Asia Pacific University College of Technology and Innovation

1. 2. 3. 4. 5. 6.

7. 8. 9.

Name of Course/Module: Network Security Version 4 (Effective TBC) Course Code: CT037-3.5-2 Name(s) of academic staff: Hoorang Rationale for the inclusion of the course/module in the programme: Refer to Programme Specification Semester and Year offered: Refer to Programme Specification Total Student Face to Face Total Guided and Independent Learning Learning Time (SLT) L = Lecture L T P O 92 T = Tutorial 16 32 P = Practical O= Others Credit Value: 3.5 Prerequisite (if any): NONE Objectives 1. Contribute to the achievement of the Learning Outcomes specified for the students award at Level 2 2. Enable students to develop their knowledge and skills in relation to Network Security 3. Develop the ability of students to apply the knowledge they gain in relation to the study of Network Security 4. Further develop lifelong learning skills of independent learning and study in relation to Network Security 5. Enable students to develop their ability to: Communicate in varied situations Use ICT relevant to given situations Be aware of the needs of others and self

Network Security CT037-3.5-2

Page 1 of 6

Asia Pacific University College of Technology and Innovation

10.

Learning outcomes: On successful completion of this module, you should be able to: 1. Analyze the interactions of the components and protocols that form a computer network.MQF4. 2. Demonstrate an understanding of security terminology, secure network design concepts and a detailed understanding of security vulnerabilities.MQF1, MQF2. 3. Identify potential threats that may lose or obscure stored data.MQF3. 4. Evaluate the standards used to define computer networks and the threats and risks presented to a computing system in a given realistic scenario.MQF3, MQF4. 5. Compare and contrast security technologies, products, solutions and designs.MQF5, MQF6. 6. Design, implement and manage network security equipments.MQF7, MQF8. MQF Learning Outcome Area MQF1 - Knowledge and Understanding MQF2 - Learning MQF3 - Enquiry MQF4 - Analysis MQF5 - Problem Solving MQF6 - Communication MQF7 - Application MQF8 - Reflection Transferable Skills: The following employability skills are introduced (I), developed (D) and/or assessed (A): Critical Thinking Analysis & Synthesis (I, D, A),Effective Problem Solving (I &D), Creativity & Innovation (I, D), Communication (I,D),Communication & Information Technology(I,D), Self-management (I &D), Learning (I &D), Self Awareness & Cultural Awareness(I), Teamworking (I &D). Teaching-learning and assessment strategy: The module comprises lectures and Practicals and involves team working skills within the assignment.

11.

12.

13.

Synopsis: This module will introduce and explore issues and concepts involved in the security of networks and consider the day to day requirements of keeping them functional and safe. It will allow introduce students to consideration of the security needs of an organization and study some of the popular countermeasures used to deter malicious attacks upon networks. In addition, it introduces the students to the security in Routers, Networking devices and appliances, such as Firewalls, VPNs, and IDSs.

Network Security CT037-3.5-2

Page 2 of 6

Asia Pacific University College of Technology and Innovation

14.

Mode of Delivery: Lecture and Practical Assessment Methods and Types Group In-course assignment weighted at 100% with 60% of the total contributed by an individual components (LOs 1 - 6) Mapping of the course/module to the Programme Aims : Refer to the Programme Specification Mapping of the course/module to the ProgrammeLearning Outcomes: Refer to the Programme Specification Content outline of the course/module and the SLT per topic:
Week Topics L T P O Ind

15.

16. 17. 18.

4.5

Introduction Overview of the module General Guidelines & Learning Approach Assessments Briefing Introduction to the subject area Network Defense Fundamentals Network Defense Defensive Technologies Objectives of Access Controls The Impact of Defense
2 4 11

2&3

Advanced IP Concepts Packets and Addresses IP Service Ports IP Protocols TCP UDP ICMP DNS Network Address Translation Fundamentals of Router Security Privilege Levels Securing Console Access Configuring the enable Password service password-encryption Command Configuring Multiple Privilege Levels Warning Banners Interactive Access Securing VTY Access SSH Protocol Port Security for Ethernet Switches Auto Secure

Network Security CT037-3.5-2

Page 3 of 6

Asia Pacific University College of Technology and Innovation

5&6

10

11

Fundamental of Firewalls Types of Firewalls Pros and cons of firewalls Firewall placement Rules and packet filters Proxy servers Bastion hosts The Honeypot Firewall Configurations ( ISA Server) Cryptography Terminology and Background Substitution Cipher Transposition Cipher Symmetric and Asymmetric Encryption Systems Cryptographic Hash Functions Virtual Private Networks Internet Protocol Security IPsec Policy Management IPsec AH Implementation Combining AH and ESP in IPsec VPN fundamentals Tunneling Protocols VPN Design Architecture VPN Security Configuring a VPN Intrusion Detection Systems The goal of IDS Technologies and Techniques of IDS Host-based IDS Network-based IDS The analysis How to use IDS Layer two security Basic Switch Operation Mitigating VLAN Attacks CAM Table Overflow Using Port Security

12

12

Network Security CT037-3.5-2

Page 4 of 6

Asia Pacific University College of Technology and Innovation

12 & 13

14

15

Storage Networking Technologies Direct-Attached Storage and Introduction to SCSI. Types of DAS DAS Benefits and Limitations Disk Drive Interfaces Introduction to Parallel SCSI SCSI Command Model Storage Area Networks Fiber Channel: Overview The SAN and Its Evolution Components of SAN FC Connectivity Fiber Channel Ports Fiber Channel Architecture Zoning Fiber Channel Login Types FC Topologies Concepts in Practice: EMC Connectrix Network-Attached Storage General-Purpose Servers vs. NAS Devices Benefits of NAS NAS File I/O Components of NAS NAS Implementations NAS File-Sharing Protocols NAS I/O Operations Factors Affecting NAS Performance and Availability Concepts in Practice: EMC Celerra Windows Security Windows Security Architecture Windows Vulnerabilities Windows Security Defenses Browser Defenses Cryptographic Services Common Criteria Linux Security Linux Security Model Linux Filesystem Security Linux Vulnerabilities Linux System Hardening Application Security Mandatory Access Control Summary Summary of module Revision of Major Topic Areas Assessment Discussion Presentations TOTAL

12

16

4.5

16

32

92

Network Security CT037-3.5-2

Page 5 of 6

Asia Pacific University College of Technology and Innovation

19.

Main references supporting the course Essential Reading Weaver, R (2008), Guide to Tactical Perimeter Defense. Thomson EMC (2009), Information Storage and Management: Storing, Managing, and Protecting Digital Information. Wiley. Stallings, W (2011), Cryptography and Network Security: Principles and Practice. 5th ed. Prentice Hall. Further Reading Stallings, W (2008), Computer Security: Principles and Practice. Prentice Hall. Other additional information: None

20.

Network Security CT037-3.5-2

Page 6 of 6