Number and Title of Course: CPSC 6136 - Advanced System Security

Instructor(s): Dr. Wayne Summers

Office: CCT455                                                                     Office phone: (706) 568-3057
Department phone: (706) 568-2410                                    Department FAX: (706) 565-3529
Office Hours: 11-11:50 a.m. MWF (in online chat); 2-2:50 p.m. TR (in online chat); via e-mail, net-meetings and by appointment
e-mail address: summers_wayne@ColumbusState.edu
homepage:http://csc.ColumbusState.edu/summers

 

Catalog Description of Course: (Prerequisite CPSC 6126 Information Systems Assurance). This course provides the student with the skill or ability to design, execute, and evaluate information security procedures and practices. This level of understanding will ensure that students are able to apply security concepts while performing their tasks. Topics include encryption algorithms, developing a security policy, attack monitoring, attack response, and disaster planning and recovery. The student will be presented with practical approaches to security and the use of security tools (3 credits).

Required Textbook(s):

  1. Introduction to Computer Security by Matt Bishop, Addison Wesley Professional, 2005, ISBN: 0-321-24744-2.
  2. The Art of Deception: Controlling the Human Element of Security, by Kevin D. Mitnick and William L. Simon, John Wiley & Sons, 2002, ISBN: 0471237124.

Supplementary Books and Materials

Software and manuals found in the lab and on the Internet

 

Course Objectives

1.        Students will understand the major issues in network and computer system security, focusing mainly on threats from malicious software.

2.        Students will have an understanding of common attacks on computer networks and methods to detect and remediate such attacks.

3.        Students will have an understanding of the guiding principles of computer system security.

4.        Students will be able to evaluate information security procedures and practices.

5.        Students will be able to design and implement information security procedures and practices.

 

Major Topics

1.      Foundations of computer and network security.

2.      Threats and vulnerabilities

3.      Technical defenses: authentication, operating system security, firewalls, etc.

4.      Network vulnerability assessment and intrusion detection.

5.      Remediation methods, including backup and repair strategies.

6.      Encryption and methods for its usage.

7.      Business continuity planning and disaster recovery planning

8.      Issues in physical security.

 

Instructional Methods and Techniques

  1. The class will be taught online. Learning sessions will usually be conducted via threaded discussion and will include recorded lectures on the instructor's web site. See http://cs.ColumbusState.edu/Academics/Online/OnlineInfo.asp for information on taking an online course.
  2. Students will be expected to participate in asynchronous threaded discussions.
  3. All students must have access to networked computers for doing assignments.
  4. Students will have an opportunity to use a variety of security tools to reinforce their learning of the concepts.
  5. Discussion may also be available through live chat.

How to Access the Course

This course is being offered through WebCT. You can access WebCT at: http://webct.ColumbusState.edu/ 

At this page, click on the "Log on to" link to activate the WebCT logon dialog box, which will ask for your WebCT username and password. Your WebCT username and password are:

Username: lastname_firstname
Password: ssnXXXX

where "XXXX" is the last four digits of your social security number.

If you try the above and WebCT will not let you in, please use the "Comments/Problems" link at the bottom of the WebCT home page to request help. If you are still having problems gaining access a day or so after the class begins, please e-mail me.

Once you've entered WebCT, you will see a list of courses you have access to. The CPSC 6136 course is listed as "Advanced Systems Security." Below this, you should see my name as the instructor. You may also see new discussion postings, new calendar postings, and new mail messages. Clicking on the name of the course will take you to the course's home page. If you don't see the "Advanced Systems Security" course in the list, please e-mail me immediately.

Once you have clicked on the course's name and accessed the particular course itself, you will find a home page with links to other sections and tools, and a menu on the left-hand side. The first thing you should do is “Take the Guided tour”. This information will give you a feel for what's available in the particular WebCT classroom environment. Once you've read this information, please feel free to explore the other areas.

How This Course Will Work

This course will consist of readings, discussion questions, webliography assignments, “lab” assignments, a final project and two exams. On a weekly basis, you will need to:

  1. review the week's lesson;
  2. complete the readings from the two texts;
  3. read and if possible, listen to the lectures;
  4. complete the “lab” assignments;
  5. submit responses to weekly discussion questions based on the readings;
  6. submit webliography URLs’; and
  7. comment on other students' responses to the discussion questions.

In addition to the weekly requirements, you will need to:

decide on and complete a final project.

Online Discussions

To maximize your learning, you are expected to participate actively in the weekly discussions. To receive maximum credit for participating, you must post a response to EACH discussion question of at least 150 words and comment on ONE of the other students' responses for EACH discussion assignment. There is, of course, no upper limit on the amount of discussion in which you can be involved in.

The responses to other students' postings should add to the substance of the posting, request clarification, provide a different perspective, or challenge the assertions made by providing real or hypothetical scenarios that the original posting does not adequately address. Remember, the purpose of course discussions is to stimulate academic debate. Critical thinking is highly desirable!

I will read every response and every comment, but I will not necessarily respond to every response or to every comment. I will, however, interject comments where necessary for clarification.

Discussion Etiquette

CSU is committed to open, frank, and insightful dialogue in all of its courses. Diversity has many manifestations, including diversity of thought, opinion, and values. Students are encouraged to be respectful of that diversity and to refrain from inappropriate commentary. Should such inappropriate comments occur, I will intervene as I monitor the dialogue in the discussions. I will request that inappropriate content be removed from the discussion and will recommend university disciplinary action if deemed appropriate. Students as well as faculty should be guided by common sense and basic etiquette. The following are good guidelines to follow:

Never post content that is harmful, abusive; racially, ethnically, or religiously offensive; vulgar; sexually explicit; or otherwise potentially offensive.

