WILLIAM PATERSON UNIVERSITY OF NEW JERSEY COLLEGE OF SCIENCE AND HEALTH Computer Science Department Course Outline

Transcription

1 WILLIAM PATERSON UNIVERSITY OF NEW JERSEY COLLEGE OF SCIENCE AND HEALTH Computer Science Department Course Outline 1. Title of Course, Course Number and Credits: CS399 Computer and Network Security, 3 credits (Core/Elective for Computer Science Major) 2. Course Prerequisites CS345 Operating System 3. Description of the Course Consistent With the WPUNJ Catalog This course provides a comprehensive and balanced coverage of the basic concepts, principles, and practices of computer and network security. Topics include computer and network vulnerabilities; privacy of information; security goals and requirements; security policies, planning, implementation, administration, and disaster recovery; legal and ethical issues in security. Closely integrated into the above topics are security technologies and tools used to secure system including encryption algorithms and standards; public key infrastructure and certificates; Internet security protocols; firewalls; VPNs; software and hardware based access controls; intrusion detection and prevention systems. 4. Course Objectives The objectives of this course are to familiarize students with the principles and practices of computer and network security including the following topics: Internet architecture and the basics of TCP/IP networking Fundamentals of computer and network security Risks and vulnerabilities of computers and networks Malicious software and how to defend against it Hacking basics and countermeasures Firewall, intrusion detection and prevention systems Wireless network security Privacy and cryptography Encryption algorithms and standards Public key infrastructure and certificates Internet security protocols: IPSec, SSL, TLS and SSH Organizational security policies and planning Protection in general-purpose operating systems Security management and administration Legal and ethical issues in security 1

2 5. Student Learning Outcomes Upon completion of this course, students will be able to: Describe the architecture of the Internet and the basic functions performed by each layer of the TCP/IP protocol suite. Understand various topics and the scope of computer and network security Describe the three basic security requirements confidentiality, integrity, and availability. Describe vulnerabilities of networks and how to protect network resources. Identify different types of malicious software and how to defend against it. Describe how hacking techniques actually work by examining the holes of certain software including operating systems and networking protocols. Describe why wireless communication is particularly prone to hacking and how the risks can be minimized. Understand the basics of cryptography and how it is used to protect privacy. Describe popular encryption/decryption standards and their strengths and weaknesses. Describe the principles of symmetric and asymmetric key systems and their implementation. Use security technologies or tools including firewalls, VPNs, antivirus and antispy software, packet sniffers, biometric devices, to detect or prevent intrusions. Understand various security protocols of the Internet including IPSec, SSL/TLS, and PGP and identify where and how they are used in practice. Understand the importance of having a security policy for an organization. Formulate a security plan that is consistent with security policy and specify requirements that meet security criteria for an organization. Assess security risks and implement appropriate countermeasures for an existing organizational network. Help protect information in an organization by using effective authentication and access control. Describe typical security features offered by a modern operating system and how they are configured to enforce various levels access and privacy controls. Perform basic tasks related to network security management and administration. Describe legal and ethical issues in computer and network security. In addition, this course is expected to help students prepare for the Network+ certification exam CompTIA Security+ certification exam Besides the above set of objectives, this course also helps students to achieve the below university-wide student learning outcomes through lectures; classroom discussions; homework, essay and project assignments; and oral presentations. 2

3 Demonstrate the ability to think critically. This is achieved and measured by solving practical security related problems under different scenarios and by answering question in quizzes, examinations, etc. Locate and use information on security related topics. Homework and written assignments will involve current and emerging security technologies, requiring research on the Internet and the library s recent periodicals. Integrate knowledge and ideas in a coherent and meaningful manner. Lab sessions and projects will have problems applying and integrating various tools and security technologies towards securing computers, networks, and other computing recourses. Effectively express themselves in written and oral form. Students will be expected to carry out at least one extensive research project, hand in a written report, and make an oral presentation. 6. Topical Outline of the Course Content Data communication and networking concepts LANs; MANs; WANs; intranets and internets OSI seven-layer model and the TCP/IP protocol suite Structure and organization of the Internet Computer and network security: definition and scope Security and usability: user-centered security design principles Principles and goals of information, computer and network security Three basic security requirements: confidentiality, integrity, and availability Hackers, hacking techniques, hacking strategies and tools Network attacks or threats: virus, spyware, adware, buffer overflow, spyware, denial of service, rootkits, botnets, phishing, spamming, etc. Network defenses techniques, technologies, and tools: security monitoring, encryption, firewall, VPNs, authentication mechanisms, access controls, intrusion detection and prevention, key infrastructures, antivirus software, computer forensics. Internet security: SSL, TLS, IP security, S/MIME, Kerberos, X.509, and federated identity management. Wireless threat and security Privacy and cryptography: encryption algorithms and standards Public key infrastructure and certificates Security policy, standard, plan, implementation and audit ITU-T X.800: security services and mechanism The Orange Book : Department of Defense Trusted Computer System Evaluation Criteria basis for assessing and securing a system Operating system security tools; managing security: Solaris UNIX security system; Linux UNIX security system; Windows 2008 security system Introduction to network security management and administration Legal and ethical issues in security Future security trends: hardware-based security. 3

