Undergraduate Certificate in IT Infrastructure Security

This course introduces the student to local area networking concepts in an easy to understand way. In today's competitive business world, one needs to have a basic understanding of the networking technology that runs it. Whether they choose to delve full bore into the technical side of networking or use what they learn to make an informed decision regarding the design, implementation, and maintenance of their local area network, this course will give the student a good foundation to build upon. Students must have access to MS Visio 2000 or higher . This course meets the topical requirements of the IAW 8570.1M Technical I category.

This course is a study of the principles and concepts of Network Security from the perspective of the Operating System (OS). It places emphasis on discovering the vulnerabilities of the standard Operating Systems (OS) to attacks and focuses on the methodologies and measures necessary to take a proactive and preventive stance to address security vulnerabilities. Students will examine the principles, practices, and policies related to hardening and securing Operating Systems so they are impervious to security threats. It focuses on the vulnerabilities and the related countermeasures of various Windows 2000 and Windows NT components (Domain structures, domain trusts, security account manager, policies, profiles, file system, IP services (DHCP, DNS, IIS, TCP/IP printing, RPC, RIP for Internet protocol, SNMP), DCOM, Registry, Active Directory, Encrypting File System (EFS), IPSec, and public key certificate services). This course also discusses vulnerabilities and countermeasures related to UNIX (file system, access control, UID, GID, root password, console password, password shadowing, UNIX kernel, IP services, Inetd, TCP wrapper, variants (AIX, IRIX, Solaris, Linux), “r” services, finger services, Telnet, FTP, Gopher, HTTP, and SSL).

This course examines the techniques and technologies for penetration of networks, detection of attacks, and prevention of attacks. This course addresses the techniques, the technologies, and the methodologies used by cyber intruders (hackers) to select a target and launch an attack. An understanding into the mind and psyche of the hacker is essential to anticipating the moves of the hacker and to design effective countermeasures. This course focuses on techniques and technologies to detect such attacks even while the attack is in progress; early detection enables the administrator to track the movements of the hacker and to discover the intent and goals of the hacker. This course assesses the various countermeasures to keep the system out of the “sights” of the hacker and to keep the hacker out of the perimeter of the target network. This course also explores the laws and the legal considerations in prosecuting computer crime.

This course explores Networking Security from the perspective of risk management and confirms that assessment of IP based Network systems is critical to developing strategies to mitigate and manage risks. This course focuses on effective assessment strategies that ultimately help the student to implement effective and proactive risk mitigation measures and risk management practices. It exposes the vulnerabilities of TCP/IP; and appraises risk assessment, risk analysis, risk mitigation, risk management, networking components and Virtual Private Networks (VPN). This course examines the tools and techniques used to attack, test and assure the security of the remote information, maintenance, FTP, database, email, UNIX RPC, and IP VPN services. The student will apply this knowledge to develop an assessment methodology that identifies, attacks, and penetrates IP based network systems.

This course will discuss both computer and network security, from the wetware (human), software, and hardware perspectives. The "wetware" component will deal with identification of potential risk situations, establishing policies for avoidance, recovery, and prosecution, and proactive measures to reduce causal factors for security breeches in an organization. The "software" perspective will examine types of inappropriate software activity, as well as asset protection issues (recognizing software assets). This component will also address software tools available to assist in reducing administrative costs due to both malicious and accidental loss. The "hardware" component will address hardware approaches to protecting assets, as well as hardware techniques used to compromise assets. Specific technologies discussed include firewalls, symmetric key encryption, public key encryption, digital certificates, and cryptographic systems (SSL/TLS, VPNs, and Kerberos).

This course is a study of Network Security attacks and countermeasures. This course examines various security technologies, such as: intrusion detection, authentication, session hijacking, sniffing, spoofing, denial of service, buffer overflow attack, port scanning, encryption, IPSec, DES encryption, triple DES encryption, message digest 5 algorithm, point-to-point tunneling protocol (PPTP), layer 2 tunneling protocol (L2TP), Kerberos, RSA Pretty Good Privacy(PGP), Secure Shell (SSH), Secure Sockets Layer (SSL), Stateful Packet Inspection (SPI), Network Address Translation (NAT), proxies, content filters, public/private keys, Public Key Infrastructure (PKI), Virtual Private Networks (VPN), security policies, security tokens, digital certificates, viruses, worms, Trojan horses, virus scanners, virus protection, vulnerability assessment, and vulnerability scanners.