Number and Title of Course: CS459/559 - Network Security

Instructor(s): Dr. Wayne Summers
Office: SCA207B Office phone: (505) 454-3230
Department phone: (505) 454-3295
Office Hours: MWF 1:00-1:50 TR 4-4:50; via e-mail, net-meetings and by appointment
e-mail address: summers_wayne@ColumbusState.edu
homepage:http://csc.ColumbusState.edu/summers

Catalog Description of Course: This course addresses security issues for TCP/IP-based and NT networks. Access Control and Communications Security issues will be covered as well as Internet and intranet security. (3 credits).

Course Prerequisite: CS457 - Computer Networks, MIS420 - Networking in a Business Environment or permission of instructor.

Required Textbook(s): Network Security in a Mixed Environment, IDG Books by Dan Blacharski. 1998, ISBN: 0-7645-3152-2.

Supplementary Books and Materials

Educational Outcomes

  1. Students will be able to identify security breaches in a computer network
  2. Students will be able to discuss major issues concerning computer security.
  3. Students will be able to use standard security tools to locate and fix security leaks in a computer network.

Major Topics

  1. TCP/IP and OSI Network Security
  2. Access Control Issues (Packet Filters, Firewalls)
  3. Communication Security (OSI Layer Security Protocols)
  4. Security Tools
  5. Security Concepts and Terminology
  6. Human Security
  7. Encryption

Instructional Methods and Techniques

  1. The class will meet for two one-hour and fifteen-minute lecture/discussion periods each week.
  2. The lectures should be conducted using state-of-the-art multimedia techniques including a computer projection system.
  3. There should be facilities for demonstrating software and access to computer networks in the classroom.
Many of the assignments should stress hands-on applications by the students. Each student will be expected to attend all lectures. Class participation by all is expected.

Assignments for Course

  1. Readings from the textbook(s)
  2. Outside reading from popular computing and information technology periodicals like PC-Week, PC-Magazine, etc.
  3. Readings from documents found on the Internet

Evaluation

  1. Midterm(s) and Final Exams over the lectures and readings.
  2. Homework including lab assignments on material discussed in class.
  3. Projects or a Term paper on a topic on computer security.

Class Attendance:Class attendance is the responsibility of the student, and it is the student's responsibility to independently cover any material s/he may miss. Class attendance and participation may also be used in determining grades. You should attend all lab sessions. Attendance will be taken.

Exams and Assignments: There will be one midterm exam and one comprehensive final exam. Exams cover material from the text as well as laboratory activities. The lectures may not cover all the material in the textbooks and may be supplemented by additional materials. Late assignments will be subject to up to a 25% deduction in points per day. No credit will be given for assignments that are more than one week late.

Course Evaluation (tentative):

Grades may be determined according to this scale (tentative):
A 90% - 100%B 80% - 89%
C 70% - 79%D 60% - 69%


SCHEDULE

  Lecture Topic Homework
Week 1: Computer Crime, Security and Computer Viruses
Ch.1 - What Have You Got to Lose?
Ch.2 - Implementing a Security Policy
Week 1 Assignment
Week 2: Ch.3 - Disaster Recovery
MS:Ch. 4 - A Brief Primer on TCP/IP
 
Week 3: Ch.4 - Security Levels
Ch. 5 - Encryption
MS:Ch. 11 - Password Crackers
Week 3 Assignment
Week 4: Ch.6 - Security Features of Network Operating Systems
MS:Ch. 17 -Microsoft
 
Week 5: Ch.7 - Security Management Platforms
MS:Ch. 18 - UNIX
 
Week 6: Ch. 8 - Network Monitors and Other Security Programs
MS:Ch. 10 -Scanners
MS:Ch. 13 - Sniffers
 
Week 7: Ch.9 - Security Audits
MS:Ch. 15 - Logging and Audit Tools
 
Week 8: Review
MIDTERM
 
SPRING BREAK HAVE FUN  
Week 9: Ch.10 - Remote Access
Ch. 11 - Virtual Networking
 
Week 10: Ch.12 - Firewalls
Ch. 13 - Security Devices
MS:Ch. 14 - Firewalls
 
Week 11: Ch.14 - Redundancy
Ch. 15 - Preventing Telephone Fraud
MS: Ch. 9 - Destructive Devices
 
Week 12: Ch.16 - Securing Your Web Connection
Ch. 17 - Viruses
MS:Ch. 12 - Trojans
 
Week 13: Ch.18 - Ensuring Secure Electronic Commerce
Ch. 19 - Intranets
 
Week 14: Ch.20 - Identifying and Preventing Common Attacks
Ch. 21 - Security and TCP/IP Services
 
Week 15: REVIEW
FINAL EXAMS
Thursday, April 29, 1999 - 5-8 p.m.