Faculty of Administrative & Financial Sciences

Total Page:16

File Type:pdf, Size:1020Kb

Faculty of Administrative & Financial Sciences

Philadelphia University Faculty of Administrative & Financial Sciences Department of Business Networking and Systems Management Second semester, 2009/2010

Course Syllabus

Course Title: Systems & Networks Course code: 371410 Security and Firewalls. Course prerequisite (s) and/or co requisite (s): Course Level: fourth year 371251 Lecture Time: 8:15-9:30 Credit hours: 3 Mon, Wed

Academic Staff Specifics Office Name Rank Office Number and Location E-mail Address Hours 12-13, Ahmad Al-Ghoul M.Sc. 32404 14-15 [email protected] Su.Tu.thu

Course module description: This course provides end-to-end, detailed coverage of the state of the art in all aspects of computer security. Starting with a clear, in-depth review of cryptography, it also covers specific options for securing software and data against malicious code and intruders; the special challenges of securing networks and distributed systems; firewalls; ways to administer security on personal computers; analyzing security risks and benefits; and the legal and ethical issues surrounding computer security. Course module objectives:  Provides a comprehensive introduction to information security issues, concepts and technologies.  Understand the technologies of access control, cryptography, digital signatures, authentication, network firewalls, and network security services and mechanisms  Explain the threat of viruses and other rogue programs, and recommended countermeasures  Understand and explain the specification, verification, and design of secure networks using rigorous and formal logical methods.

Course/ module components  Books 1 Text book: Security in Computing, by Charles P. Pfleeger, Prentice Hall 2003 ISBN : 0-13-035548-8 In addition to the above, the students will be provided with handouts by the lecturer. Homework guide . .HOMEWORK: Homework is an essential part of the educational process The homework in this course will reinforce the material covered in the classroom and provide time for practice. Students will earn points for each homework assignment .completed. Homework assignments will be graded based on completion

Teaching methods:  Duration: 16 weeks in first semester, 48 hours in total  Lectures: 32 hours (2.5 hours per week),  Laboratories: 16 hours, 1 per week Learning outcomes:  Knowledge and understanding A student completing this module should: -Define security and understand security statistics - List the attributes of an effective security system and create a security policy - Use authentication techniques and access control to secure your network - Define encryption, and encryption types and uses - Describe the elements involved in the use of firewalls - Describe firewall strategies, goals, and designs - Plan for proactive detection of and appropriate responses to a security breach

Cognitive skills (thinking and analysis). The lecturer will present the material in the text book in an interactive way that stimulates the thinking side of students. Conducting the learning objectives for each module components in clear manner to insure the material is digested by the students. .Analyzing, summarizing and integrating information from a variety of media -  The student must be to understand different available tools, techniques and  methods to apply security different, have the ability and understanding of using .the suitable method depends on cases

Communication skills (personal and academic). -Module language: English -For every lecture the last five minutes will be open for discussion. For further discussion, the students are welcome at the lecturer s office hour as appeared in first page. Time Management: Assignments are varied, integrated, and overlapping, and students must focus on multiple issues, projects, and demands. Students must, therefore, take responsibility for planning and pacing their own work as well as developing time management skills. Project Development: Groups of approximately two to three students develop projects, complete research, schedule meetings, write papers and reports, and deliver a 20-30 minute oral presentation using visual aids. Group Management: Students work on group projects to practice interpersonal skills by communicating with group members, other groups, and peers outside the group. Practical and subject specific skills (Transferable Skills).

2 The student is able to analyze and design security system using the suitable method and tools. Assessment instruments  Short reports and/ or presentations, and/ or Short research projects  Quizzes.  Home works  Final examination: 50 marks Allocation of Marks Assessment Instruments Mark First examination 15 Second examination 15 Final examination: 50 marks 50 Reports, research projects, Quizzes, 20 Home works, Projects Total 100

Documentation and academic honesty

This course is given from the textbook mentioned above. It is copyright protected. Students are encouraged to purchase this textbook from the university bookshop. Definition of Plagiarism Plagiarism is the unacknowledged borrowing of another writer’s words or ideas.

How Can Students Avoid Plagiarism?

