|
PELLISSIPPI STATE COMMUNITY COLLEGE |
||||||||
|
LINUX
SYSTEM SECURITY ADMINISTRATION |
||||||||
|
Class Hours: 3.0 |
|
Credit Hours: 4.0 |
|
|||||
|
Laboratory Hours: 3.0 |
|
Revised: Fall 09 |
|
|||||
|
|
||||||||
|
Catalog Course
Description: |
|
|
||||||
|
|
A study of system security
administration topics for the Linux operating system. Topics include SELinux, console access control, firewalls, TCP wrappers,
xinetd access control, tripwire configuration, PAM
configuration, system monitoring techniques, encryption, PKI
and OpenSSH configuration. |
|||||||
|
Entry Level Standards: |
|
|
||||||
|
|
The student must have knowledge
of system administration tasks such as network installation, kernel
configuration and customization, user administration, package management and
backup, automating and scheduling tasks, filesystem management and
maintenance, system initialization and services. The student must have
college level reading and math skills and keyboarding skills of at least 28
wpm. |
|||||||
|
Prerequisites: |
|
|
||||||
|
|
CSIT 2411 or appropriate
Linux/Unix system administration experience. |
|||||||
|
Textbook(s) and Other
Course Materials: |
|
|||||||
|
|
Brian Hatch &
James Lee; Hacking Linux Exposed –
Linux Security Secrets & Solutions Latest Edition,
McGraw-Hill/Osborne. |
|||||||
|
I. Week/Unit/Topic
Basis: |
|
|
||||||
|
|
||||||||
|
|
Week |
Lecture Topic |
||||||
|
|
1 |
System security basics |
||||||
|
|
2 |
SELinux |
||||||
|
|
3 |
SELinux |
||||||
|
|
4 |
System monitoring techniques |
||||||
|
|
5 |
Console access
configuration |
||||||
|
|
6 |
PAM configuration |
||||||
|
|
7 |
TCP wrappers & xinetd access control |
||||||
|
|
8 |
Tripwire configuration |
||||||
|
|
9 |
Review and Midterm |
||||||
|
|
10 |
Firewall configuration |
||||||
|
|
11 |
Firewall
configuration |
||||||
|
|
12 |
Local user attacks |
||||||
|
|
13 |
Securing data – encryption
and PKI |
||||||
|
|
14 |
Digital certificates & OpenSSH server configuration |
||||||
|
|
15 |
Final Exam |
||||||
|
II. Course Objectives*: |
|
|
||||||
|
|
A. |
Setup workstation, server and
network security for Linux systems. II, III, IV, VI, VII, VIII, IX, X, XII |
||||||
|
|
B. |
Understand concepts and
capabilities of the Unix/Linux environments. III, IV, VII, XI |
||||||
|
|
C. |
Produce and use system security
assessment reports. I, III, VII, IX, X, XI, XII |
||||||
|
|
D. |
Understand data security
tools and techniques. II, III, IV, VIII, IX, XII |
||||||
|
|
E. |
Monitor system for potential
security threats and use good administration techniques, logic, utilities and
procedures. III, IV, VI, VIII, IX, XI |
||||||
|
*Roman numerals after
course objectives reference goals of the CSIT program. |
||||||||
|
III. Instructional
Processes*: |
|
|
||||||
|
Students will: |
|
|
|
|||||
|
|
1. |
Use system security
administration tools to configure and manage applications and system
resources. Technological Literacy
Outcome, Transitional Strategies, Active Learning Strategies |
||||||
|
|
2. |
Create a well-documented
system security assessment report for clients. Communication Outcome, Mathematics Outcome, Technological Literacy
Outcome, Transitional Strategies, Active Learning Strategies |
||||||
|
|
3. |
Plan and install Linux
system security tools and utilities based on client input and specifications.