 

Student Responsibilities

As a student in this course, you are responsible to:

“I didn’t know” is not an acceptable excuse for failing to meet the course requirements. If you fail to meet your responsibilities, you do so at your own risk.

Instructor Responsibilities

As your instructor in this course, I am responsible to:

Although I will read every posted discussion question and response, I will not necessarily respond to every post. 

 

Student Web Server Space

There may be times when you will want to use an actual Web server in response to discussion questions or for projects. All currently enrolled CSU students (including online students) can request free Web server space on the CSU student Web server. Simply go to http://students.ColumbusState.edu and click on the "Free Web Pages" icon. Then click on the link to request the account. Under normal circumstances, the account and space will be created in a matter of seconds. This server is also .NET capable.

 

Assignments for Course

Course Evaluation (tentative):

Grades may be determined according to this scale:

A 90% - 100%

B 80% - 89%

C 70% - 79%

D 60% - 69%

 

General Policies

You are responsible for all class work missed, regardless of the reason for the absence(s). Late assignments will not be accepted. No makeup exams or quizzes will be given, so please make sure you are present for all exams/quizzes. Refer to the CSU Catalog (http://aa.ColumbusState.edu/advising/a.htm#Attendance%20Policy) for more information on class attendance and withdrawal.

Academic dishonesty
Academic dishonesty includes, but is not limited to, activities such as cheating and plagiarism (http://aa.ColumbusState.edu/advising/a.htm#Academic%20Dishonesty/Academic%20Misconduct). It is a basis for disciplinary action. Any work turned in for individual credit must be entirely the work of the student submitting the work.
All work must be your own. [For group projects, the work must be done only by members of the group.] You may share ideas but submitting identical assignments (for example) will be considered cheating. You may discuss the material in the course and help one another with debugging; however, any work you hand in for a grade must be your own.  A simple way to avoid inadvertent plagiarism is to talk about the assignments, but don't read each other's work or write solutions together unless otherwise directed by your instructor. For your own protection, keep scratch paper and old versions of assignments to establish ownership, until after the assignment has been graded and returned to you. If you have any questions about this, please see your instructor immediately. For assignments, access to notes, the course textbooks, books and other publications is allowed. All work that is not your own, MUST be properly cited. This includes any material found on the Internet. Stealing or giving or receiving any code, diagrams, drawings, text or designs from another person (CSU or non-CSU, including the Internet) is not allowed. Having access to another person’s work on the computer system or giving access to your work to another person is not allowed. It is your responsibility to prevent others from having unauthorized access to your work.

No cheating in any form will be tolerated. Penalties for academic dishonesty may include a zero grade on the assignment or exam/quiz, a failing grade for the course, suspension from the Computer Science program, and dismissal from the program. All instances of cheating will be documented in writing with a copy placed in the Department’s files. Students will be expected to discuss the academic misconduct with the faculty member and the chairperson. For more details see the Faculty Handbook: http://aa.ColumbusState.edu/faculty/FacHandbook0203/sec100.htm#109.14 and the Student Handbook: http://sa.ColumbusState.edu/handbook/handbook2003.pdf

 

Getting help
You can always contact me during my posted office hours, by e-mail, or by appointment.

 

CSU ADA statement
If you have a documented disability as described by the Rehabilitation Act of 1973 (P.L. 933-112 Section 504) and Americans with Disabilities Act (ADA) and would like to request academic and/or physical accommodations please contact Joy Norman at the Office of Disability Services in the Center for Academic Support and Student Retention, Tucker Hall (706) 568-2330, as soon as possible. Course requirements will not be waived but reasonable accommodations may be provided as appropriate.


          SUGGESTED WEEKLY SCHEDULE FOR COMPUTER SECURITY (tentative)

 

Lecture Topic

Homework

Week 1:

Aug 22-6

CS – chapters 1, 2

See Website

http://csc.ColumbusState.edu/summers/NOTES/6136/labs-6136.htm and WebCT calendar

Week 2:

Aug 29-Sept.23

CS - chapters 3, 4

Lab 1

Week 3:

Sept. 5-9

CS – chapters 5, 6, 7

Lab 2

Week 4:

Sept. 12-16

CS – chapters 8, 9

Lab 3

Week 5:

Sept. 19-23

CS – chapters 10, 11

Lab 4

Week 6:

Sept. 26-30

CS – chapters 12, 13

Lab 5

Week 7:

Oct. 3- 7

CS – chapters 14

REVIEW

Lab 6

Week 8:

Oct. 10-15

FALL BREAK

MIDTERM EXAM (chapters 1-14)

Lab 7

Oct. 17

MIDPOINT; GRADUATE CANDIDANCY

 

Week 9:

Oct. 17-21

CS – chapters 15, 16

Lab 8

Week 10:

Oct. 24-28

CS – chapters 17, 18

Lab 9

Week 11:

Oct. 31 – Nov. 4

CS – chapters 19, 20

Lab 10

Week 12:

Nov. 7-11

CS – chapters 21, 22

Lab 11

Week 13:

Nov. 14-18

CS – chapters 23

Art of Deception

Lab 12

Week 14:

Nov. 21-22

CS – chapters 24

Art of Deception

THANKSGIVING

Lab 13

Week 15:

Nov. 28- Dec. 2

CS – chapters 25

Art of Deception

 

Lab 14

Week 16:

Dec. 5-9

CS – chapters 26

Art of Deception

Lab 15

Week 17:

Dec. 12-19

FINAL EXAM