Fundamentals of Network Security

This course provides an in-depth vendor-neutral study of network security fundamentals and provides a comprehensive overview of network security. The course prepares students to take the CompTIA Security+ certification exam.

The CompTIA Security+ Certification is rated the top entry level security exam by Certification Magazine. It satisfies certification requirements for Microsoft MCSA & MCSE certifications, the Certified HIPAA Security Specialist (CHSS) certification, and is required or recommended as a prerequisite or program element in third-party certifications from companies like IBM (Tivoli), Symantec (SCTA), the Certified Wireless Networking Professional program (CWSP), and the Security Certified Program. The class also provides the student a solid foundation to continue on to the advanced class and earn the highly coveted CISSP certification.

For more information please see:

• CompTIA's Security+
  Review of the certification by Monster.com
• IT Security Certifications
  Information about various security certifications by Monster.com
• Building a Career in Information Security
  Information about security certifications by Certification Magazine.
• 10 Hottest Certifications for 2004
  CertCities rates the Security+ one of the Top 10 IT Certifications for 2004 & again for 2005. For 2004 it rated the Security+ equal to the CCIE.
• Certifiably Secure: More Reasons to Consider Security+ at the Entry-level
  Certification Magazine lists more reasons for earning the Security+ certification.
• Network Security Positions #1 in Demand and Average Salaries.
  According to a recent salary survey on Computerjobs.com, Network Security professionals earn the highest average salaries and are in greatest demand of all IT fields.
• Paying Off Nicely- CertMag’s 2003 Salary Survey
  IT Professionals that specialize in security earned an average of $73,000/yr during 2003.
  
• It Pays to Certify
  By Network World & Global Knowledge
  Discusses the benefits of security certification, and how it can boost your salary, job security, and career opportunities. Includes information on Security+, SSCP, and CISSP certifications.
  
• Information security field to grow steadily
  Network World Fusion
  The demand for qualified security professionals is growing at 14-18 % per year compared to a 5% to 7% growth in IT jobs in general. Security professionals have also experienced growth in job prospects, career advancement, higher base salaries and salary premiums for certification at faster rates than other areas of IT.
• Full-Speed Ahead: The Demand for Security Certification
  CertMag, April 2005
  The demand for quality trained security administrators is growing fast. Security administrators need to validate their skills through certification, and those with certifications are experiencing the most career growth.

Don't forget to show up on the first day of class. If enough students don't show up on the first day, the class will be cancelled.

Description:

The class is broken down into five sections. General Security Concepts covers authentication methods along with common network attacks and how to safeguard against them. Communication Security includes remote access, e-mail, the Web, directory and file transfer, and wireless data. Infrastructure Security explores various network devices and media, and the proper use of perimeter topologies such as DMZs, Extranets, and Intranets to establish network security. Cryptography basics are provided, including the differences between asymmetric and symmetric algorithms, and the different types of PKI certificates and their usage. Operational/Organizational Security is discussed as it relates to Physical security, Disaster Recovery, and Business Continuity, as well as coverage of Computer Forensics.

Objectives:

1. Describe network security by listing possible security threats and their ramifications and goals of network security.
2. Create strong passwords and password policies.
3. Describe authentication protocols including CHAP and Kerberos. Use PKI certificates to secure authentication and transmission of data.
4. List and explain in your own words each of the following types of attacks: DoS, ping-of-death, spoofing, man-in-the-middle, replay attacks, and TCP session hijacking.
5. List the major types of attacks used against encrypted data.
6. List three types of social-engineering attacks and explain why they can be damaging.
7. List the major types of malicious software and identify a counter measure for each one.
8. Implement secure remote access using RADIUS, TACACS+, PPTP, L2TP, SSH, and IPSec.
9. Describe the need for secure email. Outline the benefits of PGP and S/MIME. Explain the dangers posed by email hoaxes and spam, as well as actions that can be taken to counteract them.
10. Describe and implement the features of web security including: SSL/TLS and the associated HTTPS protocol.
11. Describe the vulnerabilities of JavaScript, Active X, cookies, CGI, applets, SMTP, and how they are commonly exploited.
12. Implement more secure enterprise directory management using LDAP.
13. Implement S/FTP to secure file transfer through the internet.
14. Describe the implementation steps for secure wireless data transfer using WAP, WTLS, and WEP.
15. Describe instant messaging and the security risks and vulnerabilities of such a service.
16. Describe the purpose of a firewall and the different kinds of firewall technology available on the market.
17. Implement security through ACLs on routers, switches, and other networking hardware.
18. List he various type of network media. Describe how to physically protect transmission media adequately.
19. Demonstrate how to maintain, backup, and restore stored data.
20. Describe the features of a virtual local area network. Set up a encrypted tunnel between two hosts.
21. List the differences between host-based and network-based intrusion detection systems.
22. Implement a security baseline by using OS/NOS hardening (modify default configuration to make it more secure).
23. Describe some of the biometric techniques for securing equipment and data.
24. List some basic computer forensics techniques.

Prerequisites:

• CS180 - Network Operating Systems

There are no mandatory prerequisites for this class, however, the student should be comfortable using Windows client operating systems and have a basic understanding of TCP/IP networking. To get the most from the class, it is recommended that the student have experience administering Windows or Unix/Linux hosts or Cisco routers and switches.

Career Opportunities:

The Network Security course advances students on a career path toward the following occupations: Network Security Analyst, Senior Systems Analyst, and Systems Architect. For higher education bound students, this course prepares them for Electrical Engineering or Computer and Management Information Systems Degree Programs.