| 
  • If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

View
 

FrontPage

Page history last edited by Patrick 1 week, 1 day ago

CIS4360 Applied Cybersecurity

 

                                   

Overview


  • Fundamentals of computer security technology, including cryptography, authentication, digital signatures, firewalls, intrusion detection, and network security tools and applications. Linux is used heavily throughout the course as it is a very commonly deployed operating system for servers (Google, Facebook, Twitter, IBM, and many other companies use Linux).

 

This course is taught at Daytona State College as part of the Engineering Technology program. 

 

Start here!

 

IMPORTANT! 

If you haven't taken Linux in a while (it's a prerequisite for this course) then you may have forgotten a lot of what you might need for the assignments. Here's about an hour of videos that provide a quick introduction to Linux:

 

  • Fast Introduction to Linux (JUST WATCH THE VIDEOS.  I setup this site for an instructor workshop I gave. The remaining contents will just confuse you.)

 

 

 

BSIT Curriculum

Here's the new curriculum (2016) for our BS in IT degree. 

 

Attendance:

There is no physical classroom for this course. To check attendance you are to complete the Syllabus quiz by the assigned due date.  Please read the syllabus prior to taking the quiz.  If you fail to complete the quiz prior to the indicated due date you will be counted as "not attending," which may affect any financial aid you may be receiving.

 

How My Classes Work

 

This class requires quite a few readings, those are essential to understanding security.  That being said, we learn best by doing. Just because you can explain something on paper (how a firewall or intrusion detection system works) doesn't mean you can design, implement, and maintain one! Thus, the majority of this class is built around actually doing things with

security controls!

 

So this class is all about doing: designing, implementing, checking, and maintaining authentication systems, firewalls, intrusion detection systems, security policies, and cryptography systems.  You will get hands on experience with each of these utilities usually running under Linux.  Consequently, you must have a good background in Linux to take this course.

 

How are you going to run Linux if you only have one computer running Window? Easy! As a student you have access to a free copy of VMWare Workstation. Workstation is a virtualization technology that allows you to run multiple operating systems on a computer, just as if you had multiple physical systems. Cool!  You can even setup subnets within Workstation to simulate a real LAN.  I will have this setup for you near the end of the first week of classes. 

 

You are expected to install Workstation and a Linux distribution within Workstation. Don't worry, there are videos to show you how to do everything.

 

Note this class is about two things: a) learning about security controls, how to design and implement them, and b) learning to problem solve ON YOUR OWN. That's the job of an IT, network, or security administrator.  I know a lot of your classes have been about following steps: A, B, and C. Well life doesn't work that way. You are always in new situations, and you need to learn HOW to solve new problems. Learn that now, and you'll be 'gold.' Will you be frustrated at times? Yes.  Will you feel less frustrated as the class proceeds? Yes, if you practice what I show you and follow the recommendations in the lectures. All knowledge you can apply to any IT, network, or security administrator position.

 

General Outline of Topics

  • Security fundamentals
  • Authentication and access control
  • Network auditing 
  • Firewalls
  • Intrusion detection systems
  • System hardening
  • VPNs 
  • Cryptography 
  • Ethics 

 

Prerequisites

RequiredCTS3348: Linux Administration

Preferred: CET2660 (Network security fundamentals)

 

Course Outcomes

 

By the end of this course successful students will be able to:

1.     Students will be able to identify concepts related to the defense of networks.

 2.   Students will be able to apply their knowledge to implement network defense measures. In particular students will be able to install and configure a firewall (IPTables), develop firewall rules based on a security policy, and test those rules.

3.   Students will be able to apply their knowledge to implement network defense measures. In particular students will be able to install and configure a network intrusion detection system (Snort), develop IDS rules based on a security policy, and test those rules.

4.     Students will be able to use a network monitoring tool (Wireshark) to analyze a packet capture, including being able to identify normal as well as abnormal traffic.

5.     Students will be able to use a network mapping tool (nmap) to identify running systems, open and closed ports, as well as the operating system running on the systems.