4 7. Guidelines/Suggestions for Teaching Methods and Student Learning Activities Inquiry-based lectures Multimedia demonstrations Hands-on lab projects Problem solving sessions Group discussions Reading assignments and term papers Homework, quizzes, and exam 8. Guidelines/Suggestions for Methods of Student Assessment (student learning outcomes) Student learning outcome will be assessed based on the following activities: Weekly homework Reading assignments hands-on lab sessions At least one extensive research project Biweekly quizzes and the final examination Attendance and classroom participation in discussions 9. Suggested Reading, Texts, Objects of Study William Stallings and Lawrie Brown, Computer Security: Principles and Practice, Prentice Hall, The book provides a comprehensive coverage of topics of computer and network security. It also provides support for both research and modeling projects, for both academic and professional audiences. Topics include: Security technologies and principles; threats and countermeasures, from detecting intruders to countering attacks; trusted computing and multilevel security; secure software: Linux and Windows security models; managing security; computer crime, intellectual property, privacy, and ethics; cryptographic algorithms and applications; Internet security including SSL, TLS, IP security, S/MIME, Kerberos, X.509. Lorrie F. Crantor and Simson Garfinkel, Security and Usability: Designing Security Systems People Can Use, O Reilly Media. Inc The book discusses the tradeoff between computer security and usability. It groups 34 essays into six parts: Realigning Usability and Security; Authentication Mechanisms; Secure Systems; Privacy and Anonymity Systems; Commercializing Usability; and the Vendor Perspective--specific experiences of security and software vendors in addressing usability. Michael Whitman, Herbert Mattord, Networking & Security: Principles of Information Security, 3 rd Edition, Course Technology 2007 The book provides an introduction into computer security in general and discusses the important managerial topics for a career in information security. It uses examples of information security issues, tools, and practices implemented in today's businesses, fostering real-world application. Chuck Easttom, Computer Security Fundamentals, Prentice Hall, This book provides coverage of all the basic concepts, terminology and issues, along with essential practical skills. Topics covered include virus attacks, buffer overflow, hacking spyware and network 4

