Network Security
Important Notice
This course is not active. Please contact Department Chair for more information.
Overview
- Introduction to Security Management Practices
- information security framework (e.g. ISO17799 or COBIT)
- security models, confidentiality, integrity and availability
- security evaluation criteria (e.g. TCS, ITSEC)
- risk analysis, administrative control and security policies
- Password Management And User Authentication
- password management and attack methods (e.g. dictionary attack)
- hash functions (SHA1, SHA2) and shadow password
- challenge response authentication, mutual authentication, Kerberos authentication
- man-in-the-middle attack
- Cryptography And Key Management
- review on cryptography (perfect secrecy, cipher text)
- symmetric and asymmetric cryptography (block ciphers, DES, 3DES and AES)
- asymmetric cryptography, message integrity and digital signature
- key exchange algorithm and key management
- Public Key Infrastructure (PKI)
- Virtual Private Network
- introduction to VPN (PPTP, Site-to-site VPN, Client based VPN)
- IPSec Negotiation, IKE authentication mechanism
- encryption, integrity checking and packet encapsulation in IPSec
- site-to-site VPN vs. client-based VPN
- dead peer discovery mechanism
- Network Infrastructure And Perimeter Protection
- firewall topology and implementation, NAT, security zone and demilitarized zone
- physical security, device redundancy, router security and VLAN switch
- port control, packet filtering, session filtering, circuit gateway, application gateway
- device based firewall vs. host based firewall
- Protocol Security
- OSI protocol analysis and sniffing tools
- routing protocol security - RIP, OSPF, BGP routing protocols (router authentication, directed broadcast control, black hold filtering, unicast reverse path forwarding, path integrity)
- ICMP protocol security (smurf attack, ping of death, syn flooding attack)
- IP security (spoofing, hijacking, injection and DoS by connection reset)
- data link layer security issue (IP permit lists, protocol filtering and control, LAN flooding)
- Application Level Security
- authentication applications (Kerberos, X.509, PKI)
- network service security (SNMP, DNS, NAT)
- electronic mail security (PEM, PGP, S/MIME)
- Web security and e-commerce (SSL, TLS, HTTPS, SET)
- fault tolerance mechanisms
- Intrusion Detection And Prevention
- malicious software (virus, worms, Trojan Horse) , denial of service and buffer overflow attack
- network traffic signature, port scanning and activity monitoring
- host based and network based IDS deployment
- intrusion detection system and incident response
- SMTP gateway and proxy server
- Wireless Security
- wireless architecture and standards (802.11, 802.15, 802.16)
- SSID, shared key authentication, WEP, EAP, WAP
- defences against war driving
Lecture, seminar, demonstration, and hands-on assignments/projects
Lab Assignments | 20% - 35% |
Participation | 0% - 10% |
Quizzes | 5% - 20% |
Midterm Examination | 25% - 30% |
Final Examination | 25% - 30% |
Total | 100% |
The student will be able to:
- describe security terminologies, management models, policy requirements and industries best practice;
- describe security issues in OSI protocols;
- conduct basic risk analysis and identify security vulnerability in enterprise network systems;
- describe cryptographic algorithms, their characteristics and application to network security;
- design and implement secure network infrastructure with network security components such as VLAN, VPN, firewall and/or proxy servers;
- analyze network traffic and protocols using tools such as tcpdump, ethereal or other packet sniffers.
Textbooks and Materials to be Purchased by Students
William Stallings. Network Security Essentials: Applications and Standards. Latest edition. Prentice Hall.
OR
other textbook approved by department.
Requisites
Course Guidelines
Course Guidelines for previous years are viewable by selecting the version desired. If you took this course and do not see a listing for the starting semester / year of the course, consider the previous version as the applicable version.
Course Transfers
These are for current course guidelines only. For a full list of archived courses please see https://www.bctransferguide.ca
Institution | Transfer details for CSIS 3150 | |
---|---|---|
There are no applicable transfer credits for this course. |