6.     Students will be able to identify how symmetric and asymmetric encryption work, how digital signatures work, as well as apply encryption digital signatures for confidentially, integrity, authentication, and non-repudiation.

7.     Students will identify various types of access control (MAC, DAC, RBAC) and describe the appropriate uses of each.

8.     Students will be able to identify various means of hardening a networking, include the use of VPNs, proxy servers, honeypots/honeynets/and Bastion hosts.

9.     Students will be able to discuss various types of authentication, as well as implement methods of auditing (password cracking uses John the Ripper, Rainbow tables, etc.)

 

Textbook

Guide to network defense and countermeasures (Amazon link). This is a link to the SECOND edition.  The latest edition is 3rd, but it will be more expensive and I believe they are back ordered.  You might try going with the second edition. If there are issues (which I don't believe there will be), let me know.

 

I don't care where you get the book, but the textbook is required. To save money I suggest you get look for used books). Publisher: Course Technology; 3rd edition (2014) ISBN-10: 1-133-72794-8
ISBN-13: 978-1-133-72794-1 (again, this is the 3rd edition).
 

Course Lectures

Click here to view All Course Lectures

 

Course lectures are usually 10-30 minutes long, and are in MP4 format.  More information is available or individual lectures in the link above.

 

I suggest you save each lecture to your hard drive so you may access it anytime. Pause when you need to. Replay when you need to.  Have you ever tried doing that in a 'live' class?  Maybe a couple of times, but now YOU are in control.

 

Also, an analogy: I bought Tiger Woods' book on golf.  Read the whole thing cover to cover. Now I can play golf just like Tiger. Nope.  Have to practice, again and again and again. Same thing goes for this class. Can't learn how to create firewalls, intrusion detection rules, etc., by just watching a video lecture. You MUST practice, as much as possible.  I highly suggest that while watching the video you have your Linux virtual machine running. Pause the video when I run a command. Run the command, see what it does.  Start the video, and repeat.  

 

You may ask: "Why are your videos so much shorter than a regular class?"  Have you ever seen a recording of a regular class?  Most of it is 'dead space,' nothing being said, idle chit chat, etc.  My lectures are intentionally 'dense' with material.  Take a 1.5 hour lecture, remove extraneous information, pauses, chit chat, dead space, and voila -- a condensed version that is 10-30 minutes. The 'Cliff Notes' of lectures (you young people may have to Google that).  

 

It takes more time to edit my videos than record them.  The condensed version allows you use YOUR time more wisely. There's no sense in doing it any other way. You're welcome. :)

Certificate in Cybersecurity and Cyberforensics

 

If you are in the BSIT program then this is a great opportunity for you to earn the new Cybersecurity and Cyberforensics certificate. Here's the link that explains more.


cybercertificate.pbworks.com


The certificate consists of six courses: Linux administration, Computer and Network Security, Security Methods and Practices, Introduction to Digital Forensics, Advanced Digital Forensics, and Network Forensics and Incident Response.

Note that Security Methods and Practices (CET4884) is offered during the Summer Term B.

I've taught these courses since 2006, all were developed while I was at UCF, and the forensics courses were part of the Master's of Science in Digital Forensics I developed while at UCF. Of course I've modified them for the BS.

The courses are VERY hands on.   In these courses you learn the theory but then apply what you've learned in hands-on assignments.  I've received great reviews from students about these courses, and several of my students who have gone on to work for large companies now come back to Daytona State looking for students who have excelled at these courses.

The great thing about the certificate is that we cover topics that we KNOW will be important in IT for the future.  If you read anything on the internet you know that security is becoming (and actually has been) critical to our nation's security and economy.  This pretty much guarantees job security.

If you need further information please click on the link above or contact me.

 

craigep@daytonastate.edu

 

 

 

Adding Facebook Link to Sidebar

 

Daytona State College Graphic

 

Comments (0)

You don't have permission to comment on this page.