Higher Institute of Business Management and Republic of Cameroon

Technology (HIBMAT) Peace-Work-fatherland

BTECH
Course outline for IT Security Fundamentals
Course Instructor: Dr. Nde D Nguti
Tel: 67507 9262
email: dnguti@yahoo.co.uk
Lecture Schedule: Sarturday 07:00 – 09:00

Objectives
 Computer and Network Security Principles
 Network and Server Security
 Cryptography
 Authentication
 Authorization and Access Control
 Securing Network Transmission
 Remote Access and Wireless Security
 Server Roles and Security
 Protecting Against Malware
 Ongoing Security Management
 Fault Tolerance and Disaster Recovery
 Intrusion Detection and Response

Week Topic Detail

1 Computer and Network Security  Computer and Network Security Principles, intro-
Principles  duces basic terminology and concepts related to
security and gets
 the student thinking about why it is important to
take security mea-
 sures to protect a network and its resources. The
chapter begins with
 an overview of different types of attacks. Next it
discusses the three
 key aspects of security: confidentiality, integrity,
and authentication.
 From there it moves on to discuss risk analysis,
including identify-
 ing and ranking assets, threats, and vulnerabilities.
The chapter con-
 cludes with an overview of security policies and
standards.
Week Topic Detail
2 Network and Server Security  Network and Server Security, discusses some best
prac-
 tices and techniques for mitigating the risk to
servers on your net-
 work. It begins with a review of the Open Systems
Interconnection
 (OSI) model to ensure that students are familiar with
various proto-
 cols and the layers at which they operate. From
there it moves on to
 discuss some best practices when securing a
network: security by
 design and defense in depth. Next it presents some
techniques for
 reducing the attack surface of a server. The chapter
concludes with a
 look at perimeter security, including firewalls and
Network Address
 Translation (NAT).
3 Cryptography  Cryptography, introduces the fundamental principles
 of cryptography and discusses various ways it is
used to provide net-
 work and computer security. The chapter begins
with a brief history
 of cryptography and introduces the cast of
characters commonly used
 to describe cryptographic scenarios. Next it
discusses symmetric
 encryption and introduces the problem of how to
share symmetric
 keys. From there it moves on to discuss asymmetric
encryption and
 one of its common uses, digital signatures. Next it
looks at the role
 of hashes. The chapter then brings the cryptographic
techniques
 together to examine how they can be used to
provide confidentiality,
 integrity, and authentication. The chapter concludes
with an overview
 of public key infrastructure (PKI), using
Microsoft®’s Certificate Ser-
 vices as an example of how you can implement a
PKI.
Week Topic Detail
4 Authentication  Authentication, discusses the importance of
authenti-
 cation and how credentials can be used to prove the
identity of a user
 or computer. The student is first introduced to some
key authentica-
 tion and concepts, including the entities that must be
authenticated,
 single sign-on, and mutual authentication. Next the
chapter examines
 the types of credentials that can be used to prove the
identity of a
 user or computer. The chapter then looks at some
protocols used for
 network authentication. The chapter concludes with
a look at best
 practices, including using strong passwords and
limiting the times
 during which or locations from which a user can log
on
5 Authorization and Access Control  Authorization and Access Control, introduces
students
 to concepts and procedures related to limiting who
can access
 resources on a network. The chapter begins by
discussing types of
 access control that have been used historically and
that are used today,
 including mandatory access control (MAC),
discretionary access con-
 trol (DAC), and role-based access control (RBAC).
Next it examines
 how access control is managed on a Windows®
network. The chapter
 concludes with a look at access control in a Unix®
or Linux envi-
 ronment.
Week Topic Detail
6 Securing Network Transmission  Securing Network Transmission, focuses on
securing net-
 work perimeters and data in transit on the network.
The chapter begins
 with a look at some attacks that target network
services and packets on
 the network. Next it examines some strategies for
segmenting a network
 and securing network perimeters. It concludes with
a look at some pro-
 tocols that can be used to encrypt data on the
network, including Secure
 Sockets Layer (SSL), Transport Layer Security
(TLS), and IP security
 (IPsec).
7 Remote Access and Wireless Security  Remote Access and Wireless Security, deals with
 security considerations for a network that extends
past the tradi-
 tional WAN. It begins with a discussion of the
dangers of modems
 and how to secure a network that allows dial-in
access. Next it
 looks at virtual private networks (VPNs). From
there it moves on
 to discuss how Remote Authentication Dial-in User
Service
 (RADIUS) or Terminal Access Controller Access
Control System
 (TACACS) can be used to centralize authentication
for remote
 access clients. The chapter concludes by examining
the threats
 introduced through wireless networking and steps
you can take to
 mitigate those threats.
Week Topic Detail
8 Server Roles and Security  Server Roles and Security, examines the different
roles
 servers play on a network and discusses ways to
mitigate the threats
 associated with specific server roles. The chapter
begins by dis-
 cussing establishing a security baseline for the
servers on a network.
 Next it examines risks specific to infrastructure
servers, including
 domain name system (DNS), Dynamic Host
Configuration Protocol
 (DHCP), and Windows Internet Name Service
(WINS) servers, and
 how to mitigate them. It then discusses steps to take
to secure
 domain controllers. Next it looks at considerations
for securing file
 and print servers. The chapter concludes with a look
at security
 issues specific to application servers, such as web
and database
 servers.
9 Protecting Against Malware  Protecting Against Malware, looks at various types
of
 malware and steps to take to protect computers
against viruses,
 worms, spyware, and other types of malicious code.
The chapter
 begins by defining the types of malware that
typically pose a threat
 to computers. Next it discusses anti-malware
programs and the
 importance of user education in preventing attacks.
The chapter then
 discusses issues related to securely browsing web
sites. The chapter
 concludes with a look at risks specific to email and
how to mitigate
 them.
Week Topic Detail
10 Ongoing Security Management  Ongoing Security Management, examines some key
 considerations for keeping a network secure. It
begins with a discussion of strategies for ensuring
that operating systems and applications are
 kept up-to-date with the latest security patches.
Next, it discusses the
 importance of auditing and ongoing monitoring.
Finally, the chapter
 examines strategies for both in-band and out-of-
band remote man-
 agement.
11 Fault Tolerance and Disaster  Disaster Recovery and Fault Tolerance, examines
Recovery the
 importance of planning for the worst. It begins by
discussing three
 types of plans a company should have in place to
define recovery pro-
 cedures when a disaster or attack occurs. Next, it
covers the impor-
 tance of backups. The chapter concludes with a look
at fault tolerance
 technologies, include Redundant Array of
Independent Disks (RAID)
 and failover configurations.
12 Intrusion Detection and Response  Intrusion Detection and Forensics, introduces stu-
 dents to techniques used to detect a potential attack
and analyze the
 nature of an attack. The chapter begins with a look
at intrusion
 detection systems (IDS) and how they can be used
to provide
 advance warning of an impending attack. Next, it
looks at how hon-
 eypots can be used to analyze an attacker’s methods.
The chapter
 concludes with a look at forensics, including
procedures for pre-
 serving evidence and investigating the extent and
methods used in
 an attack.

Books: Network Security Fundamentals by:

Eric Cole, Ronald L. Krutz, James W. Conley, Brian Reisman, Mitch Ruebush, and Dieter Gollmann
Soft copy available