Chapter 2 HW
•Review Questions 1–14, pp. 53, 54
• Case Assignment 1
• Case Assignment 2
• Class Activity 1 (Group Activity)
Explain how a good security policy makes yourjob easier.
When should it be changed and why?
•Class Activity Case 2-3 (Group Activity)
• Lab 1
• Lab 2
• Lab 3
• Lab 4
• Project Part 1: Initiation
• Project Part 2: Initiation
Wednesday, December 17, 2008
Project Part 2
Project
Part 2
Tasks:
• How would the operations of a firewall be used for:
Preventing the spread of malicious code?
Preventing intrusion attacks?
Deliverables and format:
Submit your answer in a Microsoft Word document
Font: Arial; 10
Line Spacing: Double
Assigned and Due Date:
Assigned: Week 3
Due: Week 4
Part 2
Tasks:
• How would the operations of a firewall be used for:
Preventing the spread of malicious code?
Preventing intrusion attacks?
Deliverables and format:
Submit your answer in a Microsoft Word document
Font: Arial; 10
Line Spacing: Double
Assigned and Due Date:
Assigned: Week 3
Due: Week 4
Project Part 1
Project
Part 1
Tasks:
What are the security risks involved in the following areas and
the ways that we can mitigate these risks:
Data security
Privacy
Authentication
Security policy
Security for network, workstations, servers, and other devices
Deliverables and format:
Submit your answer in a Microsoft Word document
Font: Arial; 10
Line Spacing: Double
Assigned and Due Date:
Assigned: Week 3
Due: Week 4 (Jan 07, 2008)
Part 1
Tasks:
What are the security risks involved in the following areas and
the ways that we can mitigate these risks:
Data security
Privacy
Authentication
Security policy
Security for network, workstations, servers, and other devices
Deliverables and format:
Submit your answer in a Microsoft Word document
Font: Arial; 10
Line Spacing: Double
Assigned and Due Date:
Assigned: Week 3
Due: Week 4 (Jan 07, 2008)
Project Introduction
Project Introduction:
You are hired as an IT security professional for a mid-size company. On your first day at
work, you arrive to find the following memo on your desk:
To: Joe Student
IT Security Professional
From: Michael Smith, CEO
Re: Network security issues:
Joe: Welcome aboard! We are glad to have attracted someone of your skill level to help fill this
challenging position. I am sure you will be a great addition to the team. First I wanted to
briefly, let you something about the company. It is a global organization with around 1000
employees. It consists of the following department situated at various locations across the
globe:
1. Operations
2. Research and Development
3. Sales and Marketing
4. Human Resources
5. Finance
Now that you are here, I have an issue I need addressed ASAP.
Due to growth and modification of the organization, we are in the process of evaluating our
network to determine what the best fit for our company would be and how to provide the best
protection. Currently, we have several servers and workstation operating systems; however,
these have been selected without any managerial oversight. The employees working on a
project installed what they wanted to use. We also provided Internet connection. In addition,
we may need to protect the network from intrusion attacks and malicious code.
In future, there will be personnel operating from home and we will also connect with other
locations. It was suggested that virtual private networks would be advisable.
We need to examine the following issues:
• What are the security risks involved in the following areas and how can we mitigate
these risks:
•Data security
• Privacy
• Authentication
Basically, is a security policy required and who and what should be involved?
• How would a firewall, proxy server, packet filtering, encryption or VPN be used for the
following?
• What can be done to prevent the spread of malicious code?
• What can be done to prevent intrusion attacks?
• What can be done to ensure the security of our network including servers?
• What can be done to provide security regarding the personnel who operate remotely?
In addition, it has been proposed in the past that we create a security policy for the company.
How should this policy be created? How and when should it be implemented? When and
why should it be updated? What should this policy include?
Thanks!
Mike Smith, CEO
You will need to prepare a written paper as well as a presentation in response to the above
memo. Page length is not an issue. What are needed are thorough and concise answers that
make good business sense. Please include implementing, managing, and monitoring of the
network.
Course Objectives tested: All
You are hired as an IT security professional for a mid-size company. On your first day at
work, you arrive to find the following memo on your desk:
To: Joe Student
IT Security Professional
From: Michael Smith, CEO
Re: Network security issues:
Joe: Welcome aboard! We are glad to have attracted someone of your skill level to help fill this
challenging position. I am sure you will be a great addition to the team. First I wanted to
briefly, let you something about the company. It is a global organization with around 1000
employees. It consists of the following department situated at various locations across the
globe:
1. Operations
2. Research and Development
3. Sales and Marketing
4. Human Resources
5. Finance
Now that you are here, I have an issue I need addressed ASAP.
Due to growth and modification of the organization, we are in the process of evaluating our
network to determine what the best fit for our company would be and how to provide the best
protection. Currently, we have several servers and workstation operating systems; however,
these have been selected without any managerial oversight. The employees working on a
project installed what they wanted to use. We also provided Internet connection. In addition,
we may need to protect the network from intrusion attacks and malicious code.
In future, there will be personnel operating from home and we will also connect with other
locations. It was suggested that virtual private networks would be advisable.
We need to examine the following issues:
• What are the security risks involved in the following areas and how can we mitigate
these risks:
•Data security
• Privacy
• Authentication
Basically, is a security policy required and who and what should be involved?
• How would a firewall, proxy server, packet filtering, encryption or VPN be used for the
following?
• What can be done to prevent the spread of malicious code?
• What can be done to prevent intrusion attacks?
• What can be done to ensure the security of our network including servers?
• What can be done to provide security regarding the personnel who operate remotely?
In addition, it has been proposed in the past that we create a security policy for the company.
