|
PELLISSIPPI STATE COMMUNITY COLLEGE |
|||||||||
|
NETWORK SECURITY CSIT 2720 |
|||||||||
|
Class Hours: 3.0 |
|
Credit Hours: 4.0 |
|
||||||
|
Laboratory Hours: 3.0 |
|
Revised: Fall 09 |
|
||||||
|
NOTE: This course is not
designed for transfer credit. |
|||||||||
|
Catalog Course
Description: |
|
|
|||||||
|
|
This course provides
instruction in the analysis of business requirements for resource security
and the designing of security solutions in a Windows network operating
system. Topics include analyzing business and security requirements and
designing security solutions for Windows for access between networks and for
communication channels. |
||||||||
|
Entry Level Standards: |
|
|
|||||||
|
|
The entering student should
be skilled with the Windows 2003 Professional and Server operating systems,
Microsoft Active Directory and be able to demonstrate advanced computer
knowledge. Problem solving and analytical skills are also
important. |
||||||||
|
Prerequisites: |
|
|
|||||||
|
|
CSIT 1730 or consent of
instructor |
||||||||
|
Textbook(s) and Other
Course Materials: |
|
||||||||
|
|
Textbook and Supplies:
Suggested Optional Supplementals: Outside reading, magazines,
the Internet, vendor materials. |
||||||||
|
I. Week/Unit/Topic
Basis: |
|
|
|||||||
|
|
|||||||||
|
|
Week |
Topic |
|||||||
|
|
1 |
Introduction, Topic
Overview, Schedule; Designing Active Directory for Security |
|||||||
|
|
2 |
Designing an Organizational
Unit Structure; Designing Authentication; NTLM Authentication; Planning an
Administrative Structure; Designing Group Security; Securing File Resources |
|||||||
|
|
3 |
Designing Group Policy;
Securing Microsoft Windows 2003-Based Computers |
|||||||
|
|
4 |
Designing Windows 2003
Services Security |
|||||||
|
|
5 |
Planning a Public Key
Infrastructure |
|||||||
|
|
6 |
Securing Data at the
Application Layer |
|||||||
|
|
7 |
Securing Data with Internet
Protocol Security (IPSec) |
|||||||
|
|
8 |
Securing Access for Remote
Users and Networks |
|||||||
|
|
9 |
Securing an Extranet |
|||||||
|
|
10 |
Securing Internet Access |
|||||||
|
|
11 |
Securing Access to the
Internet by Private Network users |
|||||||
|
|
12 |
Identifying Security Design
Risks |
|||||||
|
|
13 |
Securing Access in a
Heterogeneous Network Environment |
|||||||
|
|
14 |
Designing a Security Plan |
|||||||
|
|
15 |
Project Presentations;
Final Exam |
|||||||
|
II. Course Objectives*: |
|
|
|||||||
|
|
A. |
Demonstrate knowledge of an
active directory structure designed for security. II,III,IV |
|||||||
|
|
B. |
Demonstrate knowledge of
designing authentication for a Microsoft Windows 2003 network. II,IV |
|||||||
|
|
C. |
Demonstrate knowledge of planning
a Microsoft Windows 2003 administrative structure. III,IV |
|||||||
|
|
D. |
Demonstrate knowledge of
designing group policy and security for Microsoft Windows 2003. III,IV |
|||||||
|
|
E. |
Demonstrate knowledge of
resource and file security. II,IV |
|||||||
|
|
F. |
Demonstrate knowledge of
securing Microsoft Windows 2003-based computers. II,IV,VIII |
|||||||
|
|
G. |
Demonstrate knowledge of
designing services security for Windows 2003. II,III,IV,VII |
|||||||
|
|
H. |
Demonstrate knowledge of
planning a PK (Public Key) infrastructure. III,IV |
|||||||
|
|
I. |
Demonstrate knowledge of
securing data at the application layer of the OSI model. III,IV |
|||||||
|
|
J. |
Demonstrate knowledge of
securing data with IPSec( Internet Protocol Security). III,IV |
|||||||
|
|
K. |
Demonstrate knowledge of
securing access for remote users and networks. III,IV |
|||||||
|
L. |
Demonstrate knowledge of
securing an extranet and securing Internet access. III,IV |
||||||||
|
M. |
Demonstrate knowledge of
heterogeneous network secure access. III,IV |
||||||||
|
N. |
Demonstrate knowledge of
designing a comprehensive network security plan. III,IV |
||||||||
|
O. |
Demonstrate client service,
teamwork skills and good communications skills to resolve problems and
complete tasks. I,II,IX |
||||||||
|
*Roman numerals after
course objectives reference goals of the CSIT program. |
|||||||||
|
III. Instructional
Processes*: |
|
|
|||||||
|
Students will: |
|
|
|
||||||
|
|
1. |
