44-555 Network Security Instructor: Scott Bell Office: 2220 Colden Hall Email: sbell@nwmissouri.edu Phone: (660) 562-1699 Description: An introduction to the fundamentals of network security, including compliance and operational security; threats and vulnerabilities; application, data, and host security; access control identity management; and cryptography. The course covers various topics in network security including psychological approaches to social engineering attacks, Web application attacks, penetration testing, data loss prevention, cloud computing security, and application programming development security. The course also provides students with hands-on experience in network security. Prerequisites: CSIS 44-356with a grade of C or better. If you are enrolled in this course without having taken a course which covers this material, and we discover it later in the semester, you will be required to drop this course. Course Objectives: On completion of the course, students should be able to: Define information security and explain why it s important Identify types of common attackers, the basic steps of an attack, and the five principles of defense. Describe types of malware and social engineering attacks. Explain various types of Web application and network attacks such as client-side attacks, buffer overflow attack, denial of service attacks, and interception and poisoning attacks. Describe vulnerability assessment and use various tools and techniques to identify vulnerabilities as well as mitigate and prevent attacks Define application security and explain how to secure a host computer Explain various types of network security devices, network address translation, network access control, and how to enhance security through network design Describe how network applications can be secured using network administration principles and common network protocols
Describe various wireless network attacks and solutions for securing a wireless network Discuss access control including the four access control models Explain various logical access and physical access controls Identify various authentication services such as RADIUS, Kerberos, TACACS, and LDAP Describe the three types of authentication credentials Discuss account management including single sign-on and procedures for securing passwords. Discuss cryptography including hash, symmetric, and asymmetric algorithms Describe various types of digital certificates and how they are used Describe Public Key Infrastructure (PKI) and the different transport encryption algorithms Discuss environmental controls, redundancy planning, as well as disaster recovery and incident response procedures. Explain risk mitigation including how to control risk, types of security policies, and how awareness and training can increase security Text Book: Security+ Guide to Network Security Fundamentals 4th edition Mark Ciampa, Publisher: Course Technology, Copyright: 2012 o ISBN: 978111160125 Undergraduate students: available in textbook services Graduate students: need to purchase Lab Manual You will be charged a minimal fee for a binder and printing costs for the lab manual LabSim online access See instructions on course website Method of Instruction: Class time will be used in three ways: Lectures covering new concepts Hands-on exercises and quizzes over various concepts Answering student questions about assignments and projects In addition, there will be out-of-class reading and homework on a regular (weekly) basis.
Lab Work: This course includes a laboratory component, which you should also be enrolled in. Lab sections will meet every week during the semester. You are required to attend both lecture and laboratory meetings each week. Email: I will use your campus email address to correspond with you. Email is also an excellent way to contact me. When you send me an email message, please include your name and course number in the subject line and a brief idea of what the email is about. For example: Scott Bell CSIS 555Help on lab 1. Note that if you send email via Northwest Online, it automatically includes the course info in the subject line. However, it only includes your sxxxxxx number, which doesn t correspond to your name or 919 number which is what I can see everywhere else. Exams: Exams (both class exams and lab exams) will be given at the times indicated in the course schedule. If you must miss an exam, contact me as soon as possible to see if you can be excused (just sending me an email does NOT mean that you are allowed to miss an exam!). You will NOT be allowed to make up a missed exam unless you provide valid and provable evidence that the absence was excused (i.e. a letter from the wellness center). Quizzes and attendance: It is your responsibility to attend class every day. To help encourage you to attend, I will randomly take attendance and/or have short quizzes during lecture. You will not be allowed to make up any points that you miss unless I receive a letter for a school-sponsored activity prior to the absence or notice from the wellness center that you were unable to attend class that day. There will be no exceptions to this rule. Quizzes will occur during the first 2 Minutes of class. If you show up late, and miss the quiz, you will receive a zero. I will not necessarily give a quiz in every section during the same week, but we will have the same number of quizzes/attendance checks in all sections over the course of the semester. Lab Exercises: Labs must be completed during the scheduled lab time. If your absence is unexcused or your lab is turned in late, you will receive no credit.
The University Network: Unless otherwise indicated, laboratories are intended only for use on the PCs located in the networking laboratory. Any student who uses a PC that is part of the electronic Campus network for laboratories designed to be done in the networking lab only, or who tampers with the University network, will be assigned a grade of "F" for the course and will be subject to student disciplinary procedures by the University. This also applies to class projects. Academic Honesty: The policies stated in the Northwest Missouri State University Undergraduate and Graduate Catalogs will be followed. The document entitled Academic Integrity in CSIS Classes, posted on the course website, clearly explains those types of behavior that would be considered academic dishonesty. You are responsible for reading this document and also the policy as stated in the Graduate or Undergraduate Catalog (whichever applies to you) and abiding by the guidelines described therein. I reserve the right to assign a zero as well as implement the university s academic dishonesty procedures for any incident in which a student has been academically dishonest. This may include assigning a student a failing grade for the course and possibly being removed from the university. Disability Accommodations: Students in this course who need disability accommodations/ modifications should present a copy of their official Northwest accommodation letter from the LAP/S Committee to the instructor during private office hours as early in the term as possible. Additional information can be found online at www.nwmissouri.edu/swd Grading Scale A X >= 90% B 90% > X >= 80% C 80% > X >= 70% D 70% > X >= 60% F 60% > X Point Totals Attendance ~10 @ 5 pts each ~50 Labsim 12 @ 5 pts each 60 Labs 12 @ 5 pts each 60
Exams 4@ 100 pts each 400 Final Exam 1@ 200 pts 200 Total: ~770 Disclaimer: The course instructor reserves the right to adjust this syllabus upon subsequent consideration of student performance, schedule constraints, unexpected semester events, and other such situations. If changes are required, they will be posted on course web site.