| 5/1/2024 6:21:49 PM |
| New Course (First Version) |
| CATALOG INFORMATION
|
| Discipline and Nbr:
CIS 56.21 | Title:
COMPUTER SECURITY PRNCPL |
|
| Full Title:
Principles of Computer Security |
| Last Reviewed:10/14/2013 |
| Units | Course Hours per Week | | Nbr of Weeks | Course Hours Total |
| Maximum | 4.00 | Lecture Scheduled | 4.00 | 17.5 max. | Lecture Scheduled | 70.00 |
| Minimum | 4.00 | Lab Scheduled | 0 | 8 min. | Lab Scheduled | 0 |
| | Contact DHR | .50 | | Contact DHR | 8.75 |
| | Contact Total | 4.50 | | Contact Total | 78.75 |
| |
| | Non-contact DHR | 0 | | Non-contact DHR Total | 0 |
| | Total Out of Class Hours: 140.00 | Total Student Learning Hours: 218.75 | |
Title 5 Category:
AA Degree Applicable
Grading:
Grade or P/NP
Repeatability:
33 - 3 Enrollments Total
Also Listed As:
Formerly:
Catalog Description:
Untitled document
Students will begin learning the essentials of computer and network security. They will understand security objectives and the role of policy deployment while practicing to defend against network attacks. After a review of security trends, concepts, roles and network fundamentals students will learn: cryptography, public key infrastructure, standards and protocols, impact of physical security on network security, infrastructure security, remote access, wireless and instant messaging, intrusion detection and network baselines. Scenario-based curriculum describing a start-up company in which the students are "employed" and their roles within that company will also be incorporated in the class. Tasks and product deliverables, which are based on industry standards, augment assignments and exams. Coverage of both CompTIA's Security+ certification exam and the (ISC)2 SSCP certification, which focuses on best practices, roles, and responsibilities of security experts, is integral to the course. Students should have a familiarity with network operating systems.
Prerequisites/Corequisites:
Recommended Preparation:
CIS 51.13 and CIS 58.81A.
Limits on Enrollment:
Schedule of Classes Information
Description:
Untitled document
Essentials of computer and network security. Covering: cryptography public key infrastructure, standards and protocols, physical security, infrastructure, remote access, wireless and instant messaging, intrusion detection and network baselines. Preparation for CompTIA's Security+ exam. Students should be familiar with network operating systems.
(Grade or P/NP)
Prerequisites:
Recommended:CIS 51.13 and CIS 58.81A.
Limits on Enrollment:
Transfer Credit:CSU;
Repeatability:33 - 3 Enrollments Total
ARTICULATION, MAJOR, and CERTIFICATION INFORMATION
| Associate Degree: | Effective: | | Inactive: | |
| Area: | | |
| |
| CSU GE: | Transfer Area | | Effective: | Inactive: |
| |
| IGETC: | Transfer Area | | Effective: | Inactive: |
| |
| CSU Transfer: | Transferable | Effective: | Spring 2006 | Inactive: | Fall 2020 |
| |
| UC Transfer: | | Effective: | | Inactive: | |
| |
| C-ID: |
Certificate/Major Applicable:
Certificate Applicable Course
COURSE CONTENT
Outcomes and Objectives:
At the conclusion of this course, the student should be able to:
Untitled document
Upon completion of this course, students will be able
to:
1. Examine current computer security vulnerabilities
2. Describe general computer networking security concepts
3. Identify operational and organizational elements central to insuring a
secure computer networking environment
4. Delineate the role of people in security
5. Demonstrate an understanding of cryptography as a security resource
6. Describe the use of public key infrastructure to secure networks
7. Evaluate the various standards and protocols used to secure network
data transmission
8. Describe the impact of physical security on network security
9. Integrate network fundamentals into the process of securing a LAN
10. Demonstrate an understanding of network infrastructure security
components
11. Solve problems involving remote access security vulnerabilities
12. Evaluate wireless and instant messaging technologies for their
vulnerabilities
13. Solve network security breaches using intrusion detection systems
14. Assess security baselines for network policy implementation
15. Students repeating the class will be able to :
a. Describe the changes in network security
b. Solve advanced troubleshooting problems
Topics and Scope
Untitled document
Topics will include but not be limited to:
I. Computer security vulnerabilities
A. Identifing security problems
1. Security incidents
2. Threats to security
3. Security trends
B. Identify various avenues of attack
II. General concepts
A. Basic security terminology
1. Security basics
2. Access control
3. Authentication
B. Security models
1. Confidentiality models
2. Integrity models
III. Operational and organizational elements
A. Security operations in an organization
