Number and Title of Course: CS459/559 - Network Security

Instructor(s): Dr. Wayne Summers
Office: SCA207B Office phone: (505) 454-3230
Department phone: (505) 454-3295
Office Hours: MWF 1:00-1:50 TR 4-4:50; via e-mail, net-meetings and by appointment
e-mail address: summers_wayne@ColumbusState.edu
homepage:http://csc.ColumbusState.edu/summers

Catalog Description of Course: This course addresses security issues for TCP/IP-based and NT networks. Access Control and Communications Security issues will be covered as well as Internet and intranet security. (3 credits).

Course Prerequisite: CS457 - Computer Networks, MIS420 - Networking in a Business Environment or permission of instructor.

Required Textbook(s): Network Security in a Mixed Environment, IDG Books by Dan Blacharski. 1998, ISBN: 0-7645-3152-2.

Supplementary Books and Materials

Maximum Security, 2nd Edition, SAMS Books by Anonymous, 1998, ISBN: 0-672-31341-3.
Personal BookShelf
Material from the Internet
Software and manuals found in the lab and on the Internet.

Educational Outcomes

Students will be able to identify security breaches in a computer network
Students will be able to discuss major issues concerning computer security.
Students will be able to use standard security tools to locate and fix security leaks in a computer network.

Major Topics

TCP/IP and OSI Network Security
Access Control Issues (Packet Filters, Firewalls)
Communication Security (OSI Layer Security Protocols)
Security Tools
Security Concepts and Terminology
Human Security
Encryption

Instructional Methods and Techniques

The class will meet for two one-hour and fifteen-minute lecture/discussion periods each week.
The lectures should be conducted using state-of-the-art multimedia techniques including a computer projection system.
There should be facilities for demonstrating software and access to computer networks in the classroom.

Many of the assignments should stress hands-on applications by the students. Each student will be expected to attend all lectures. Class participation by all is expected.

Assignments for Course

Readings from the textbook(s)
Outside reading from popular computing and information technology periodicals like PC-Week, PC-Magazine, etc.
Readings from documents found on the Internet

Evaluation

Midterm(s) and Final Exams over the lectures and readings.
Homework including lab assignments on material discussed in class.
Projects or a Term paper on a topic on computer security.

Class Attendance:Class attendance is the responsibility of the student, and it is the student's responsibility to independently cover any material s/he may miss. Class attendance and participation may also be used in determining grades. You should attend all lab sessions. Attendance will be taken.

Exams and Assignments: There will be one midterm exam and one comprehensive final exam. Exams cover material from the text as well as laboratory activities. The lectures may not cover all the material in the textbooks and may be supplemented by additional materials. Late assignments will be subject to up to a 25% deduction in points per day. No credit will be given for assignments that are more than one week late.

Course Evaluation (tentative):

Homework = 200 pts.
Project / Term Paper = 100 pts.
Class participation = 100 pts.
One midterm test = 100 pts.
1 Comprehensive FINAL EXAM = 200 pts.

Grades may be determined according to this scale (tentative):

A 90% - 100% B 80% - 89%

C 70% - 79% D 60% - 69%

SCHEDULE

	Lecture Topic	Homework
Week 1:	Computer Crime, Security and Computer Viruses Ch.1 - What Have You Got to Lose? Ch.2 - Implementing a Security Policy	Week 1 Assignment
Week 2:	Ch.3 - Disaster Recovery MS:Ch. 4 - A Brief Primer on TCP/IP
Week 3:	Ch.4 - Security Levels Ch. 5 - Encryption MS:Ch. 11 - Password Crackers	Week 3 Assignment
Week 4:	Ch.6 - Security Features of Network Operating Systems MS:Ch. 17 -Microsoft
Week 5:	Ch.7 - Security Management Platforms MS:Ch. 18 - UNIX
Week 6:	Ch. 8 - Network Monitors and Other Security Programs MS:Ch. 10 -Scanners MS:Ch. 13 - Sniffers
Week 7:	Ch.9 - Security Audits MS:Ch. 15 - Logging and Audit Tools
Week 8:	Review MIDTERM
SPRING BREAK	HAVE FUN
Week 9:	Ch.10 - Remote Access Ch. 11 - Virtual Networking
Week 10:	Ch.12 - Firewalls Ch. 13 - Security Devices MS:Ch. 14 - Firewalls
Week 11:	Ch.14 - Redundancy Ch. 15 - Preventing Telephone Fraud MS: Ch. 9 - Destructive Devices
Week 12:	Ch.16 - Securing Your Web Connection Ch. 17 - Viruses MS:Ch. 12 - Trojans
Week 13:	Ch.18 - Ensuring Secure Electronic Commerce Ch. 19 - Intranets
Week 14:	Ch.20 - Identifying and Preventing Common Attacks Ch. 21 - Security and TCP/IP Services
Week 15:	REVIEW FINAL EXAMS	Thursday, April 29, 1999 - 5-8 p.m.