CSC 483 Advanced Computer and Network Security (Online)

Quality Enhancement Plan (QEP): From These Roots ... A Foundation for Life: Mathematics and Financial Literacy

CSC 483 Advanced Computer and Network Security (Online)

Online Comments

This is an online course. The following information is very important. CSC 4012 is the first course in the CNSS 4012 certification process. An awareness of the materials is the goal. You will be responsible for a number of readings and Cyber Security Training modules (see ) . The workload is reasonable but continuous. I will not accept any late submissions and you are expected to follow instructions.

If you have questions, contact me at once (see contact information below). If you have trouble with BlackBoard or using the Hampton University intranet system, contact me immediately.

Course Description

Introduction to security problems in computing and networking. Information Security Models. Encryption and decryption techniques. Cryptographic protocols and practices. Operations Security. Program Security. Security in networks and distributed systems. Database Security. Electronic commerce security. Legal and ethical issues in computer and network security. Prerequisite: CSC 382 or Consent of the Chair.

INSTRUCTOR: Mr. Robert A. Willis Jr.

Office: ST 120 Telephone: 757-727-5556

Office Hours:

MWF 9:00 ? 11:00 TR 11:00 ? 1:00

Contact:

E-Mail: robert.willis@hamptonu.edu

Skype: rwjr1944

Twitter: rwjr1944

Course Objectives

Design, implementation, and analysis of computer and network security. This courses provides the foundation for understanding the key issues association with assessing information security model,

1

Quality Enhancement Plan (QEP): From These Roots ... A Foundation for Life: Mathematics and Financial Literacy

protecting computer and network resources, examining existing cryptographic protocols and designing new cryptographic protocols, studying operation security, analyzing security for operating systems and programs, implementing secure database and e-commerce systems. After completing the courses, students would be able to

Identify and prioritize threats to computer and network resources. Identify and prioritize information security models. Identify and implement encryption and decryption techniques. Identify and design cryptographic protocols. Define the factors of operation security. Identify and define the factors of secure operating systems and programs. Identify and define the factors of secure database systems. Define and design secure e-commerce systems. Describe ethics, legal, and public relations implications of computer and network security.

Minimum Competencies

Students meeting minimum competencies should expect to receive a grade between 74% and 77%. Minimum competencies for this course are as follows:

Identify and prioritize threats to computer and network resources. Identify and prioritize information security models. Identify and implement encryption and decryption techniques. Identify and design cryptographic protocols. Define the factors of operation security. Identify and define the factors of secure operating systems and programs. Describe ethics, legal, and public relations implications of computer and network security.

Course Topics

This course will cover most of the information assurance concepts including:

Introduction to Computer and Network Security (6 hours) Information Security Model (3 hours) Encryption and Decryption (6 hours) Cryptographic Protocols (6 hours) Operation Security (3 hours) Operating Systems and Program Security (3 hours) Database and E-commerce Security (3 hours) Legal, Ethical, and Professional Issues in Computer and Network Security (3 hours) Laboratory (12 hours) Mapping to CNSSI 4012 can be found here.

2

Quality Enhancement Plan (QEP): From These Roots ... A Foundation for Life: Mathematics and Financial Literacy

Textbooks:

Required: (Pfleeger) Security in Computing, 4th edition (or the newest), C. P. Pfleeger, S. L. Pfleeger, Prentice Hall, 2003.

Reference:

(Whitman) Principle of Information Security, 3rd edition, Michael E. Whitman & Herbert J. Mattord, Thomson, 2005.

(Krutz) The CISSP Prep Guide: Mastering the CISSP and ISSEP Exams, 2nd edition, Ronald L. Krutz and Russell Dean Vines, Wiley, 2004.