Use Windows 2003 operating
systems commands and utilities to perform practical tasks for network
computing. Technological Literacy
Outcome, Transitional Strategy, Active Learning Strategy |
|||||||
|
|
2. |
Demonstrate knowledge of
networking, electronic communication, and associated subjects. Technological Literacy Outcome |
|||||||
|
|
3. |
Solve problems encountered
in the subjects of networking, electronic communications, and associated
subjects. Technological Literacy
Outcome, Transitional Strategy, Active Learning Strategy |
|||||||
|
|
4. |
Participate in
problem-solving teams. Communication
Outcome, Transitional Strategy, Active Learning Strategy |
|||||||
|
|
5. |
Handle and examine modern computing
devices. Technological Literacy
Outcome, Transitional Strategy, Active Learning Strategy |
|||||||
|
|
6. |
Prepare documents and
presentations for management explaining computer networks and communications hardware/software,
etc. to meet user requirements. Communication
Outcome, Technological Literacy Outcome, Transitional Strategy, Active
Learning Strategy |
|||||||
|
|
7. |
Practice elements of the work
ethic such as punctuality, professionalism, dependability, cooperation, and
contribution. Transitional Strategy |
|||||||
|
*Strategies
and outcomes listed after instructional processes reference TBR's goals for
strengthening general education knowledge and skills, connecting course work
to experiences beyond the classroom, and encouraging students to take active
and responsible roles in the educational process. |
|||||||||
|
IV. Expectations for Student Performance*: |
|
|
|||||||
|
Upon
successful completion of this course, the student should be able to: |
|||||||||
|
|
1. |
Design
computer security to meet business requirements. A,B,C,D,O |
|||||||
|
|
2. |
Design
security to meet technical requirements. A,B,C,D,O |
|||||||
|
|
3. |
Design
a forest structure. A,C,O |
|||||||
|
|
4. |
Design
a domain structure. A,C,O |
|||||||
|
|
5. |
Design
an organizational unit structure. A,C,O |
|||||||
|
|
6. |
Design
an audit strategy. A,C,D,E,F,G,O |
|||||||
|
|
7. |
Design
Kerberos authentication. B,E,F,G,O |
|||||||
|
|
8. |
Design
NTLM authentication. B,E,F,G,O |
|||||||
|
|
9. |
Design
authentication for down-level clients. B,F,G,O |
|||||||
|
|
10. |
Design/plan
server placement for authentication. B,C,D,F,G,K,O |
|||||||
|
|
11. |
Design/plan
administrative group membership. C,D,O |
|||||||
|
|
12. |
Design/plan
administrative access to the network. C,D,O |
|||||||
|
|
13. |
Design/plan
group security and user rights; plan deployment of group policy. C,D, |
|||||||
|
|
14. |
Secure
access to file and print resources. B,C,D,E,F,O |
|||||||
|
|
15. |
Plan
EFS security. E,F,G,O |
|||||||
|
|
16. |
Plan/evaluate
Microsoft Windows 2003 security templates. F,G,O |
|||||||
|
|
17. |
Plan/deploy
of security by using security templates. E,F,G,O |
|||||||
|
|
18. |
Design
Microsoft Windows 2003 Services Security. E,F,G,O |
|||||||
|
|
19. |
Design
DNS security. F,G,K,O |
|||||||
|
|
20. |
Design
DHCP security. F,G,K,O |
|||||||
|
|
21. |
Design
RIS security. F,G,K,L,M,O |
|||||||
|
|
22. |
Design
SNMP security. F,G,K,L,M,O |
|||||||
|
|
23. |
Design
terminal Services security. F,G,K,L,M,O |
|||||||
|
|
24. |
Plan
security for network services. F,G,K,L,M,N,O |
|||||||
|
|
25. |
Design/plan
a Public Key (PK) infrastructure. H,I,K,O |
|||||||
|
|
26. |
Plan
a certification authority hierarchy. H,I,K,O |
|||||||
|
|
27. |
Manage
certification authorities. F,G,H,I,K,O |
|||||||
|
|
28. |
Plan
authenticity and integrity of transmitted data. F,G,I,J,O |
|||||||
|
|
29. |
Plan
encryption of transmitted data. J,O |
|||||||
|
|
30. |
Design
IPSec policies and deployment; evaluate IPSec scenarios. J,O |
|||||||
|
|
31. |
Design/plan
remote access security (for users and networks). J,K,L,O |
|||||||
|
|
32. |
Design
remote access policy. K,L,M,N,O |
|||||||
|
|
33. |
Plan
RADIUS security. K,L,M,N,O |
|||||||
|
|
34. |
Design/plan
security for an Extranet. K,L,M,N,O |
|||||||
|
|
35. |
Identify
common firewall strategies. K,L,M,N,O |
|||||||
|
|
36. |
Secure
Internet-accessible resources in a DMZ; secure data flow through a DMZ.
