Operating System & Multimedia CyberSecurity

Curriculum Guideline

Effective Date:
Course
Discontinued
No
Course Code
CSIS 4450
Descriptive
Operating System & Multimedia CyberSecurity
Department
Computing Studies & Information Systems
Faculty
Commerce & Business Administration
Credits
3.00
Start Date
End Term
Not Specified
PLAR
No
Semester Length
15 Weeks
Max Class Size
35
Course Designation
None
Industry Designation
CCSP,CEH,CHFI,CISA,CISM,CISSP,CRISC,GCFA,GCFE,GSEC,OSCP
Contact Hours

Lecture: 2 hours/week
Seminar: 2 hours/week

Method(s) Of Instruction
Lecture
Seminar
Learning Activities

The methods of instruction for this course will include lectures, seminars, demonstrations, and hands-on assignments/projects.

Course Description
This course focuses on host-based security and will provide students with in-depth, hands-on experience in operating system hardening, including user account management, host intrusion detection, SEIM/SOAR configuration, implementation and customization, filesystem encryption, and jailing. Besides host hardening, students will gain practical hands-on experience in implementing patch management and host-based security policies.
Course Content
  1. General Information Security Principles
  2. Secure System Boot Services
  3. Local and remote account administration including remote access services such as SSH and WinRM
  4. Operating system privilege escalation and privilege presentation tools (UAC and Sudo)
  5. Automating Systems Setup and configuration of operating systems
  6. Traditional memory attacks (Stack smashing)
  7. Host-based Intrusion Detection and Prevention (ex. OSSEC, AIDE)
  8. SEIM/SOAR systems
  9. Linux Kernel Messages and Kernel Security modules (ex. SeLinux, AppArmor)
  10. Windows and *nix account administration
  11. Windows and *nix local firewall administration
  12. Operating system logging facilities for Windows and *nix
  13. Local System Service hardening
  14. Web Server hardening
Learning Outcomes

At the end of this course, the successful student will be able to: 

  1. Implement and utilize the windows and Linux operating systems effectively.
  2. Demonstrate the process of operating system hardening.
  3. Configure operating systems on heterogeneous operating systems securely.
  4. Setup and automate patch management for computing devices.
  5. Setup and implementation, monitoring of System Logging using Syslog and SEIM systems.
  6. Implement and monitor Host Intrusion Detection and Prevention Systems.
  7. Manage Windows and Unix Endpoint Protection.
  8. Implement local file and file system encryption.
  9. Implement a host-based operating system kernel and jailing technologies.
  10. Analyze and apply security policies for data at rest and data in processing.
  11. Evaluate and administer host-based firewalls.
Means of Assessment

 Assessment will be in accordance with the Douglas College Evaluation Policy.

Assignments 

10% - 15% 

Midterm Exam *

30% – 35% 

Final Exam *

30% – 40% 

Research Project 

15% - 20%

Total 

100% 

* Practical hands-on computer exam

In order to pass the course, students must, in addition to receiving an overall course grade of 50%, also achieve a grade of at least 50% on the combined weighted examination components (including quizzes, tests, exams).

Students may conduct research as part of their coursework in this class. Instructors for the course are responsible for ensuring that student research projects comply with College policies on ethical conduct for research involving humans, which can require obtaining Informed Consent from participants and getting the approval of the Douglas College Research Ethics Board prior to conducting the research.

Textbook Materials

Course Materials to be provided by the instructor and/or approved textbooks from the department.

Prerequisites

A grade of C or better in CSIS 3160 , CSIS 2300, AND CSIS 3560

Corequisites

Courses listed here must be completed either prior to or simultaneously with this course:

  • No corequisite courses
Equivalencies

Courses listed here are equivalent to this course and cannot be taken for further credit:

  • No equivalency courses