To avoid plagiarism, you must give credit whenever you use

 another person’s idea, opinion, or theory;  any facts, statistics, graphs, drawings—any pieces of information—that are not common knowledge;  quotations of another person’s actual spoken or written words; or  Paraphrase of another person’s spoken or written words.

If you are in doubt about whether what you are doing is inappropriate, consult your instructor. A claim that “you didn’t know it was wrong” will not be accepted as an excuse. Penalty for Plagiarism The minimum penalty for an act of plagiarism is a 0 on the assignment, homework, and project. Serious cases of plagiarism may result in failure in the course as a whole, or expulsion from the university.

3

Course/module academic calendar

Basic and support material to be Homework/reports week covered and their due dates

(1) Information cycle, what is security, what is the threat & risk, effective security systems, ensure security in a network & enhancing security by, security procedures & security phases

(2) Planning a security policy, system classification, security Goals, creating a security policy, Types of Threat, Risk, Attack Tutorial 1

(3) Elements of security, security standards, & security architecture, authentication, access control, building a defense

(4) Encryption & method of defense, basic encryption and decryption, encryption strategy, encryption with key Tutorial 2

(5) Public key encryption, uses of encryption, digital signature H/W and S/W Security, physical Security, secure encryption systems

Definition of protocols, types of protocols, key (6) distribution, types of ciphers, Tutorial 3 First examination

(7) Error prevention and detection, one-way encryption, cipher block chain

(8) Repetition (encryption), Tutorial 4

(9) Viruses & types of viruses, how viruses attach & how viruses gain control, homes for viruses, virus signature, source of viruses, preventing virus infection, facts and misconceptions about viruses, examples of malicious codes

(10) What is a firewall, packet filters, proxy servers and circuit-level gateways, application-level gateway proxy server , Tutorial 5 Second Exam, - Practical implementation (The Cisco (11) (PIX Firewall Second examination

4 (12) building a firewall (bastion host), common firewall designs & Firewalls Design Approaches

(13) Personal Computer Security Management, UNIX Security Management, risks Analysis & Security Planning, organizational Security Policies, Tutorial 6

(14) Authentication methods, use of passwords, authentication protocols, PAP, CHAP, RADIUS, SSL, TLS, IPSec, Kerberos, Tutoria7.

Introduction to ISA server, using caching, using (15) firewalls, deployment scenarios for ISA server

Installing ISA server, installing and configuring ISA (16) server clients, maintaining ISA server, tutorial 8 Final Examination

Expected workload: On average students need to spend 2 hours of study and preparation for each 50-minute lecture/tutorial.

Attendance policy: Absence from lectures and/or tutorials shall not exceed 15%. Students who exceed the 15% limit without a medical or emergency excuse acceptable to and approved by the Dean of the relevant college/faculty shall not be allowed to take the final examination and shall receive a mark of zero for the course. If the excuse is approved by the Dean, the student shall be considered to have withdrawn from the course.

Module references

Books Students will be expected to give the same attention to these references as given to the Module textbook(s)

Cisco Network Security by James Pike, Prentice Hall [1]

Internet Security Protocols: Protecting IP Traffic: 1/e , Uyless Black [2]

Security Warrior[3] By Anton Chuvakin, Cyrus Peikari

Publisher O'Reilly : Pub Date January 2004 : ISBN 0-596-00545-8 : MCSE Training Kit—Designing Microsoft Windows 2000 Network Security [4]

Building Internet Firewalls [5] Elizabeth D. Zwicky, Simon Cooper & D. Brent Chapman Second Edition, June 2000 ISBN: 1-56592-871-7

5 Network Intrusion Detection, Third Edition [6] By Stephen Northcutt, Judy Novak Publisher : New Riders Publishing Pub Date : August 28, 2002 ISBN : 0-73571-265-4

CRYPTOGRAPHY Theory and Practice [7] Douglas R.stinson Publisher : CRC ISBN : 0-8493-8521-0

:(Website(s

./http://www.microsoft.com/isaserver/techinfo/howto /http://www.alw.nih.gov/Security /http://www.cert.org/homeusers/HomeComputerSecurity /http://www.jmu.edu/computing/security /http://www.networkcomputing.com/channels/security /http://dmoz.org/Computers/Security /http://security.fnal.gov /http://gaim-encryption.sourceforge.net /http://www.windowsecurity.com/articles_tutorials www.cisco.com

6

Recommended publications