DEL MAR COLLEGE

ITSY 1300   S Y L L A B U S

Fundamentals of Information Security

 

Instructor:   Prof. Michael P. Harris, CCNA, CCAI

 

I. Course Description:

 

This course is designed to familiarize students with the fundamentals and implementation of information security. The students will learn the basic Information Security goals of availability, accuracy, and confidentiality. Vocabulary and terminology specific to the field of information security are discussed. Identification of exposures and vulnerabilities and appropriate countermeasures are addresses. The importance of appropriate planning and administrative controls are also discussed.

The course material is based on the CompTIA Security+ Certification Exam. The Security+ certification exam is a vendor-neutral certification that is the basis for world wide standard of competency for entry level information security professionals.


NOTE: all students must read, agree to follow, and sign our AUP (Acceptable Use Policy) . This document outlines our college policies on acceptable use of the computer equipment and/or activities that are acceptable using college equipment including Internet access.

 

II. Course Outcome:

 

The primary goal of this course is to provide the student with valuable insights into the area of information security. The principles and implementation of security and the technologies used to secure networks will be covered extensively. You will learn about current trends within the network security arena to include authentication, various attack techniques and malicious codes utilized to penetrate or deny service to network resources and the countermeasures for each. You will learn about remote access procedures, E-Mail vulnerabilities, web security, directory and file transfer services, wireless, network hardware and topologies, and intrusion detection. Additional topics include, but are not limited to, security policies, disaster recovery, and computer forensics. This course will provide up-to-date coverage of course material, anticipate emerging technologies, and provide a hands-on approach to network security.

 

III. Course Information:

 

            Instructor:                             Prof. Michael P. Harris, CCNA, CCAI

            Office: VB 114                        Computer Science Dept.

            Phone: (361) 698-1299        Email: mpharris@delmar.edu

                                                             3612248295@page.metrocall.com (text pager)

 

IV. Instructional Materials:

 

Class Text:    Security+ In Depth

Paul Campbell, Ben Calvert, and Steven Boswell

(Thompson Course Technology/Cisco Learning Institute)

ISBN: 1-59200-064

 

Materials:   (6-10) CDR -or- CDRW (writeable or rewriteable blank CDROMs)

(1) Flash Drive (64MB – 256MB) (for local removable storage for labs)

(1) Notebook to organize & maintain handouts, notes, exams, and labs.

 

V. Course Objectives:

 

Chapter 1: Security Overview

            The student will be introduced to network security concepts and gain a solid understanding of security threats and their ramifications, and be able to create an effective network security strategy.

 

Chapter 2: Authentication

            The student will learn how to create and store secure passwords and be introduced to a variety of authentication protocols and authentication certificates. Students will also be introduced to biometrics and their deployment. Biometrics are quickly becoming the authentication method of choice.

 

Chapter 3: Attacks and Malicious Code

            The student will gain valuable insight into the various types of denial-of-service (DoS), distributed denial-of-service (DDoS), social engineering, and malicious software used in attacks and the countermeasures for each one.

 

Chapter 4: Remote Access

            The student will be able to explain the various methods for remote access, when each method should be used and the vulnerabilities associated with each one.

 

Chapter 5: E-Mail

            The student will understand the need for secure e-mail, various protocols used for e-mail, the vulnerabilities of e-mail and the methods used to safeguard against them.

 

Chapter 6: Web Security

            The student will understand the protocols used on the internet and web based technologies, be able to identify web site vulnerabilities and understand how to protect against them.

 

Chapter 7: Directory and File Services

            The student will be able to explain the benefits offered by centralizing directory services, and be able to understand the threat posed to a network through unmonitored file shares. The student will also be able to identify vulnerabilities associated with file transfer services and the methods to secure the data.

 

Chapter 8: Wireless

            The student will understand the 802.11x standards, the security features designed for wireless networks, the vulnerabilities of each security feature, and be able to conduct a wireless site survey.

 

Chapter 9: Network Devices

            The student will understand the role of routers, switches, software and hardware firewalls, and be able to determine when VPN or RAS can be used to provide a secure network connection.

 

Chapter 10: Media and Medium

            The student will be able to identify and discuss the various types of transmission media used in networking and the limitations of each. Be able to identify and discuss the various types of storage media, and how to develop a plan to lessen the loss of information. The student will also learn data encryption methods and the methods for storing and destroying data properly.

 

Chapter 11: Network Security Topologies

            The student will understand the different perimeters associated with a network and when to utilize each one. The student will learn the role of tunneling and the usage of virtual local area networks (VLAN).

 

Chapter 12: Intrusion Detection

            The student will be able to explain what network intrusions are, the methods for detecting them and be able to clarify the role of security incident response teams.

 

Chapter 13: Security Baselines

            The student will understand the vulnerabilities of each Operating System/ Network Operating System and the measures to harden them. (To include firmware updates and configuration best practices). The student will also be able to identify exploits and vulnerabilities of services such as FTP, DNS, Mail and Print Servers and the countermeasures for each.

 

Chapter 14: Cryptography

            The student will learn the basics of algorithms and how they are utilized in modern cryptography; gain an understanding of the concepts of cryptography and how they correlate to network security; gain an understanding of security keys, their management, and their lifecycle.

 

Chapter 15: Physical Security

            The student will understand the importance of physical security; enhancements that can be added to bolster security of vital resources; various biometric techniques used for access control, and the importance of fire safety/detection.

 

Chapter 16: Disaster Recovery and Business Continuity

            The student will understand the concept of business continuity; plans, policies, and procedures of disaster recovery; implications of privilege management and its impact on disaster recovery.

 

Chapter 17: Computer Forensics and Advanced Topics

            The student will understand the basic computer forensics methods; be able to identify assets, vulnerabilities, and threats involving risk management. The student will understand the importance of security training of personnel, improving security management, and documentation within the network security framework.

 

VI. Attendance

 

            Class attendance is mandatory. Absences totaling two class weeks is considered excessive and is grounds for being dropped from the course. No make-up tests will be given except in emergency situations. Students requesting disability accommodations or information are encouraged to contact the office of Special Services, located in the Harvin Center, 698-1298.

 

VII. Examination & Grading Policy

 

Exam #1                                                                                                                    15%

Exam #2                                                                                                                    15%

Exam #3 Final Exam                                                                                               25%

Quizzes (Approx. 15)                                                                                               20%

Lesson Activity Plans (Labs)                                                                                  10%

Individual/Group Project(s)                                                                                   15%

 

 

NOTE: If you have any questions about the content or grading of this course please ask them in class or during my office hours. Also note that the content, schedule, administration, and/or management of this course is subject to change without notice. The instructor reserves the right to modify this syllabus at any time. Additionally, all material discussed or shown in this course are for educational purposes only, and as such will only be used within the classroom for class related projects.