5 defense, cyber terrorism, industrial espionage and encryption, denial of service attacks, malware, basics of assessing and securing a system, Internet fraud, cyber crime, and information warfare, cyber detective, security hardware and software. 10. Bibliography of Supportive Texts and Other Materials Security: Richard Bejtlich, The Tao of Network Security Monitoring: Beyond Intrusion Detection, Addison-Wesley, The book explores the products, people, and processes that implement the NSM model. By focusing on case studies and the application of open source tools, it helps you gain hands-on knowledge of how to better defend networks and how to mitigate damage from security incidents. It also discusses how to use a variety of open-source tools including Sguil, Argus, and Ethereal to mine network traffic for full content, session, statistical, and alert data. Tony Bradley and Harlan Carvey, Essential Computer Security: Everyone s Guide to , Internet, and Wireless Security, Syngress Publishing, Inc, 2006 The book provides the vast home user and small office computer market with the information they must know in order to understand the risks of computing on the Internet and what they can do to protect themselves. Harlan Carvey, Windows Forensics and Incident Recovery, Addison-Wesley, This book provides a 'command-line centric' view of Microsoft and non-microsoft tools for security and system administration on the Windows platform". It focuses on forensics and incident recovery with case studies and real world-examples that cover every significant incident response, recovery, and forensics technique. It discusses methodology for responding to potential attacks and prepares systems to detect incidents, recognize the signatures of an attack, and uncover attacks that evade detection by Event Viewer, Task Manager, and other Windows GUI tools John Chirillo and Edgar Danielyan, Sun Certified Security Administrator for Solaris 9 & 10 Study Guide It is an exam prep book for certification exam based on proven pedagogy, including step-by-step exercises, on-the-job elements, chapter self-tests and more. Run the UNIX based exam engine - included for Sun purists. Greg Conti, Googling Security: How Much Does Google Know About You? Prentice Hall 2009 The book reveals how Google s vast information stockpiles could be used against you or your business and what you can do to protect yourself. It reveals the privacy implications of Gmail, Google Maps, Google Talk, Google Groups, Google Alerts, Google s new mobile applications, and more. It shows how Google s databases can be used by others with bad intent, even if Google succeeds in its pledge of don t be evil. Mirkovic, Dietrich, Dittrich & Reiher, Internet Denial of Service: Attack and Defense Mechanisms, Prentice Hall, DoS is a pervasive and growing threat to the Internet. The book sheds light on a complex and fascinating form of computer attack that impacts the confidentiality, integrity, and availability of millions of computers worldwide. It tells the network administrator, corporate CTO, incident responder, and student how DDoS attacks are prepared and executed, how to think about DDoS, and how to arrange computer and network defenses. It also provides a suite of actions that can be taken before, during, and after an attack. Chuck Easttom, Network Defense and Countermeasures: Principles and Practices, 5

6 Prentice Hall, The book covers a wide range of defense strategies, forms of attacks, and policies related to computer security. Key topics include firewalls, intrusion detection systems, encryption fundamentals, operating system hardening, defending against virus attacks, Trojan horses and spyware, security policies and security standards that are particularly useful for network administrators, network security professionals and security audit professionals. Rob Flickenger and Roger Weeks, Wireless Hacks: Tips and tools for building, Extending, and Securing Your Systems, O Reilly The books provides practical tips and tricks of tens of hacks ranging from passive network scanning to aligning long-distance antennas, beefing up wireless network security, and beyond. Sari Greene, Security Policies and Procedures: Principles and Practices, Prentice Hall, The book teaches information security policies and procedures and provides students with handson practice developing a security policy. This book provides an introduction to security policy, coverage of information security regulation and framework, and policies specific to industry sectors, including financial, healthcare and small business. Peter Gregory, Solaris Security, Sun Microsystems,2000 The book provides a concise guide to maintaining secure systems in the Solaris environment. It covers standalone and networked systems running Solaris and presents a special section on disaster preparation and recovery operations. Michael Gregg, Certified Ethical Hacker Exam Prep, Pearson, A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker. The CEH certification prepares professionals for network penetration testing skills. Along with the most current CEH content, the book also contains the elements that make Exam Preps such strong study aides: comprehensive coverage of exam topics, end-of-chapter review, practice questions, Exam Alerts, Fast Facts, plus an entire practice exam to test your understanding of the material. Greg Hoglund, Gary McGraw, Exploiting Online Games: Cheating Massively Distributed Systems, Prentice Hall 2009 You don't want to be the last person to attack your own system--you should be the first. In our new age where virtual items carry real dollar value, and fortunes are won and lost over items that do not really exist, the new threats to the intrepid gamer are all too real. To protect against these hazards, you must understand them, and this book discusses how to computer games can be exploited so that one can stay one step behind the bad guys. Jesper M. Johansson and Steve Riley, Protect Your Windows Network: From Perimeter to Data, Addison-Wesley, This book addresses the security problem holistically. Through hands-on examples and practical case studies, you will learn how to integrate multiple defenses deterring attacks, delaying them, and increasing the cost to the attacker. Coverage includes: Improving security from the top of the network stack to the bottom; Understanding what you need to do right away and what can wait; Avoiding "pseudo-solutions" that offer a false sense of security; Developing effective security policies and educating those pesky users; Beefing up your first line of defense: physical and perimeter security; Modeling threats and identifying security dependencies; Preventing rogue access from inside the network; Systematically hardening Windows servers and clients; Protecting client applications, server applications, and Web services; and Addressing the unique challenges of small business network security. Raymond Panko, Corporate Computer and Network Security, Prentice Hall

