SYLLABUS DATE OF LAST REVIEW: 012/2016 CIP CODE: Departmental Syllabus SEMESTER: Information Assurance COURSE TITLE: CIST0225 COURSE NUMBER:

Size: px

Start display at page:

Download "SYLLABUS DATE OF LAST REVIEW: 012/2016 CIP CODE: Departmental Syllabus SEMESTER: Information Assurance COURSE TITLE: CIST0225 COURSE NUMBER:"

Esther Marsh
5 years ago
Views:

1 SYLLABUS DATE OF LAST REVIEW: 012/2016 CIP CODE: SEMESTER: COURSE TITLE: COURSE NUMBER: Information Assurance CIST0225 CREDIT HOURS: 4 INSTRUCTOR: OFFICE LOCATION: OFFICE HOURS: TELEPHONE: KCKCC-issued accounts are the official means for electronically communicating with our students. PREREQUISITES: CIST0125 Network, Operational & information Security REQUIRED TEXT AND MATERIALS: Please check with the KCKCC bookstore, for the required text for your particular class. COURSE DESCRIPTION: This course will provide students with the required skills to implement and apply technical knowledge of security concepts. Students will gain a deep knowledge in systems access control, cryptography and systems security threads. The gained skills from this course are important for intrusion detection systems, physical access control and multi factor and many other system security issues. Students will be given real world scenarios to reinforce the material covered in this course and they will learn how to apply the learned concepts to their daily operations.

2 METHOD OF INSTRUCTION: A variety of instructional methods may be used depending on content area. These include but are not limited to: lecture, multimedia, cooperative/collaborative learning, labs and demonstrations, projects and presentations, speeches, debates, and panels, conferencing, performances, and learning experiences outside the classroom. Methodology will be selected to best meet student needs. COURSE OUTLINE: I. Threats and Vulnerabilities A. Types of malware. B. Various types of attacks C. Social engineering attacks and the associated effectiveness with each attack D. Wireless attacks. E. Application attacks. F. Mitigation and deterrent techniques. G. Tools and techniques to discover security threats and vulnerabilities. H. Penetration testing and vulnerability scanning. II. II. Access Control and Identity Management A. Function and purpose of authentication services B. Authentication, Authorization and Access control (AAA) C. Install and configure security controls for account management. Cryptography A. Cryptography concepts. B. Cryptographic methods. C. Public Key Infrastructure (PKI), Certificate management and associated components. EXPECTED LEARNER OUTCOMES: A. Upon completion of the course the student will be able to define types of malware. B. Upon completion of the course the student will be able to explain social engineering attacks C. Upon completion of the course the student will be able to explain wireless attacks. D. Upon completion of the course the student will be able to explain application attacks E. Upon completion of the course the student will be able to explain tools and techniques to discover security threats and vulnerabilities. F. Upon completion of the course the student will be able to explain authentication services G. Upon completion of the course the student will be able to explain the concepts of AAA. H. Upon completion of the course the student will be able to install and configure security controls for account management. I. Upon completion of the course the student will be able to explain cryptography concepts J. Upon completion of the course the student will be able to define cryptographic methods

3 COURSE COMPETENCIES: Upon completion of the course the student will be able to show knowledge of types of malware 1. The student shall be able to define Adware, Virus, Spyware Trojan, Rootkits & Backdoors 2. The student shall be able to define Logic bomb, Botnets Ransomware, Polymorphic malware & armored virus. 3. The student shall be able to define DDoS, Smurf attack, Spoofing, Spam, Phishing, Spim & Vishing. 4. The student shall be able to define Spear phishing, Xmas attack, Pharming, Privilege escalation & Malicious insider threat 5. The student shall be able to define DNS poisoning and ARP poisoning, Transitive access, Client-side attacks, Typo squatting/url hijacking & Watering hole attack 6. The student shall be able to define Password attacks: Brute force, Dictionary attacks, Hybrid, Birthday attacks &Rainbow tables Upon completion of the course the student will be able to show knowledge of social engineering attacks. 7. The student shall be able to explain the principles social engineering attacks 8. The student shall be able to explain Shoulder surfing, Dumpster diving & Tailgating 9. The student shall be able to explain Impersonation, Hoaxes, Whaling & Vishing Upon completion of the course the student will be able to show knowledge of wireless attacks. 10. The student shall be able to explain Rogue access points, Jamming/interference & Evil twin. 11. The student shall be able to explain War driving, Bluejacking, Bluesnarfing & War chalking. 12. The student shall be able to explain IV attack, Packet sniffing & near field communication. 13. The student shall be able to explain Replay attacks, WEP/WPA attacks& WPS attacks. Upon completion of the course the student will be able to show knowledge of application attacks. 14. The student shall be able to explain Cross-site scripting, SQL, LDAP & XML & Directory traversal/command injection. 15. The student shall be able to explain Buffer & Integer overflow, Zero-day, Cookies and attachments & Locally Shared Objects. 16. The student shall be able to explain Flash cookies, malicious add-ons, Session hijacking, Header manipulation & arbitrary code execution/remote code execution. 17. The student shall be able to explain Monitoring system logs: Event logs, Audit logs, Security logs & Access logs. 18. The student shall be able to explain Disabling unnecessary services & accounts, Protecting management interfaces and applications & Password protection. 19. The student shall be able to explain MAC limiting and filtering, 802.1x, disabling unused interfaces and unused application service ports & Rogue machine detection. 20. The student shall be able to explain Security posture: Initial baseline configuration, Continuous security monitoring & Remediation. 21. The student shall be able to explain Reporting (Alarms, Alerts & Trends) & Detection controls vs. prevention controls.