Supplemental Materials (SM):

SM-1: TEMPEST SM-2: NSA-TEMPEST-A Signal Problem SM-3: NSTISSM TEMPEST 2-95 SM-4: Information Leakage from Optical Emanations SM-5: NIST SP 800-12 An Introduction To Computer Security-The NIST Handbook SM-6: NIST SP 800-13 Telecommunications Security Guidelines for Telecommunications

Management Network SM-7: A Model for Information Assurance: An Integrated Approach SM-8: DOE-Cyber Security Process Requirements Manual

Tentative Course Outline

Week 1

Topics 1. Introduction to Computer and Network Security

Text chapters (See 4012 map for the details)

Pfleeger: Ch1, Ch8

1.1 Computer Systems

1.2 Wired Network

1.3 Wireless Network

1.4 Connectivity (SM-5, SM-6)

1.5 Protocols

2

1.6 Threat/Attack/Vulnerability (SM-8)

Pfleeger: Ch1, Ch2, Ch4

1.7 Theft

Krutz: Ch2, Ch9, Ch12,

Supplemental Materials

SM-5, SM-6

Tests / Programs HW-1

SM-1, SM-2, SM3, SM-4, SM-8

HW-2

3

Quality Enhancement Plan (QEP): From These Roots ... A Foundation for Life: Mathematics and Financial Literacy

1.8 TEMPEST (SM-1, SM-2, SM-3, SM-4) 1.9 Countermeasures 1.10 Threat Analysis/Assessment

Appendix Whitman: Ch2, Ch4, Ch9

3

LABORATORY

4

2. Information Security Model

2.1 NSTISSC Security Model

2.2 Information Security Model (SM-7)

5

3. Cryptography

3.1 Encryption

6

3.2 Decryption

7

3.3 Key Exchange Protocols

3.4 Digital Signature

8

3.5 Hash Functions

3.6 Access Control

3.7 PKI

9

LABORATORY

10

4. Operation Security

11

5. Operating Systems and Program Security

5.1 Operating Systems Security

5.2 Program Security

12

LABORATORY

13

6. Database and E-Commerce Security

6.1 Database Security

6.2 E-Commerce Security

Whitman: Ch1

SM-7

Pfleeger: Ch2, Ch10, Whitman: Ch8 Pfleeger: Ch2, Ch10 Whitman: Ch8 Pfleeger: Ch2, Ch10 Whitman: Ch8 Pfleeger: Ch2, Ch10 Whitman: Ch8

Krutz: Ch6 Pfleeger: Ch3, Ch4, Ch5

Pfleeger: Ch8

HW-3 HW-4 HW-5 HW-6 HW-7

HW-5

HW-6

4

Quality Enhancement Plan (QEP): From These Roots ... A Foundation for Life: Mathematics and Financial Literacy

14

7. Legal, Ethical, and Professional Issues in

Computer and Network Security

15

LABORATORY

Pfleeger: Ch9 Whitman: Ch3

HW-7

Important Dates:

Exam 1:

Exam 2:

Final Exam:

The following information applies to all students in the School of Science:

In addition to the minimum grade requirements established by Hampton University, all majors within the School of Science must pass all required courses offered within the School of Science with a grade of "C" or better in order to satisfy degree requirements. The minimum grade requirement is in effect for all science courses taken during Fall 2001 and beyond.

Course Assignment and Calendar:

Homework Assignments: There are two types of homework assignments: problems and projects. Both of

them will be issued and specified with their due date in Blackboard. Problems will be used to evaluate the understanding of course materials and projects will be used to evaluate the complexity of algorithm studied in class. All of the projects must be implemented by Java in Unix/Linux environments. Late work will not be accepted and will be counted as zero.

Final Exam: The exam will be given on the date scheduled by the registrar. The exam will be

comprehensive. There are no exemptions from the exam.

Attendance: The attendance policy of Hampton University will be observed. You are expected to attend

all classes and to arrive on time. Your attendance and participation will be 10% of the final grade. More than 7 absences will constitute a failing grade, regardless to other considerations.

Writing-Across-The-Curriculum: Hampton University adopts the policy in all courses of "writing

across the curricula". In this course, the objectives will be achieved by homework assignments, program comments, and various tests.

5

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download