7 The book examines computer and corporate security in the business setting. Its emphasizes implementing security within corporations using existing commercial software and provides coverage of all major security issues. Charles P. Pfleeger, Security in Computing, 3 rd edition, Prentice Hall 2002 The book covers cryptography; program and operating system security; administration; legal, privacy, and ethical issues, etc. It combines core computer science concepts related to operating systems, networks, data bases, and programming, with accessible discussions of the use of cryptography and protocols. The book describes each important area from a developer's or user's point of view, lays out the security vulnerabilities and threats, and follows countermeasures to address them. Honeynet Project, Know Your Enemy: Learning about Security Threats, 2 nd edition, Addison-Wesley, The Honeynet, a relatively new security technology made up of networks of systems that are designed to be compromised. It is created by the Research Alliance and active contributors throughout the security community. The book discusses how to set up a honeynet, how to analyze the collected data, and what the authors have learned about "the enemy" from the data. It covers new techniques and technologies never published before, including second-generation and distributed Honeynets. It also explains data analysis in much greater detail, with entire chapters dedicated to Window forensics, UNIX forensics, reverse engineering, and network forensics. Jakobsson & Ramzan, Crimeware: Understanding New Attacks and Defenses, Addison-Wesley, 2008 This book discusses essential security principles, techniques, and countermeasures to keep you one step ahead of the criminals, regardless of evolving technology and tactics. It helps you understand how crimeware works, how to identify it, and how to prevent future attacks before company s valuable information falls into the wrong hands. It will also help a reader to understand current and emerging security threats including rootkits, bot networks, spyware, adware, and click fraud; to recognize the interaction between various crimeware threats; to gain awareness of the social, political, and legal implications of these threats; to learn valuable countermeasures to stop crimeware in its tracks, now and in the future; and to acquire insight into future security trends and threats, and create an effective defense plan. Edward Skoudis, Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, 2 nd edition, Prentice Hall PTR, This book helps one understands attack strategies, attack tools, and the defenses against both It covers everything from the basic principles to the fine details of online attack methods and counterstrategies, to effective defenses, recognize attacks in progress, and respond quickly and effectively in both UNIX/Linux and Windows environments. Important features of this new edition include "anatomyof-an-attack" scenarios and tools, an section on wireless hacking: war driving, wireless sniffing attacks, a comprehensive coverage of reconnaissance tools, including Nmap port scanning and "Google hacking", and more. Sean Smith & John Marchesini, Craft of System Security, Addison-Wesley, 2008 The book first provides a coherent framework for understanding today's systems and vulnerabilities. It then systematically introduces the basic building blocks for securing contemporary systems, apply those building blocks to today's applications, and consider important emerging trends such as hardware-based security. It discusses the classic Orange Book approach to security, and its limitations; the use of operating system security tools and structures--with examples from Windows, Linux, BSD, and Solaris; how networking, the Web, and wireless technologies affect security; software security defects, from buffer overflows to development process flaws; cryptographic primitives and their use in secure systems; the best practice techniques for authenticating people and computer systems in diverse settings; the use of validation, standards, and testing to enhance confidence in a system's security; the security, privacy, and trust issues arising from desktop productivity tools; the digital rights management, watermarking, information hiding, and policy expression; the principles of humancomputer interaction (HCI) design for improved security; and the potential of emerging work in hardware-based security and trusted computing 7