4 Upon completion of the course the student will be able to show knowledge of tools and techniques to discover security threats and vulnerabilities. 22. The student shall be able to explain Interpret results of security assessment tools: Protocol analyzer, Vulnerability scanner, Honeypots, Honeynets, Port scanner, Passive vs. active tools & Banner grabbing 23. The student shall be able to explain Risk calculations (Threat vs. likelihood), Assessment types (Risk, Threat &Vulnerability) & Assessment technique ( Baseline reporting, Code review, Determine attack surface, Review architecture & designs) 24. The student shall be able to explain Penetration testing: Verify a threat exists, Bypass security controls, actively test security controls & Exploiting vulnerabilities. 25. The student shall be able to explain Vulnerability scanning: Passively testing security controls, Identify vulnerability, lack of security controls & common misconfigurations, Intrusive vs. non-intrusive scanning, Credentialed vs. non-credentialed scanning & false positive. 26. The student shall be able to explain Black, White & Gray box. Upon completion of the course the student will be able to show knowledge of authentication services. 27. The student shall be able to explain RADIUS, TACACS+,Kerberos, LDAP, XTACACS, SAML & Secure LDAP Upon completion of the course the student will be able to show knowledge of the concepts of AAA. 28. The student shall be able to define Authorization: Least privilege, Separation of duties, ACLs, Mandatory access, Discretionary access, Rule & Role-based access control & Time of day restrictions. 29. The student shall be able to define Authentication: Tokens, Common access card, Smart card, Multifactor authentication, TOTP, HOTP, CHAP, PAP, Single sign-on, Access control, Implicit deny & Trusted OS. 30. The student shall be able to explain Authentication factors: Something (you are, you have, you know), somewhere you are & something you do. 31. The student shall be able to explain Identification (Biometrics, Personal identification verification card & Username). 32. The student shall be able to explain Federation & Transitive trust/authentication. Upon completion of the course the student will be able to show knowledge of installing and configuring security controls for account management. 33. The student shall be able to mitigate issues associated with users, multiple account, roles and/or shared accounts 34. The student shall be able to define Account policy enforcement: Credential management, Group policy, Password complexity, Expiration, Recovery, Disablement, Lockout, Password history, reuse & length & Generic account prohibition. 35. The student shall be able to explain Group-based privileges, User-assigned privileges, User access reviews & Continuous monitoring

5 Upon completion of the course the student will be able to show knowledge of cryptography concepts 36. The student shall be able to explain Symmetric vs. asymmetric, Session keys, In-band vs. out-of-band key exchange & encryption methods (Block vs. stream) 37. The student shall be able to explain Transport encryption, Non-repudiation, Hashing, Key escrow, Steganography, Digital signatures, Elliptic curve and quantum cryptography, Ephemeral key & perfect forward secrecy. Upon completion of the course the student will be able to show knowledge of cryptographic methods. 38. The student shall be able to explain Comparative strengths and performance of algorithms. 39. The student shall be able to explain Use of algorithms/protocols with transport encryption (SSL, TLS, IPSec, SSH & HTTPS) 40. The student shall be able to explain Cipher suites & Key stretching: (PBKDF2 & Bcrypt). 41. The student shall be able to explain Certificate authorities and digital certificates (CA, CRLs, OCSP & CSR). 42. The student shall be able to explain PKI, Recovery agent, Public & Private key, Registration, Key escrow & Trust models ASSESSMENT OF LEARNER OUTCOMES: Student progress is evaluated by means that include, but are not limited to, exams, written assignments, and class participation. SPECIAL NOTES: This syllabus is subject to change at the discretion of the instructor. Material included is intended to provide an outline of the course and rules that the instructor will adhere to in evaluating the student s progress. However, this syllabus is not intended to be a legal contract. Questions regarding the syllabus are welcome any time. Kansas City Kansas Community College is committed to an appreciation of diversity with respect for the differences among the diverse groups comprising our students, faculty, and staff that is free of bigotry and discrimination. Kansas City Kansas Community College is committed to providing a multicultural education and environment that reflects and respects diversity and that seeks to increase understanding. Kansas City Kansas Community College offers equal educational opportunity to all students as well as serving as an equal opportunity employer for all personnel. Various laws, including Title IX of the Educational Amendments of 1972, require the college s policy on non-discrimination be administered without regard to race, color, age, sex, religion, national origin, physical handicap, or veteran status and that such policy be made known. Kansas City Kansas Community College complies with the Americans with Disabilities Act. If you need accommodations due to a documented disability, please contact the disabilities services office at (913)

6 All enrolled students at Kansas City Kansas Community College are subject to follow all rules, conditions, policies and procedures as described in both the Student Code of Conduct as well as the Student Handbook. All Students are expected to review both of these documents and to understand their responsibilities with regard to academic conduct and policies. The Student Code of Conduct and the Student Handbook can be found on the KCKCC website.

SYLLABUS. Departmental Syllabus CIST Departmental Syllabus. Departmental Syllabus. Departmental Syllabus. Departmental Syllabus

SYLLABUS. Departmental Syllabus CIST Departmental Syllabus. Departmental Syllabus. Departmental Syllabus. Departmental Syllabus SYLLABUS DATE OF LAST REVIEW: 02/2013 CIP CODE: 11.0901 SEMESTER: COURSE TITLE: Advanced System Manager (Windows 2008 Network) COURSE NUMBER: CIST-0218 CREDIT HOURS: 4 INSTRUCTOR: OFFICE LOCATION: OFFICE