Upload
jojo-cansino
View
215
Download
0
Embed Size (px)
Citation preview
7/30/2019 SECUNET Syll for PAASCU - Detailed-eric
1/8
SECUNET Syllabus
I. COURSE IDENTIFICATION
Course Title Basic Network SecurityCourse Credit 3 UNITS
CoursePrerequisite
Advanced Networking Concepts
CourseCorequisite
NONE
CourseDescription
The course covers the fundamentals of network security. The extent of coverage is confined to the concepts necessary to provide the studewith a good working knowledge in network security. Appropriate hacking tools and security tools will be utilized to supplement and complemethe different network security concepts discussed.
II. COURSE OBJECTIVESGeneral Objective To introduce the basic concepts of network security to BSIT students.Specific Objectives At the end of the course, the students should be able to:
1. Aware of the basic security management concepts.2. The difference between policies, standards, guidelines, and procedures.3. Determine the level of threat provided by the intruders.4. Explain the ways and good practices of network security.5. Understand some laws pertaining to cyber crimes.6. Differentiate the level of security and weaknesses in each network.7. Name network attacks and vulnerabilities.8. Use some methods of testing for network vulnerabilities.9. Use some hacking prevention techniques.10.Understand the Information Technology Infrastructure Library11.Document company IT Use Policies
III. TEXTBOOK(S) AND REFERENCES
Textbook(s) Graves, K. (2010). CEH. United Kingdom: Wiley Pub. Kartalopoulos, S.V (2009). Security of Information and Communication. UnitedKingdom:Wiley Pub.Basta,A. (2008). Computer Security and Penetration Testing. Thomson. Fourouzan, B.A (2008). Cryptography and Network Security. McGrHill
References Gregg, M.C (2008). Build Your Own Lab. Wiley Pub. Ye,N. (2008). Secure Computer and Network System. J.Wiley Pub. Jacobson,D. (2009
Information Technology Education Department
7/30/2019 SECUNET Syll for PAASCU - Detailed-eric
2/8
Introduction to Network Security. CRC.
Module Objectives Activities/Tasks/Skills/Focus Learning Resources Value Focus Assessment/Eval
Week 1
Module 1: Orientation, Reviewof the Course SyllabusExpectations leveling andClassroom Rules Formulation
Chapter 1 : SecurityManagement Practices
Module 2: InformationSecurity TriadBasic Security ConceptsConfidentialityIntegrity
Availability
Module 3: SecurityManagementSecurity Program DevelopmentSecurity Control Goals
Module 4: Information RiskManagementKinds of IRMCountermeasures or SafeguardSecurity Controls(Functional vs. Assurance)Classification Controls
At the end of the period, the studentsshould be able to:
1. Explain what the course is all about;2. Recall and agree on expected
classroom behavior and procedures.Relive the basic tenets beingdiscussed in the class.
3. Know the basic information aboutsecurity management concepts
4. The difference between policies,standards, guidelines, andprocedures
5. Security awareness concepts6. Risk Management
Discussion of the syllabus,
review of classroom rules andprocedures.
Discussion of chapter 1 about
Security ManagementPractices
Review on Different kinds of
information and databasevalues
Practical laboratory on
capturing and observinginformation within the network
Syllabus
Reference books
Cisco Router
Wireshark
Determination
Perseverance
Short Quiz
Recitation
Assignment
Laboratory Exe
Week 2
Chapter 2: Access Control
Module 5: IdentityManagement
At the end of the period, the studentsshould be able to:
1. Understand the threats,vulnerabilities, and risks which areassociated with the information
Discussion on how to gainaccess base on privilegesand user account roles asusers on the network
Familiarization of the basic
terms of network security as
Syllabus
Reference Books
Packet Tracer
Net Scan
Determination
Knowledge
Technical Skills
Comprehension
Logic
Short Quiz
Recitation
Seatwork
Laboratory Exe
Assignment
7/30/2019 SECUNET Syll for PAASCU - Detailed-eric
3/8
Components of Access ControlAccount Management
Module 6: AuthenticationPassword Management andTechniquesTypes of Biometrics
Problems with Biometrics
Module 7: Access ControlModulesDiscretionary Access ControlMandatory Access ControlNon Discretionary AccessControlRole Based Access Control
system2. Explain and apply the preventive and
detective measure that are availableto counter them
3. Compare and contrast the differentkinds of biometrics as well as howthey help to secure the network
4. Explain the role and methods on how
Access Control Modules works tosecure the network
well as the right usage ofpassword
Discussion of the different
way on how to secure thesystem using biometrics
Basic alphanumeric
password creation andaccess-list restriction
practical laboratory exercise
Week 3
Chapter 3:Telecommunication andNetwork Security
Module 8 - Remote AccessSecurity ManagementSecuring Telecommunicationand User ConnectivityRemote User ManagementIssues
Module 9 - Intrusion Detectionand ResponseFundamental Variation on howIDS worksComputer Incident andResponse
Long Quiz
At the end of the period, the studentsshould be able to:
