Instructor(s): Dr. Wayne Summers
Office: CCT455 Office
phone: (706) 568-5037
Department phone: (706) 568-2410 Department
FAX: (706) 565-3529
Office Hours: 10-10:50 a.m. MWF (in online chat); 3-3:50 p.m. TR (in online
chat); via e-mail, net-meetings and by appointment
e-mail address: summers_wayne@ColumbusState.edu
homepage:http://csc.ColumbusState.edu/summers
Catalog Description of Course: (Prerequisite CPSC 6126 Information Systems
Assurance or equivalent.) This course examines the fundamentals of
security issues arising from computer networks. Topics include intrusion
detection, firewalls, threats and vulnerabilities, denial of service attacks,
viruses and worms, use and effectiveness of encryption, secure transactions and
e-commerce, and network exploits. (3 credits).
Required
Textbook(s):
Corporate Computer and Network Security
by Raymond R. Panko, Prenticed-Hall, 2004, ISBN 0-13-038471-2.
Supplementary Books and Materials
Software and manuals found in the lab and on the Internet
1. Students will understand the major issues in network and computer system security, focusing mainly on threats from malicious software.
2. Students will have an understanding of common attacks on computer networks and methods to detect and remediate such attacks.
3. Students will be able to identify threats and vulnerabilities to information systems.
4. Students will be able to identify and detect data, computers and networks exploits.
5. Students will be able to secure computer networks.
6. Be able to use network security tools.
1. Foundations of computer and network security.
2. Access Control and Site Security.
3. Threats and vulnerabilities.
4. Attack Methods.
5. Technical defenses: authentication, operating system security, firewalls, etc.
6. Host Security.
7. Elements of Cryptography.
8. Cryptographic Systems: SSL/TLS, VPNs, Kerberos.
9. Application Security: Electronic Commerce and E-mail.
10. Network vulnerability assessment and intrusion detection.
11. Remediation methods, including backup and repair strategies.
12. Business continuity planning and disaster recovery planning
13. Legal issues, privacy, cyberwar and cyberterror.
Instructional Methods and Techniques
How to Access the Course
This course is being offered through WebCT Vista. You can access WebCT Vista at: http://webct.ColumbusState.edu/
At this page, select the "Log on to" WebCT Vista link to activate the WebCT Vista logon dialog box, which will ask for your WebCT Vista username and password. Your Vista WebCT username and password are:
Username: lastname_firstname
Password: XXXX
Default password is your birthday in the format of DDMMYY.
If you try the above and WebCT Vista will not let you in, please use the "Comments/Problems" link on the WebCT Vista home page to request help. If you are still having problems gaining access a day or so after the class begins, please e-mail me immediately.
Once you've entered WebCT Vista, you will see a list of courses you have access to. The CPSC 6128 course is listed as "Network Security." Next to this, you should see my name as the instructor. You may also see new discussion postings, new calendar postings, and new mail messages. Clicking on the name of the course will take you to the course's home page. If you don't see the "Network Security" course in the list, please e-mail me immediately.
Once
you have clicked on the course's name and accessed the particular course
itself, you will find a home page with links to other sections and tools, and a
menu on the left-hand side. Feel free to explore the areas in the course.
How This Course Will Work
This course will consist of readings, discussion questions, “lab” assignments, a final project and two exams. On a weekly basis, you will need to:
In addition to the weekly requirements, you will need to:
decide
on and complete a final project.
Online Discussions
To maximize your learning, you are expected to participate actively in the
weekly discussions. To receive maximum credit for participating, you must post
a response to EACH discussion question of at least 150 words and comment on ONE
of the other students' responses for EACH discussion assignment. There is, of
course, no upper limit on the amount of discussion in which you can be involved
in.
The responses to other students' postings should add to the substance of the posting, request clarification, provide a different perspective, or challenge the assertions made by providing real or hypothetical scenarios that the original posting does not adequately address. Remember, the purpose of course discussions is to stimulate academic debate. Critical thinking is highly desirable!
I will read every response and every comment, but I will not necessarily respond to every response or to every comment. I will, however, interject comments where necessary for clarification.
Discussion Etiquette
CSU is committed to open, frank, and insightful dialogue in all of its courses. Diversity has many manifestations, including diversity of thought, opinion, and values. Students are encouraged to be respectful of that diversity and to refrain from inappropriate commentary. Should such inappropriate comments occur, I will intervene as I monitor the dialogue in the discussions. I will request that inappropriate content be removed from the discussion and will recommend university disciplinary action if deemed appropriate. Students as well as faculty should be guided by common sense and basic etiquette. The following are good guidelines to follow:
Never post content that is harmful, abusive; racially, ethnically, or religiously offensive; vulgar; sexually explicit; or otherwise potentially offensive.