1. Policies, procedures, standards, and guidelines
2. The security perimeter
B. Physical security
1. Access controls
2. Physical barriers
C. Social engineering
D. Environment
E. Wireless
F. Electromagnetic eavesdropping
G. Location
IV. The role of people in security
A. People as a security problem
B. People as a security tool
V. Cryptography
A. Define algorithms
B. Hash
C. Symmetric encryption
D. Asymmetric encryption
E. Usage
1. Confidentiality
2. Integrity
3. Nonrepudiation
4. Authentication
5. Digital signatures
6. Key escrow
VI. Public key infrastructure
A. The basics of public key infrastructures
B. Certificate authorities
C. Registration authorities
D. Certificate repositories
E. Trust and certificate verification
F. Digital certificates
G. Centralized or decentralized infrastructures
H. Private key protection
I. Public certificate authorities
J. In-house certificate authorities
K. Outsourced certificate authorities
L. Certificate usage
VII. Standards and protocols used to secure network data transmission
VIII. The impact of physical security on network security
A. The problem
B. Physical security safeguards
IX. Network fundamentals
A. Network architectures
B. Network topology
C. Network protocols
D. Packet delivery
X. Infrastructure security
A. Devices
B. Media
C. Security concerns for transmission media
D. Removable media
E. Security topologies
1. Security zones
2. Virtual local area networks (VLANs)
3. Network address translation (NAT)
4. Tunneling
XI. Remote access
A. The remote access process
1. Identification
2. Authentication
3. Authorization
B. Telnet
C. Secure shell (SSH)
D. Layer 2 tunneling protocol (L2TP)
E. Point to point tunneling protocol (PPTP)
F. Institute of electric and eletronics engineers(IEEE) 802.11
G. Virtual private network (VPN)
H. Internet protocol security (IPSec)
I. IEEE 802.1x
J. Remote authentication dial-in user (RADIUS)
K. Terminal access controller access control system (ATACACS+)
L. Vulnerabilities
XII. Wireless and instant messaging
XIII. Intrusion detection systems
A. History of intrusion detection systems
B. Intrusion detection system (IDS) overview
C. Host-based intrusion detection systems
D. Network-based intrusion detection systems
E. Signatures
F. False positives and negatives
G. IDS models
XIV. Security baselines
A. Overview baselines
B. Password selection
1. Password policy guidelines
2. Selecting a password
3. Components of a good password
4. Password aging
C. Operating System and network operating system hardening
D. Network Hardening
E. Application Hardening
XV. Students repeating the course will address:
A. Changes in security issues
B. Currrent security issues
C. Changes in network technology
D. Advanced troubleshooting
Assignments:
Untitled document
Reading assignments may include:
1. Online research of current security appliances and best practices
2. Topical weekly online newsletters and security reports
3. Students repeating the course will update and add to their previous
research
Homework Problems may include
1. Preparing security policies and procedures
2. Interacting online with other students to solve basic security
problems
3. Repeat students will solve more complex security problems involving
advanced software and hardware platforms
Other assignments may include:
1. Objective examinations and quizzes
2. Group project based on interactive online scenarios in which students
role play as security consultants in a fictitious start-up firm.
3. Skill demonstration examinations
4. Repeat students will have more troublesome problems to solve
Methods of Evaluation/Basis of Grade.
| Writing: Assessment tools that demonstrate writing skill and/or require students to select, organize and explain ideas in writing. | Writing
10 - 30% |
| Reading reports | |
| Problem solving: Assessment tools, other than exams, that demonstrate competence in computational or non-computational problem solving skills. | Problem Solving
10 - 30% |
| Homework problems, Group project | |
| Skill Demonstrations: All skill-based and physical demonstrations used for assessment purposes including skill performance exams. | Skill Demonstrations
20 - 30% |
| Performance exams | |
| Exams: All forms of formal testing, other than skill performance exams. | Exams
20 - 30% |
| Multiple choice, True/false, Short answer | |
| Other: Includes any assessment tools that do not logically fit into the above categories. | Other Category
0 - 20% |
| Attendance and class participation | |
Representative Textbooks and Materials:
Untitled document
Fundamentals of Network Security by Eric Maiwald Publisher:
McGraw-Hill/Irwin Publication Date: November 2003 ISBN:0-07-223094-0
Principles of Computer Security: Security+ and Beyond by Wm. Arthur
Conklin, Gregory B. White, Chuck Cothren, Dwayne Williams, Roger L. Davis
Publisher: McGraw-Hill/Irwin Publication Date: March 2004 ISBN:
0-07-225509-9
Print PDF
