|
Close Window/Tab
PRINT VIEW -- Opens in new, second window. Use browser controls to close when finished.
Credit- Degree applicable | Effective Quarter: Fall 2020 | I. Catalog Information
| CIS 56 | Network Security | 4.5 Unit(s) |
| Requisites: Advisory: EWRT 200 and READ 200, or ESL 261, 262 and 263; CIS 108. Hours: Lec Hrs: 48.00
Lab Hrs: 18.00
Out of Class Hrs: 96.00
Total Student Learning Hrs: 162.00 Description: Provides broad-based knowledge and hands-on experience with many facets of network security. The course includes website and database attacks/defense, identified vulnerability exploits, layered security approaches, and Active Directory security policy settings. Includes cryptography, hashing, access controls, physical, application, data defenses, auditing and security protocols. Also, the course can help prepare students to pass the CompTIA Security+ Certification exam. |
| Student Learning Outcome Statements (SLO)
| | • Student Learning Outcome: Determine methods to protect network against security vulnerabilities. |
|
II. Course Objectives A. | Explore network security issues |
B. | Investigate access control and identity management |
D. | Investigate policies, procedures, and awareness |
E. | Identify physical security |
F. | Utilize perimeter defenses |
G. | Implement network defenses |
I. | Identify application defenses |
J. | Formulate data defenses |
K. | Perform security assessments and audits |
III. Essential Student Materials IV. Essential College Facilities V. Expanded Description: Content and Form A. | Explore network security issues |
2. | Security roles and concepts |
5. | General attack strategy |
6. | General defense strategy |
7. | Attack and defense strategy overview |
B. | Investigate access control and identity management |
4. | Access control best practices |
5. | Windows domain users and groups |
9. | Hardening authentication |
11. | Network authentication |
5. | Public Key Infrastructure (PKI) |
6. | Cryptography implementations |
D. | Investigate policies, procedures, and awareness |
6. | Certification and accreditation |
9. | Business impact analysis |
10. | Disaster recovery plan |
E. | Identify physical security |
1. | Physical security definitions |
F. | Utilize perimeter defenses |
6. | Network Address Translation (NAT) |
7. | Virtual Private Networks (VPN) |
9. | Network Access Control (NAC) |
G. | Implement network defenses |
2. | Network device vulnerabilities |
4. | Router and switch security |
5. | Intrusion detection and prevention |
3. | Windows system hardening |
I. | Identify application defenses |
1. | Web application attacks |
6. | Application development |
8. | Application software testing |
J. | Formulate data defenses |
K. | Perform security assessments and audits |
1. | Vulnerability assessment |
5. | System testing and monitoring |
VI. Assignments B. | Complete assigned homework review questions |
C. | View assigned security videos |
VII. Methods of Instruction | Lecture and visual aids
Discussion of assigned reading
Discussion and problem solving performed in class
Quiz and examination review performed in class
Homework and extended projects
Laboratory discussion sessions and quizzes that evaluate the proceedings weekly laboratory exercises
|
VIII. Methods of Evaluating Objectives A. | Final exam and midterm or quizzes based on comprehension and mastery of key terms and concepts as well as application skills related to analysis and synthesis of computer concepts. These are evaluated based on correctness. |
B. | Participation in lab skills exercises that demonstrate ability to critically evaluate the proper use of appropriate computer security software to complete a given set of computer-related tasks. |
IX. Texts and Supporting References A. | Examples of Primary Texts and References |
1. | Darril Gibson. "CompTIA Security+: Get Certified Get Ahead." SY0-501 Edition. YCDA LLC, 2017. |
B. | Examples of Supporting Texts and References |
1. | Kim, David. “Fundamentals of Information Security." Third Edition. Jones and Bartlett Learning LLC, an Ascent Learning Company, 2018 |
X. Lab Topics A. | Use Active Directory to view, create, manage user accounts and groups |
B. | Eliminate threats with a layered security approach |
C. | Use asymmetric encryption to encrypt and decrypt files |
D. | Perform reconnaissance and probing using common tools |
E. | Perform a vulnerability assessments |
F. | Enable Windows Active Directory and user access controls |
G. | Use Group Policy Objects and Microsoft Baseline Security Analyzer for change control |
H. | Perform packet capture and traffic analysis |
I. | Implement a business continuity plan |
J. | Perform a web site and database attack by exploiting identified vulnerabilities |
|