Student Responsibilities
As a student in this course, you are responsible to:
“I
didn’t know” is not an acceptable excuse for failing to meet the
course requirements. If you fail to meet your responsibilities, you do so at
your own risk.
As your instructor in this course, I am responsible to:
Although I will read every posted discussion question and response, I will not necessarily respond to every post.
Student Web
Server Space
There may be times
when you will want to use an actual Web server in response to discussion
questions or for projects. All currently enrolled CSU students (including
online students) can request free Web server space on the CSU student Web
server. Simply go to http://students.ColumbusState.edu
and click on the "Free Web Pages" icon. Then click on the link to
request the account. Under normal circumstances, the account and space will be
created in a matter of seconds. This server is also .NET capable.
Online Lab
Assignments
The lab assignments will
be of two types. Some assignments will require the use of your own computer. If
you are using a computer at work, make sure that you have permission to use the
software for the assignment. The second type of assignment will require you
connecting to the Security and Assurance of Information Lab (SAIL Lab) through
a VPN connection. This will require that you install the VPN client and the VNC
software on your computer.
Assignments for Course
Course Evaluation (tentative):
Grades may be determined according to this scale:
A 90% - 100% |
B 80% - 89% |
C 70% - 79% |
D 60% - 69% |
General Policies
You are responsible for all class work missed, regardless of the reason for the absence(s). Late assignments will not be accepted. No makeup exams or quizzes will be given, so please make sure you are present for all exams/quizzes. Refer to the CSU Catalog (http://aa.ColumbusState.edu/advising/a.htm#Absence Policy) for more information on class attendance and withdrawal.
Academic dishonesty No cheating in any form will be tolerated. Penalties for academic dishonesty may include a zero grade on the assignment or exam/quiz, a failing grade for the course, suspension from the Computer Science program, and dismissal from the program. All instances of cheating will be documented in writing with a copy placed in the Department’s files. Students will be expected to discuss the academic misconduct with the faculty member and the chairperson. For more details see the Faculty Handbook: http://aa.ColumbusState.edu/faculty/FacHandbook0203/sec100.htm#109.14 and the Student Handbook: http://sa.ColumbusState.edu/handbook/handbook2003.pdf You are expected to review the TSYS Department of Computer Science’s Academic Dishonesty Policy - (http://csc.ColumbusState.edu/policy/Academic-Dishonesty-Policy.html) |
Since this course includes the use of computer security tools and techniques,
you are required to sign a Computer Security Agreement form at http://csc.ColumbusState.edu/summers/NOTES/6136/Computer-Security-Class-Student-Agreement.htm
Getting help
You can always contact me during my posted office hours, by e-mail, or by
appointment.
CSU ADA statement
If you have a documented disability as described by the Rehabilitation Act of
1973 (P.L. 933-112 Section 504) and Americans with Disabilities Act (ADA) and
would like to request academic and/or physical accommodations please contact
Joy Norman at the Office of Disability Services in the Center for Academic
Support and Student Retention, Tucker Hall (706) 568-2330, as soon as possible.
Course requirements will not be waived but reasonable accommodations may be
provided as appropriate.
SUGGESTED WEEKLY SCHEDULE FOR COMPUTER SECURITY (tentative)
|
Lecture Topic |
Homework |
Week 1: January 9-13 |
Chapter 1 – A Framework |
See Website http://csc.ColumbusState.edu/summers/NOTES/6128/labs-6128.htm
and WebCT calendar |
Week 2: January 16-20 |
Chapter 1a – Examples of Security
Problems |
|
Week 3: January 23-27 |
Chapter 2 – Access Control and Site
Security |
|
Week 4: Jan. 30 – Feb. 3 |
Chapter 3 – Review of TCP/IP
Internetworking |
|
Week 5: February 6-10 |
Chapter 4 – Attack Methods |
|
Week 6: February 13-17 |
Chapter 5 – Firewalls |
|
Week 7: February 20-24 |
Chapter 6 – Host Security |
|
Week 8: February 27- March 3 |
MIDTERM EXAM |
|
Week 9: March 6-10 |
SPRING BREAK |
SPRING BREAK |
Week 10: March 13-17 |
Chapter 7 – The Elements of
Cryptography |
|
Week 11: March 20-24 |
Chapter 8 – Cryptographic Systems |
|
Week 12: March 27-31 |
Chapter 9 – Application Security |
|
Week 13: April 3-7 |
Chapter 10 – Incident and Disaster
Response |
|
Week 14: April 10-14 |
Chapter 11 – Managing Security Function |
|
Week 15: April 17-21 |
Chapter 12 – The Broader Perspective |
|
Week 16: April 24-28 |
“Presentations” |
Hands-on Lab 10 - Managing
Network Security |
Week 17: May 2-6 |
“Presentations” |
|
May 4 (tentative) |
|
FINAL EXAM DUE |