Communication Outcome, Mathematics
Outcome, Technological Literacy Outcome, Transitional Strategies, Active
Learning Strategies |
||||||
|
|
4. |
Practice elements of the work
ethic such as punctuality, professionalism, dependability, cooperation, and
contribution. Communication Outcome,
Active Learning Strategies |
||||||
|
|
5. |
Use industry accepted
practices to administer systems and environments in a stand-alone or clustered
environment. Communication Outcome,
Mathematics Outcome, Technological Literacy Outcome, Transitional Strategies,
Active Learning Strategies |
||||||
|
|
6. |
Use professionally accepted
methods and materials in their approach to system administration. Technological Literacy Outcome,
Transitional Strategies, Active Learning Strategies |
||||||
|
*Strategies
and outcomes listed after instructional processes reference TBR's goals for strengthening
general education knowledge and skills, connecting course work to experiences
beyond the classroom, and encouraging students to take active and responsible
roles in the educational process. |
||||||||
|
IV. Expectations for Student Performance*: |
|
|
||||||
|
Upon
successful completion of this course, the student should be able to: |
||||||||
|
|
1. |
Be familiar with Linux
system security tools and techniques. A, B, C, D |
||||||
|
|
2. |
Be able to perform firewall,
PAM and access control configurations. A, B, E |
||||||
|
|
3. |
Produce documents and
working utilities using Unix/Linux tools. B, D, E |
||||||
|
|
4. |
Understand and apply SELinux concepts. A, D, E |
||||||
|
|
5. |
Be able to monitor and secure
system against local and network attacks. A, B, C, D, E |
||||||
|
|
6. |
Understand and configure
data security techniques like digital certificates, encryption and PKI. D, E |
||||||
|
|
7. |
Apply knowledge and concepts
to specific problems. B, D, E |
||||||
|
*Letters
after performance expectations reference the course objectives listed above. |
||||||||
|
V. Evaluation: |
|
|
||||||
|
|
A.
Testing Procedures: |
|||||||
|
|
Two tests will be given during
the course of the semester. There will be no make-up tests unless prior
arrangements have been made with the instructor. Quizzes will be given
during lab time for almost every chapter covered. Quizzes may only be made up
for excused absences. An excused absence is one that can be verified by
supporting documentation. Failure to make a passing quiz average may result
in a grade of F for the course. |
|||||||
|
|
B.
Laboratory Expectations: |
|||||||
|
|
Several lab assignments will
be given during the course of the semester.
In addition, students may be assigned a team project. A late penalty
will be imposed on any overdue assignment. Failure to make a passing average
in lab assignments and team project may result in a grade of F for the
course. |
|||||||
|
|
C.
Field Work: |
|||||||
|
|
N/A |
|||||||
|
|
D.
Other Evaluation Methods: |
|||||||
|
|
You are expected to do your
own work in this class. If you are unable to complete an assignment on your own,
it is your responsibility to get help from the instructor (before the
assignment is due). Plagiarism, cheating, software piracy, non-educational
use of computer systems and other forms of academic dishonesty are strictly
prohibited. A student caught cheating or infracting specific rules will be
given a grade of "F" for the course and a letter from the
department head will be placed in the student's academic record file, or
dismissal from the college will be recommended. |
|||||||
|
|
E.
Grading Scale: |
|||||||
|
|
93-100 A 88-92 B+ 83-87 B 78-82 C+ 73-77 C 65-72 D Below 65 F |
|||||||
|
VI. Policies: |
|
|
||||||
|
|
A.
Attendance Policy: |
|||||||
|
|
|
|||||||
|
|
B.
Academic Dishonesty: |
|||||||
|
|
Plagiarism, cheating, and
other forms of academic dishonesty are prohibited. Students guilty of
academic misconduct, either directly or indirectly through participation or
assistance, are immediately responsible to the instructor of the class.
In addition to other possible disciplinary sanctions which may be imposed
through the regular |
|||||||
|
|
C.
Accommodations for disabilities: |
|||||||
|
|
If you need accommodations
because of a disability, if you have emergency medical information to share, or
if you need special arrangements in case the building must be evacuated,
please inform the instructor immediately. Please see the instructor privately
after class or in his/her office. Students must present a current
accommodation plan from a staff member in Services for Students with
Disabilities (SSWD) in order to receive accommodations in this course.
Services for Students with Disabilities may be contacted by going to Goins
127 or 131 or by phone: 694-6751(Voice/TTY) or 539-7153. |
|||||||
|
|
D.
Other Policies: |
|||||||
|
|
Computer Usage
Guidelines: College-owned or –operated
computing resources are provided for use by students of |
|||||||