Course Code: ISSC363 Course ID: 2636 Credit Hours: 3 Level: Undergraduate
This course explores Networking Security from the perspective of risk management and confirms that assessment of IP based Network systems is critical to developing strategies to mitigate and manage risks. This course focuses on effective assessment strategies that ultimately help the student to implement effective and proactive risk mitigation measures and risk management practices. It exposes the vulnerabilities of TCP/IP; and appraises risk assessment, risk analysis, risk mitigation, risk management, networking components and Virtual Private Networks (VPN). This course examines the tools and techniques used to attack, test and assure the security of the remote information, maintenance, FTP, database, email, UNIX RPC, and IP VPN services. The student will apply this knowledge to develop an assessment methodology that identifies, attacks, and penetrates IP based network systems.
|Registration Dates||Course Dates||Session||Weeks|
|01/25/21 - 07/02/21||07/05/21 - 08/29/21||Summer 2021 Session B||8 Week session|
|02/22/21 - 07/30/21||08/02/21 - 09/26/21||Summer 2021 Session I||8 Week session|
|03/29/21 - 09/03/21||09/06/21 - 10/31/21||Summer 2021 Session D||8 Week session|
|04/26/21 - 10/01/21||10/04/21 - 11/28/21||Fall 2021 Session B||8 Week session|
|05/21/21 - 10/29/21||11/01/21 - 12/26/21||Fall 2021 Session I||8 Week session|
The successful student will fulfill the following learning objectives:
- Identify the role of IP-Based Network Security assessment in the world of Information Technology Management.
- Demonstrate the need for and benefits of network security assessment; with a focus on network security assessment as a process rather than a product.
- Explain the process for assessing network security.
- Examine the components of a network security assessment methodology.
- Analyze the key tools used by network security professionals and seasoned hackers to perform an IP-based network security assessment.
- Analyze methods, tools, and techniques used for network enumeration
- Identify the various methods of IP network scanning
- Compare the capabilities of the various IP network-scanning tools in the marketplace.
- Evaluate the tools and techniques used to execute information leak attacks, and the tools and techniques to test while assuring the security of the remote information services and remote maintenance services
- Compare and Contrast the tools and techniques used to attack, test and assure the security of the remote maintenance, FTP, database, email, UNIX RPC, and IP VPN services.
- Define the configuration, functionality, and risks of filtering and security systems such as firewalls, border routers, switches, and ids sensors
- Examine the various types of application-level vulnerabilities exploited by hackers and any corresponding risk mitigation strategies and techniques.
- Develop an assessment methodology that identifies, attacks, and penetrates IP based network systems.
The grading will be based on graded assignments, Forum postings, labs, quizzes, and case studies.
- There are eight assignments for the course. The assignments count as 30% of the final grade. The assignments will follow each of the major portions of the course. These assignments are questions from the text. They are selected to demonstrate mastery of concepts discussed during the course. Assignments should be prepared in Microsoft Word or an equivalent word processor program and uploaded onto the assignments’ area by the due date.
- There are four Forum postings. There will be four forums. Answers should restate the question with supporting sentences using the terms, concepts, and theories from the required readings. The key requirement is to express your idea and then support your position to demonstrate that you understand the material. Your answer should be a minimum of 250 words. Please see Appendix A for the grading rubric on all written assignments. In addition, you are to respond to at least two of your classmates’ postings by critiquing, supporting or supplementing the other students’ answers. Your responses should be at least 150 words long. All responses should be courteous with sound supporting sentences. The key requirement is to express your idea and then support your position using the terms, concepts and theories from the required readings to demonstrate that you understand the material. You may respond multiple times within a continuous discussion with points and counter points. Duplicate responses will not receive credit. The Forums count as 20% of the final grade.
- Two quizzes with multiple choice and true/false questions are open book and open notes. The quizzes count as 10% of your final grade.
- There is a Case Study; with three phases – counts as 10% of your final grade.
- Lab Work: The labs are hands-on additional exercises to reinforce the material covered in the weekly objectives. Counts as 30% of your grade.
|Forum Week 1||5.00 %|
|Forum Week 3||5.00 %|
|Forum Week 5||5.00 %|
|Forum Week 7: Cloud||2.50 %|
|Forum Week 7: Remote Access||2.50 %|
|Case Study||10.00 %|
|Case Study Phase 1||2.00 %|
|Case Study Phase 2||3.00 %|
|Case Study Phase 3||5.00 %|
|Assignment 1: Security Assessment||3.75 %|
|Assignment 2: Risk Review||3.75 %|
|Assignment 3: Risk Consultant||3.75 %|
|Assignment 4: Network Risk Assessment||3.75 %|
|Assignment 5: Article Review - Security Hacking or Data Breach||3.75 %|
|Assignment 6: Article Review - Denial of Service||3.75 %|
|Assignment 7: Buffer Overflows||3.75 %|
|Assignment 8: Favorite Course Topic||3.75 %|
|Lab Week 2||10.00 %|
|Lab Week 5||10.00 %|
|Lab Week 7||10.00 %|
|Week 2 Quiz||5.00 %|
|Week 4 Quiz||5.00 %|
Starting April 2016 this title & edition has moved to VitalSource. The VitalSource e-book is provided via the APUS Bookstore. Please visit http://apus.libguides.com/bookstore for more information.
Gibson, Darril (2014). Lab Manual to Accompany Managing Risk in Information Systems, 2nd edition. Jones & Bartlett Learning: Information Systems Security & Assurance Curriculum. Provided in the classroom within the lab environment (blue cover).
- Microsoft Office (MS Word, MS Excel, MS PowerPoint)
- Adobe Acrobat Reader (Click here for free download)
Compinfo.ws. (1995). LANs (Local Area Networks – a CompInfo Directory. Retrieved from http://www.compinfo-center.com/netw/lans.htm
Curt White, (2002) Data Communications and Computer Networks: A Business Users Approach, Second Edition. Boston, Massachusetts: Course Technology. ISBN 0-619-06464-1.
Feig, R. (2002). The OSI Reference Model. Retrieved from http://www2.rad.com/networks/1994/osi/intro.htm
ISSA. (2008). International systems security association home page. Retrieved October 28, 2008, from http://www.issa.org/.
Ostmo, C. (2000). Everything You Ever Wanted to Know About Modems… Retrieved from http://modems.rosenet.net/
SANS. (2008). Infosec reading room. Retrieved October 28, 2008, from http://www.sans.org/rr/.
Schnieder, K. (2003). Fiber Optic Data Communications for the Premises Environment. Retrieved from http://www.telebyteusa.com/foprimer/foprimer.htm
TechTarget. (2008). Information security magazine. Retrieved October 28, 2008, from http://informationsecurity.techtarget.com/
|Book Title:||Managing Risk in Information Systems, 2nd Ed. - e-book available in the APUS Online Library|
|Publication Info:||Jones & Bartlett - Lib|
|Book Title:||ISSC363 Lab Manual provided inside the classroom|
|Publication Info:||CLASS-Jones & Bartlett|
|Author:||Jones & Bartlett|
|Electronic Unit Cost:||$55.00|
Not current for future courses.