1. Communications and networksecurity as it relates to voice, data,multimedia, and facsimiletransmissions in terms of local area,wide area, and remote access
2. Communications security techniquesto prevent, detect, and correct errorsso that integrity, availability, and theconfidentiality of transactions overnetworks may be maintained
3. Internet/intranet/extranet in terms offirewalls, routers, gateways andvarious protocols
4. Communications securitymanagement and techniques, whichprevent detect, and correct errors so
that the transactions over networksmay be maintained
Review on how to perform
remote management as wellas securing the connection
Discussion of basic
fundamentals of IntrusionDetection System
Discussion of Computer
Incident and Response
Discussion of network attacks
and abuses
Practical Laboratory in
remote connection usage andintrusion detection simulation
Syllabus
Reference Books
Cisco Routers
Packet Tracer
WireShark GNS3 Simulator
VNC
Determination
Knowledge
Perseverance
Enthusiasm
Teamwork
Long Quiz
Recitation
Seatwork
Hands On Lab
exercise
Week 4Continuation of the previouschapter
7/30/2019 SECUNET Syll for PAASCU - Detailed-eric
4/8
Module 10: Back Up Conceptsand MethodsKinds of Backup MethodsBack Up Concepts andTechniquesCommon Back up Issues
Module 11: Single point offailuresManaging Single Point ofFailures
Module 12: Network Attacksand AbusesDenial of ServiceSession Hijacking Attack
ACRONIS,
Windows System
Backup
Backtrak
Week 5
Chapter 4: LayeredArchitecture Model andFirewall Concepts
Module 13: OSI ReferenceModel and TCP/IP ModelSeven OSI Reference Model
Module 14: OSI SecurityService and ManagementBasic Security ManagementSecurity Mechanism
Module 15: FirewallArchitecturesTypes of Firewall and Concepts
At the end of the period, the studentsshould be able to:
1. Explain the various role of OSImodels
2. Compare and Contrast OSIReference Model and the TCP/IPModel
3. Key Concepts of how firewall worksto protect our network
Review of the OSI Reference
model
Review of the TCP/IP Model
Discussion of Firewall
Architectures
Simulation on how firewall
works against threats
Syllabus
Reference Books
Firewall Simulator
(ice black) Cisco Routers
Packet Tracer
Wireshark
Determination
Knowledge
Technical Skills
Dedication Teamwork
Short Quiz
Seatwork
Recitation
Practical Exam Hands On Lab
Exercise
Week 6
Chapter 5- Cryptography
Module 16: Cryptography
At the end of the period, the studentsshould be able to:
1. Overview of Cryptography andencryption techniques
Review of Cryptography
History
Review of Cryptography key
concepts
Syllabus
Reference Books
Cain and Abel
Packet Tracer
Determination
Knowledge
Technical Skills
Dedication
Short Quiz
Seatwork
Recitation
Hands On Lab
7/30/2019 SECUNET Syll for PAASCU - Detailed-eric
5/8
ConceptsCryptography TerminologyCryptosystem Development
Module 17: CryptographyHistoryShift CipherTransposition Cipher
ScytaleVigenere Cipher
Module 18: SymmetricCryptographyDESTriple DESRC4,RC5,RC6BlowfishIDEASymmetric Cons
2. Explain the Cryptography KeyFundamentals and History
3. Distinguish the different types ofencryption modes
Discussion of the kinds of
Cryptography and thedifferent encryption modes
Practical Laboratory,
Encryption implementation
Wireshark
TrueCrypt,
CommuniCrypt
Enthusiasm
Excitement
Logic
Exercise
Week 7Continuation of the previouschapter
Module 19: AsymmetricCryptographyDiffie-HelmanRSA,DSAEl-GamalElliptic Curve Cryptosystem
Module 20: Encryption ModesCipher Block EncryptionBlock EncryptionStream Cipher
Week 8
Long Quiz 2
Film Showing : Hackers Wanted
At the end of the period, the students
should be able to:1. Evaluate students on what they learn
on the previous weeks2. Assess their theoretical skills3. Assess movies on how ethical
hacking affect the community
Assessment of the theoretical
capability of the student Film Showing
Syllabus
Reference Books
Modules
Movie
Determination
Perseverance
Motivation
Knowledge
Comprehension
Long Quiz
Recitation
Seatwork
Hands On Lab
Exercise
7/30/2019 SECUNET Syll for PAASCU - Detailed-eric
6/8
Week 9
Chapter 6: SecurityArchitecture
Module 21: System SecurityArchitectureSecurity Architecture Terms and
PerimetersBasic Hardware Architecture
Module 22: System SecurityModelState Machine ModelBell-Lapadula ModelBIBA ModelLatice Model
Module 23: Security Modes ofOperationDedicated Security ModeSystem High Security Mode
At the end of the period, the studentsshould be able to:1. Identify the different computer
components as well as theirrespective functions
2. Methods on how the security modelswork
3. Understand the system security
model in performing protectionmechanism against threats
Discussion of the system
security architecture
Review of the computer
components
Discussion of the System
security model and modes ofoperation
Syllabus
Reference Books
Modules
Computer
Components
Determination
Motivation
Technical
Teamwork
Short Quiz
Recitation
Seatwork
Practical Skills
Week 10
Chapter 7:BusinessContinuity Planning andDisaster Recovery Planning
Module 24: BusinessContinuity PlanningBCP DR Key ConceptsCreating a BCP
Module 25: Disaster RecoveryManagementRecovery Planning
Warm SiteCold SiteRestoration Methods
Module 26: Electronic
At the end of the period, the studentsshould be able to:
