assignments as Word documents with your name and unit in the title (ex: SmithM-IT286-U1.docx) Each assignment has a Grading Rubric that outlines the point values. The rubric is a .pdf file. Review the rubric BEFORE you begin your project.
4. An APA Style sample is posted in Resources on your Kaplan home page. You can use this to prepare your essays. I DO require references! Even if your textbook is your only reference, you must cite it in your References page.
Review the guidelines for plagiarism and cite your sources!
UNIT I
General Security ConceptsREAD Chapter 1
Understanding Information Security
Understanding the Goals of Information Security
Comprehending the Security Process
Authentication Issues to Consider
Distinguishing Between Security TopologiesReading – The link for presentations shows content from a previous textbook and does not match the CompTIA content No Project Assignment due in Unit 1
UNIT I
Understanding Information Security
The security triad…Physical security
involves the protection of assets and information from physical access by unauthorized personnel.
Operational securityincludes access control, authentication, and security topologies after network installation is complete.
Management and Policiesprovide the guidance, rules, and procedures for implementing a security environment.
UNIT I
Goals of Information Security
Prevention refers to preventing computer or information violations from occurring. Examples?
Detectionrefers to identifying events when they occur.
Response refers to developing strategies and techniques to deal with an attack or loss.
UNIT I
Comprehending the Security Process
Antivirus softwareAccess control
MAC, DAC, and RBACAuthentication
Biometrics, Certificates, CHAP, KerberosMulti-factor, Mutual, PAPSecurity Tokens, Smart CardsUsername / Password
UNIT I
Authentication Issues to Consider
Authentication security can be a high maintenance activity
Identity proofing is necessary when a user cannot be authenticated
Use of multi-factor authentication
UNIT I
Distinguish between Security Topologies
Design Goals (CIA)Confidentiality – Integrity – Availability - Accountability
Security ZonesInternet, Intranets, Extranets, DMZDesigning Security Zones
TechnologiesVLANs, NAT (Network Address Translation), and Tunneling
Business Requirements
UNIT I
Business Requirements
Identifying assetsAssessing riskIdentifying threats
Internal ThreatsExternal Threats
Understanding vulnerabilities
Issues with telephonyVoIP
CHAPTER 1
Security Triad
Goals of Info Security Security Processes and Products
Securing the Physical EnvironmentExamining Operational SecurityWorking with Management and Policies
PreventionDetectionResponse
Antivirus softwareAccess ControlAuthentication
Review: Real World Scenarios
Review: Terminology, Review Questions, and Web Links.
Chapter 1 – General Security Concepts
UNIT I
Unit 1 Assignments
Download chapters from Doc SharingRead Chapter 1 (Check out Chapter 2) Post your IntroductionNo Project is due this weekReview the Unit 2 Assignment, Ask QuestionsEmail any questions: [email protected] or call me - 641-649-2980