8 William Stallings, Cryptography and Network Security, 4th Edition, Prentice Hall The bool provides a comprehensive treatment of cryptography and network security. It explores the basic issues of cryptography and network security technology; examines the practice of network security via applications that are in use today; provides a simplified AES that enables readers to grasp the essentials of AES more easily; features block cipher modes of operation, including the CMAC mode for authentication and the CCM mode for authenticated encryption; and includes an expanded, updated treatment of intruders and malicious software. Peter Szor, The Art of Computer Virus Research and Defense, Addison-Wesley, The book discusses how viruses are analyzed, how they spread, and can they be effectively defended against. It offers an encyclopedic treatment of computer viruses, including: a history of computer viruses, viral behaviors, classification, protection strategies, anti-virus techniques, and how to conduct an accurate threat analysis. Topics include: Discovering how malicious code attacks on a variety of platforms; Classifying malware strategies for infection, in-memory operation, self-protection, payload delivery, exploitation, and more; Identifying and responding to code obfuscation threats: encrypted, polymorphic, and metamorphic; Mastering empirical methods for analyzing malicious code and what to do with what you learn; Reverse-engineering malicious code with disassemblers, debuggers, emulators, and virtual machines; Implementing technical defenses: scanning, code emulation, disinfection, inoculation, integrity checking, sandboxing, honeypots, behavior blocking; and Using worm blocking, host-based intrusion prevention, and network-level defense strategies Vladimirov, Gavrilenko & Mikhailovsky, Wi-Foo: The Secrets of Wireless Hacking, Addison-Wesley, 2004 The book introduces the 'battlefield,' exposing today's 'wide open' wireless networks and their attackers. In a stepwise manner, the book introduces the entire arsenal of hardware and software tools: crucial knowledge for crackers and auditors alike. The book then discusses systematically the countermeasures for building hardened wireless 'citadels'' including cryptography-based techniques, authentication, wireless VPNs, intrusion detection, and more. Topics include: walkthroughs and explanations of typical attacks; Building wireless hacking/auditing toolkit: detailed recommendations, ranging from discovery tools to chipsets and antennas; War-driving: network mapping and site surveying; Potential weaknesses in current and emerging standards, including i, PPTP, and IPSec; Implementing strong, multilayered defenses; Wireless IDS: why attackers aren't as untraceable as they think; Wireless hacking and the law: what's legal, what isn't. Linda Volonino, Reynaldo Anzaldua, Jana Godwin, Computer Forensics: Principles and Practices, Prentice Hall 2008 By applying information systems, computer security, and criminal justice principles and practices to crime investigations and other legal actions, this text teaches students how to use forensically-sound methodologies and software to acquire admissible electronic evidence (e-evidence) with coverage of computer and forensics, cell phone and IM forensics, and PDA and Blackberry forensics. Wallace Wang, Steal This Computer Book 4.0: What They Won't Tell You About the Internet, 4th edition, No Starch Press, This is a non-technical book that examines what hackers do, how they do it, and how readers can protect themselves. Informative, irreverent, and entertaining, the completely revised fourth edition of Steal This Computer Book contains new chapters that discuss the hacker mentality, lock picking, exploiting P2P file sharing networks, and how people manipulate search engines and pop-up ads. Includes a CD with hundreds of megabytes of 100% FREE hacking and security-related programs that tie-in to each chapter in the book. Websites for Information on Security: 8

9 ITU X.800: Security Architecture for Open System Interconnection for CCITT Connection recommendation ( ) Department of Defense: Department of Defense Trusted Computer System Evaluation Criteria or TCSEC ( or for a short summary, visit CERT Coordination Center (CERT/CC), addresses risks at the software and system level and focuses in recent years on identifying and addressing existing and potential threats, notifying system administrators and other technical personnel of these threats, and coordinating with vendors and incident response teams worldwide to address the threats ( The Honeynet Project: an international, non-profit research organization dedicated to improving the security of the Internet ( Statistics on recent top security risks and other useful security related information Nmap is a free and open source utility for network exploration or security auditing. Many systems and network administrators find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime, etc. ( Operating Systems: Roberta Bragg, Windows Server 2003 Security: A Technical Reference, Addison Wesley, The book summarizes decades in IT administration and security. It covers the core principles of information security throughout your plans and processes; establishes effective authentication and passwords; restricts access to servers, application software, and data; makes the most of the Encrypting File System (EFS); uses Active Directory's security features and secure Active Directory itself; develops, implements, and troubleshoots group policies; deploys a secure Public Key Infrastructure (PKI); secures remote access using VPNs via IPSec, SSL, SMB signing, LDAP signing, and more; audits and monitor your systems, detect intrusions, and respond appropriately; maintains security and protect business continuity on an ongoing basis. Brian Komar, Windows Server 2008 PKI and Certificate Security, Get in-depth guidance for designing and implementing certificate-based security solutions straight from PKI expert Brian Komar. No need to buy or outsource costly PKI services when you can use the robust PKI and certificate-based security services already built into Windows Server 2008! This in-depth reference teaches you how to design and implement even the most demanding certificate-based security solutions for wireless networking, smart card authentication, VPNs, secure , Web SSL, EFS, and code-signing applications using Windows Server PKI and certificate services. A principal PKI consultant to Microsoft, Brian shows you how to incorporate best practices, avoid common design and implementation mistakes, help minimize risk, and optimize security administration. This definitive reference features a CD loaded with tools, scripts, and a fully searchable ebook. Jesper M. Johansson and MVPs with the Microsoft Security Team, Windows Server 2008 Security Resource Kit, Microsoft