1. Understand the basic differencebetween business continuity planningand disaster recovery planning
2. Explain the difference betweennatural and man made disaster.
3. Identify the four prime Businesscontinuity planning elements
4. Evaluate the steps in creating adisaster recovery plan
5. Explain the five types of disasterrecovery plan test
6. Understand and implement thedifferent types of back up plan
Discussion on Business
Continuity Planning
Review on the Disaster
Recovery Management
Discussion of Electronic
Vaulting and RemoteJournaling
Syllabus
Reference Books
Modules
Determination
Motivation
Perseverance
Teamwork
Knowledge
Short Quiz
Seatwork
Assignment
Practical Skills
7/30/2019 SECUNET Syll for PAASCU - Detailed-eric
7/8
Vaulting and RemoteJournalingBackup Plans and CategoryRemote JournalingTape Vaulting
Week 11
Chapter 8: PhysicalEnvironmental Security
Module 27: Physical SecurityFundamentalsThreats and Physical SecurityProblemsPhysical Security FundamentalsSecurity Zones
Module 28: EnvironmentalIssues and Practices
Automatic Fire Prevention andSuppression SystemPerimeter SecurityPhysical IDS
At the end of the period, the studentsshould be able to:
1. The elements involved in choosing asecure site and its design andconfiguration
2. The methods for securing a facilityagainst unauthorized access
3. The methods for securing theequipment against theft of either theequipment or its containedinformation
4. The environmental and safetymeasures needed to protectpersonnel, and the facility and itsresources
Discussion of the Physical
Security Fundamentals
Review on the EnvironmentalIssues and Practices
Practical Laboratory, Physical
Security
Syllabus
Reference Books
Packet Tracer
Determination
Motivation
Teamwork Enthusiasm
Technical
Knowledge
Short Quiz
Seatwork
Assignment Practical Skills
Hands On Lab
Physical Secu
Week 12
Chapter 9: Cybercrimes andother Legal Stuff
Module 29: Complexities inCyber CrimeComplexities in Cyber CrimeTypes of Law and key concepts
Module 30 : International
Protection of PropertySoftware PiracyDifferent Laws and Regulations
Module 31 : Computer Fraudand Abuse
At the end of the period, the studentsshould be able to:1. Understand what laws apply to
computer crimes.2. How to determine if a crime has
occurred3. The basics of conducting an
investigation and the liabilities underthe law
Discussion of the
complexities in cyber crime
Review on the international
protection of property
Discussion on Computer
Fraud and Abuse
Discussion on Employee
Privacy
Syllabus
Modules
Reference Books
Computer Laws
Determination
Motivation
Technical
Knowledge
Perseverance
Short Quiz
Seatwork
Practical Lab
Recitation
Assignment
7/30/2019 SECUNET Syll for PAASCU - Detailed-eric
8/8
Gram Leach Bliley Act of 1999Federal Privacy Act of 1974
Week 13
Module 32 EmployeePrivacy IssuesEmployee Privacy Issues
Company Liability Issues
Computer ForensicInvestigationInvestigation and IncidentResponse
Module 33 IT Use PoliciesCompany IT infrastructure andnetwork design
Discussion on legal and
privacy issues on IT
Discussion on mitigation ofrisk and response to incidents
Audit a companys network
infrastructure
Assess and recommends
companys network security
Investigate
Assess
Perseverance
Discover
Week 14
Final Examination
At the end of the period, the studentsshould be able to:
1. Evaluate their knowledge acquiredthrough the subject
EXAM EXAM