Franske CNT-2820 FA10 Schedule

Information Technology & Careers

Information Systems Security Fundamentals CNT-2820 - 3 credits Instructor: Dr. Ben Franske Term: Fall 2010 (8/23/2010-12/15/2010) Meetings: M W 3:00pm-4:40pm Location: B143

This schedule provides an outline of the topics expected to be covered in this course as well as the readings and assignments due each week. Topics and readings may change in which case you will be notified in class or by e-mail and the latest version of this document is always available from the course wiki. Please have all readings completed prior to the start of each class and be prepared to take part in the discussion. Unless otherwise noted online quizzes and exams are due at 11:59pm on the date indicated.

Session 1: August 23

Topics:

• CNT CLASS Server Account Setup
• Course Overview
• Introduction to Computer Security

Readings:

Due:

Session 2: August 25

Topics:

• Challenges of Securing Information
• What Is Information Security?
• Who Are the Attackers?
• Attacks and Defenses
• Information Security Careers and Certifications

Readings:

• Chapter 1: Introduction to Security

Due:

• Chapter 1 Online Assessment
• Chapter 1 Homework Assignment

Session 3: August 30

Topics:

• Software-Based Attacks
• Hardware-Based Attacks
• Attacks on Virtualized Systems

Readings:

• Chapter 2: Systems Threats and Risks

Due:

• Chapter 2 Online Assessment
• Chapter 2 Homework Assignment

Session 4: September 1

Topics:

• Course Project Overview
• Wiki page creation and editing

Readings:

Due:

NO CLASS: September 6

• Labor Day - NO CLASS

Session 5: September 8

Topics:

• Hardening the Operating System
• Preventing Attacks that Target the Web Browser
• Hardening Web Servers

Readings:

• Chapter 3: Protecting Systems (through Hardening Web Servers)

Due:

Session 6: September 13

Topics:

• Protecting Systems from Communications-Based Attacks
• Applying Software Security Applications

Readings:

• Chapter 3: Protecting Systems (the remainder of the chapter)

Due:

• Chapter 3 Online Assessment
• Chapter 3 Homework Assignment

Session 7: September 15

Topics:

• Network Vulnerabilities
• Categories of Attacks

Readings:

• Chapter 4: Network Vulnerabilities and Attacks (through Categories of Attacks)

Due:

• Course project ideas submitted for approval

Session 8: September 20

Topics:

• Methods of Network Attacks

Readings:

• Chapter 4: Network Vulnerabilities and Attacks (the remainder of the chapter)

Due:

• Chapter 4 Online Assessment
• Chapter 4 Homework Assignment

NO CLASS: September 22

• Student Success Day - Make sure to attend at least two sessions for homework credit!

Session 9: September 27

Topics:

• Crafting a Secure Network

Readings:

• Chapter 5: Network Defenses (through Crafting a Secure Network)

Due:

Session 10: September 29

Topics:

• Applying Network Security Devices
• Host and Network Intrusion Protection Systems (HIPS/NIPS)
• Protocol Analyzers
• Internet Content Filters
• Integrated Network Security Hardware

Readings:

• Chapter 5: Network Defenses (the remainder of the chapter)

Due:

• Chapter 5 Online Assessment
• Chapter 5 Homework Assignment

Session 11: October 4

Topics:

• IEEE 802.11 Wireless Security Protections
• Vulnerabilities of IEEE 802.11 Security

Readings:

• Chapter 6: Wireless Network Security (through Vulnerabilities of IEEE 802.11 Security)

Due:

Session 12: October 6

Topics:

• Personal Wireless Security
• Enterprise Wireless Security

Readings:

• Chapter 6: Wireless Network Security (the remainder of the chapter)

Due:

• Chapter 6 Online Assessment
• Chapter 6 Homework Assignment

Session 13: October 11

Topics:

• What is Access Control
• Logical Access Control Methods

Readings:

• Chapter 7: Access Control Fundamentals (through Logical Access Control Methods)

Due:

Session 14: October 13

Topics:

• Physical Access Control

Readings:

• Chapter 7: Access Control Fundamentals (the remainder of the chapter)

Due:

• Chapter 7 Homework Assignment

Session 15: October 18

Topics:

• Definition of Authentication
• Authentication Credentials

Readings:

• Chapter 8: Authentication (through Authentication Credentials)

Due:

Session 16: October 20

Topics:

• Extended Authentication Protocols
• Remote Authentication and Security

Readings:

• Chapter 8: Authentication (the remainder of the chapter)

Due:

• Chapter 8 Homework Assignment
• Chapter 7 Online Assessment

Session 17: October 25

Topics:

• Risk Management, Assessment, and Mitigation
• Identifying Vulnerabilities

Readings:

• Chapter 9: Performing Vulnerability Assessments (the entire chapter)

Due:

• Chapter 8 Online Assessment
• Midterm Assessment

Session 18: October 27

Topics:

Readings:

Due:

Session 19: November 1

Topics:

Readings:

Due:

Session 20: November 3

Topics:

Readings:

Due:

Session 21: November 8

Topics:

Readings:

Due:

Session 22: November 10

Topics:

Readings:

Due:

Session 23: November 15

Topics:

Readings:

Due:

Session 24: November 17

Topics:

Readings:

Due:

Session 25: November 22

Topics:

Readings:

Due:

Session 26: November 24

Topics:

Readings:

Due:

Session 27: November 29

Topics:

Readings:

Due:

Session 28: December 1

Topics:

Readings:

Due:

Session 29: December 6

Topics:

Readings:

Due:

Session 30: December 8

Topics:

Readings:

Due:

Session 31: THURSDAY December 16

Please not that class meets 2:00-3:50pm on THURSDAY due to finals week. Topics:

Readings:

Due:

---

The instructor reserves the right to modify and adjust the schedule and assignments as needed during the course of this class. The most up to date version will always be available on the course website or from the instructor.