10 The book covers planning and implementing security features in Windows Server 2008 and delivers the in-depth, technical information and tools one need to help protect your Windows based clients, server roles, networks, and Internet services. It also discusses how to plan and implement comprehensive security with special emphasis on new Windows security tools, security objects, security services, user authentication and access control, network security, application security, Windows Firewall, Active Directory security, group policy, auditing, and patch management. Gary Nutt, Operating Systems, 3rd edition, Addison Wesley 2003 William Stallings, Operating Systems: Internals and Design Principles, 6th edition; Pearson/Prentice Hall 2008 Andrew Tanenbaum, Operating Systems, 3rd edition; Pearson/Prentice Hall 2008 Paul A. Watters, The Complete Reference: Solaris 10, McGraw Hill/Osborne 2005 Discussions of security from the standpoint of system administration with five chapters: System security; File system access control; Role-based access control; Users, groups, and Sun Management Console; Kerberos and pluggable authentication. Networking fundamentals: William J. Beyda, Data Communications: From Basics to Broadband, 4 th edition, Prentice Hall, Bradford, The Art of Computer Networking, Prentice Hall, J. Richard Burke, Network Management: Concepts and Practice, A Hands-On Approach, Prentice Hall, Douglas E. Comer, Hands-on Networking with Internet Technologies, 2 nd edition, Prentice Hall, Douglas E. Comer, The Everything You Need to Know About Computer Networking and How the Internet Works, 3 rd edition, Prentice Hall 2000 Douglas E. Comer, Computer Networks and Internets, 5 th edition, Prentice Hall 2009 Behrouz A. Forouzan, Data Communications and Networking, 4 th edition McGraw Hill 2007 Joe Habraken, Absolute Beginner's Guide to Networking, 4 th edition, Que, Fred Halsall, Computer Networking and the Internet, 5 th edition,addison-wesley, Bruce Hallberg, Networking: A Beginner's Guide, 4 th edition, McGraw-Hill Osborne Media, 2005 James F. Kurose & Ross, Computer Networking: A Top-Down Approach, 4 th edition, 10

11 Addison-Wesley, Jorg Liebeherr & El Zarki, Mastering Networks: An Internet Lab Manual, Addison- Wesley, Radia Perlman, Interconnections: Bridges, Routers, Switches, and Internetworking Protocols, 2 nd edition, Addison-Wesley, Stanford H. Rowe, Computer Networking, Prentice Hall, William Stallings, Data and Computer Communications, 8 th edition, Prentice Hall, 2007 Andrew S. Tanenbaum, Computer Networks, 4 th edition, Prentice Hall 2004 Wireless and Mobile Computing: Harold Davis, Anywhere Computing with Laptops: Making Mobile Easier, Que Publishing, Harold Davis, Absolute Beginner's Guide to Wi-Fi Wireless Networking, Que Publishing, 2004 Andy Dornan, The Essential Guide to Wireless Communications Applications, 2 nd edition, Prentice Hall, Roger Riggs, A. Taivalsaari, et al., Programming Wireless Devices with the Java 2 Platform, Micro Edition, 2 nd edition, Prentice Hall, Jochen Schiller, Mobile Communications, 2 nd edition, Addison-Wesley, Network+ and Networking Administration/Pragmatics: David Groth, T. Skandier, B.l Ferguson, CompTIA Network+ Certification Kit: Exam N10-003, Sybex, David Groth, T. Skandier, et al., Network+ Study Guide: Exam N10-003, Deluxe, 2 nd edition, Sybex, J. Scott Haugdahl, Network Analysis and Troubleshooting, Addison-Wesley Professional, Thomas Limoncelli, C.J. Hogan, Strata R. Chalup, Practice of System and Network Administration, 2 nd edition, Addison-Wesley,

12 Tamara Dean, Network+ Guide to Networks, 4th edition, Course Technology, Andrew F. Ward, Connecting to the Internet: A Practical Guide about LAN-Internet Connectivity, Addison-Wesley Professional, Preparers Name and Date: Dr. Erh-Wen Hu, March 21, Original Departmental Approval Date: Fall, Reviser s Name and Date: NA 14.Departmental Revision Approval Date: NA 12