IT 426 Practical Network Security - PowerPoint PPT Presentation

1 / 27
About This Presentation
Title:

IT 426 Practical Network Security

Description:

IT 426 Practical Network Security – PowerPoint PPT presentation

Number of Views:180
Avg rating:3.0/5.0
Slides: 28
Provided by: BobC102
Category:

less

Transcript and Presenter's Notes

Title: IT 426 Practical Network Security


1
IT 426Practical Network Security
2
Course Syllabus
  • Course Meeting Time
  • Tuesday and Thursday530 to 645 PMLocation FH
    450A
  • Instructor
  • Bob Cotter (e-mail cotterr_at_umkc.edu) (Web page
    http//sce.umkc.edu/cotterr/)
  • Office Hours
  • Tuesday and Thursday, 400 PM to 500 PM, Room
    450P (or by appointment)

3
Course Text
  • Prerequisites
  • CS420 Introduction to Networking
  • Text Book
  • Introduction to Computer Security
  • Michael Goodrich and Roberto Tamassia
  • Addison Wesley - 2011

4
Course Objectives
  • Identify and Describe Major Network Security
    Threats
  • What is their objective?
  • How are they carried out?
  • Who are the attackers?
  • Describe and Implement Various Information Hiding
    Techniques as They Apply to Network Security
  • Cryptography
  • Web Security
  • SSH / SSL

5
Course Objectives
  • Describe and Implement Traffic Monitoring and
    Control Techniques, including
  • Firewalls
  • Packet Filters, Proxy Servers
  • Describe and Implement Intrusion Detection
    Techniques
  • ID Systems
  • Security Logs
  • Describe and Implement Basic Security Management
    Practices
  • Describe a Security Policy

6
Grading
  • Grade Scale
  • 100 - 93 A
  • 92 - 90 A-
  • 89 - 87 B
  • 86 83 B
  • 82 80 B-
  • 79 - 77 C
  • 76 - 73 C
  • 72 70 C-
  • 69 - 67 D
  • 66 63 D
  • 62 60 D-
  • 59 - 0 F
  • Grading Policy
  • Homework 35
  • Exam 1 20
  • Exam 2 20
  • Final Exam 25
  •  

7
VERY Tentative Course Schedule
Week Tuesday Thursday
1 Course/Lab Intro Network Fundamentals
2 Linux Fundamentals / Lab Security Basics (1)
3 Security Basics Attacks
4 Malware (4) Physical Security (2)
5 review Exam 1
6 Cryptography Cryptography
7 Cryptography Web Security
8 Web Security Remote Access
8
VERY Tentative Schedule
Week Tuesday Thursday
9 Wireless Wireless
10 Spring Break
11 review Exam 2
12 SSH/SSL (supp) Firewalls (supp)
13 Firewalls IDS
14 SELinux Attack Analysis
15 IDS (Snort) Security Policy
16 Conficker review
17 Final Exam 5/14/2013 1745
9
Course Assignments
  • Problems (Supplemental and Textbook)
  • Lab Projects

10
College Success Strategies
  • Plan Ahead!!!!!
  • Whats Happening this week?
  • Whats happening next week?
  • Prepare for Lectures
  • What material will be covered? (read it!)
  • What handouts are available? (get them)
  • Lectures
  • Take Notes!!!!!
  • Ask questions
  • Review material (same day)

11
College Success Strategies
  • Assignments
  • Objective is to help learn course material
  • Start early!
  • Exams
  • Identify material to be covered
  • Study most difficult subjects first
  • Form study groups

12
IT 426 Network Lab
  • Flarsheim Room 452

Network Server
Station 1
Station 2
Station 3
13
IT 426 Network Lab
  • LANs interconnected with Hubs
  • Workstation and Server controlled with KVM

14
IT 426 Network Lab
  • Detailed Lab Layout

15
IT 426 Network Lab
  • Fixed Bay Patch Panels

16
IT 426 Network Lab
  • Each station includes
  • Linux Workstation
  • Linux Server / Gateway
  • All connections within and between stations are
    managed through the fixed bay patch panel.

17
IT 426 Network Lab
  • Each Station will have its own network address,
    but all networks can be connected through the
    network server.
  • Labs will consist of adding, modifying and
    testing various network capabilities and security
    features associated with those features.

18
Defining Information Security
  • Information security
  • Tasks of guarding digital information, which is
    typically processed by a computer (such as a
    personal computer), stored on a magnetic or
    optical storage device (such as a hard drive or
    DVD), and transmitted over a network spacing

19
Information Security (cont)
  • Ensures that protective measures are properly
    implemented
  • Is intended to protect information
  • Involves more than protecting the information
    itself

20
Identifying the Challenges
21
Identifying the Challenges
22
Defining Security
  • The security of a system, application, or
    protocol is always relative to
  • A set of desired properties
  • An adversary with specific capabilities
  • For example, standard file access permissions in
    Linux and Windows are not effective against an
    adversary who can boot from a CD

23
Security Goals
Integrity
  • C.I.A.

Confidentiality
Availability
24
Vulnerabilities
  • Network Transport
  • Network Access
  • The Computer
  • The Applications
  • The Users

25
Attacks
  • Network
  • Denial of Service
  • Man-in-the-Middle
  • Computer
  • Physical Access
  • Computer System Security
  • Applications
  • Buffer overflows
  • Back Doors / Trojans
  • Users
  • Social Engineering

26
Defenses
  • Cryptography
  • Firewalls
  • Physical Security
  • System / Application configuration
  • Security Policies

27
Summary
  • The objective of Network or Computer Security is
    to provide Information Security
  • Information Security intended to ensure
    Confidentiality, Integrity, and Availability of
    Information
  • Many consequences to not providing Information
    Security
  • Many tools available to protect information
Write a Comment
User Comments (0)
About PowerShow.com