K,L,M,N, |
|||||||
|
|
37. |
Design
firewall rules. K,L,M,N,O |
|||||||
|
|
38. |
Design/plan
security for the Internet. J,K,M,N,O |
|||||||
|
|
39. |
Design
an Internet acceptable use policy. M,N,O |
|||||||
|
|
40. |
Secure
access to the Internet by private network users. G,J,K,M,N,O |
|||||||
|
|
41. |
Restrict
access to content on the Internet. E,F,G,I,M,O |
|||||||
|
|
42. |
Audit
Internet access. M,N,O |
|||||||
|
|
43. |
Design
secure Internet access. M,N,O |
|||||||
|
|
44. |
Design
interoperability between Windows 2003 and heterogeneous networks. M,N,O |
|||||||
|
|
45. |
Design
directory synchronization and integration. M,N,O |
|||||||
|
|
46. |
Secure
Windows 2003 user access to heterogeneous networks. M,N,O |
|||||||
|
|
47. |
Design,
define, develop, and maintain a comprehensive security plan. A,C,D,E,F,G,K,L,M,N,O |
|||||||
|
*Letters
after performance expectations reference the course objectives listed above. |
|||||||||
|
V. Evaluation: |
|
|
|||||||
|
|
A.
Testing Procedures: |
||||||||
|
|
A
minimum of three (3) examinations will be given. Each will be
cumulative. An alternative is to have regular examinations after each chapter
is finished. |
||||||||
|
|
B.
Laboratory Expectations: |
||||||||
|
|
Hands-on
learning activities done individually and in teams will also serve as the basis
for course evaluation. |
||||||||
|
|
C.
Field Work: |
||||||||
|
|
N/A |
||||||||
|
|
D.
Other Evaluation Methods: |
||||||||
|
|
Other
assessment activities will consist of special projects, research papers, team
activities, essays, short answer documents, or other work assigned. |
||||||||
|
|
E.
Grading Scale: |
||||||||
|
|
93 – 100 A 88 – 92 B+ 83 – 87 B 78 – 82 C+ 73 – 77 C 65 – 72 D Below 65 F |
||||||||
|
VI. Policies: |
|
|
|||||||
|
|
A.
Attendance Policy: |
||||||||
|
|
This course uses software
and hardware not normally available out-of-class to students. Regular
attendance is required for success in this class. Refer to the Class Policies
document for more information. Pellissippi State
Technical Community College expects students to attend all scheduled required
instructional activities. As a minimum, students in all courses MUST BE
PRESENT for at least 75 percent of their scheduled class and laboratory
meetings in order to receive credit for the course (Pellissippi State
Catalog). Departments, Programs, and Instructors MAY have additional
attendance requirements to enhance the learning environment in courses where
specialized hardware and software is furnished by the College and may not be
available to the students outside the laboratory. (Pellissippi
State Online Catalog) |
||||||||
|
|
B.
Academic Dishonesty: |
||||||||
|
|
Plagiarism, cheating, and
other forms of academic dishonesty are prohibited. Students guilty of academic misconduct, either
directly or indirectly through participation or assistance, are immediately
responsible to the instructor of the class.
In addition to other possible disciplinary sanctions which may be
imposed through the regular Pellissippi State procedures as a result of
academic misconduct, the instructor has the authority to assign an F or a
zero for the exercise or examination or to assign an F in the course. (Pellissippi
State Online Catalog) |
||||||||
|
|
C.
Accommodations for disabilities: |
||||||||
|
|
Students who need accommodations because of a disability, have
emergency medical information to share, or need special arrangements in case
the building must be evacuated should inform the instructor immediately,
privately after class or in her or his office. Students must present a
current accommodation plan from a staff member in Services for Students with
Disabilities (SSWD) in order to receive accommodations in this course.
Services for Students with Disabilities may be contacted by going to Goins
134 or 126 or by phone: 694-6751(Voice/TTY) or 539-7153. More information is
available at www.pstcc.edu/departments/swd/. |
||||||||
|
|
D.
Other Policies: |
||||||||
|
|
Computer Usage
Guidelines: College-owned or –operated
computing resources are provided for use by students of Pellissippi
State. All students are responsible
for the usage of Pellissippi State’s computing resources in an effective,
efficient, ethical and lawful manner. (Pellissippi State Online Catalog) |
||||||||