How should this policy be created? How and when should it be implemented? When and
why should it be updated? What should this policy include?
Thanks!
Mike Smith, CEO
You will need to prepare a written paper as well as a presentation in response to the above
memo. Page length is not an issue. What are needed are thorough and concise answers that
make good business sense. Please include implementing, managing, and monitoring of the
network.
Course Objectives tested: All
Wednesday, December 10, 2008
IS316 Topics covered Tonight
Finish lecturing chapter 1 Firewall Planning and Design
Worked in-class activity 1
Start lecturing chapter 2 Security policy
Course Project Part 1: Initiation
Collect Week 1 HW Lab 1-4
HW Due Week 3
Chapter 1
Review Questions
Case Assignment 1
Case Assignment 2
Start lecturing Chapter 2 Security Policy
Worked in-class activity 1
Start lecturing chapter 2 Security policy
Course Project Part 1: Initiation
Collect Week 1 HW Lab 1-4
HW Due Week 3
Chapter 1
Review Questions
Case Assignment 1
Case Assignment 2
Start lecturing Chapter 2 Security Policy
Monday, December 8, 2008
IS316 Class Syllabus
SYLLABUS: Fundamentals of Network
Security, Firewalls, and VPNs
Instructor: Mario Perez
Office hours: TBA
Class hours: 6:00 PM - 10:20 PM
COURSE DESCRIPTION
This course offers an introduction to Virtual Private Networks (VPNs) and firewalls for securing a network. Various network security-related issues are introduced and examined. Different types of VPNs for securing data in an organizational setup are discussed as well as the benefits and architecture of a VPN and how to implement a VPN. Other topics include the utility of firewalls tackling security problems and limitations to a firewall. In addition, instruction is also given on how to construct, configure, and administer a firewall and the functionality of a firewall.
MAJOR INSTRUCTIONAL AREAS
Introduction to firewalls
Types of firewalls for securing data
Implementation of firewalls and virtual private networks
Standards of NIST publication 800-41 for firewalls
COURSE OBJECTIVES
After successful completion of this course, the student will have the opportunity to:
1. Explain the concept of firewalls.
1.1. Define firewalls and their need.
1.2. Explain the evolution and history of firewalls.
1.3. Identify limitations and future of firewalls.
1.4. Explain the types of firewalls.
1.5. Determine the best hardware and software for a firewall.
2. Identify the need for a security policy and how it is related to firewall.
2.1. Define a security policy and its need.
2.2. Identify why a security policy is important part of a firewall.
2.3. Identify the goals of firewall and incorporate them into a security policy.
3. Explain firewall configuration strategies.
3.1. Set up firewall rules.
3.2. Explain how to implement different firewall configuration strategies.
3.3. Identify various methods that can be used with firewall.
4. Explain packet filtering.
4.1. Define packets.
4.2. Define packet filtering.
4.3. Identify various approaches to packet filtering.
4.4. Explain rules of specific packet filtering.
5. Describe proxy servers and application-level firewalls.
5.1. Define proxy servers.
5.2. Define application-level firewalls.
5.3. Explain the difference between proxy servers and packet filtering.
5.4. Identify the benefits of the most popular proxy-based firewall products.
6. Explain how encryption complements firewall activities.
6.1. Identify the role encryption plays in firewall architecture.
6.2. Identify the need for digital certificates.
6.3. Identify workings of SSL and other encryption schemes.
6.4. Explain IPSec.
7. Implement and administer a firewall.
7.1. Describe categories of firewalls (desktop and enterprise).
7.2. Explain when each category is used.
7.3. Identify how to administer a firewall.
8. List the main component of National Institute of Standards and Technology (NIST)
publication 800-41 as it applies to firewall.
9. Implement virtual private network (VPN).
9.1. Define VPN.
9.2. Explain the components of a VPN.
9.3. Explain types of VPN solutions.
9.4. Identify VPN setups.
9.5. Identify various tunneling protocols.
9.6. Enable secure remote access via a VPN.
9.7. Identify best practices for configuring and maintaining VPNs.
10. Explain proxy servers and application-level firewalls.
10.1.Define proxy servers.
10.2.Define application-level firewalls.
10.3.Explain the difference between proxy servers and packet filtering.
10.4.Identify the benefits of the most proxy based firewall products.
11. Explain bastion host.
11.1.Define bastion host.
11.2.Define the general requirements for installing a bastion host.
11.3.Describe how to configure a bastion host.
• Research ITT Tech Virtual Library on the use of firewalls and VPNs to address
network security.
Related SCANS Objectives
1. Demonstrates competence in selecting technology for achieving desired outcomes.
2. Demonstrates knowledge of the procedures for setting up computer-based applications.
TEACHING STRATEGIES
The curriculum is designed to promote a variety of teaching strategies that support the outcomes
described in the course objectives and that foster higher cognitive skills. Delivery makes use of
various media and delivery tools in the classroom.
COURSE RESOURCES
Student Textbook Package
Greg Holden. Guide to Firewalls and Network Security Intrusion Detection and VPNs
Intrusion Detection and VPNs. Massachusetts: Thomson Course Technology, 2006
References and Resources
ITT Tech Virtual Library
Login to the ITT Tech Virtual Library (http://www.library.itt-tech.edu/) to access online
books, journals, and other reference resources selected to support ITT Tech curricula.
EVALUATION & GRADING
COURSE REQUIREMENTS
1. Attendance and Participation
• Regular attendance and participation are essential for satisfactory progress in this
course.
2. Completed Assignments
• Each student is responsible for completing all assignments on time.
3. Team Participation (if applicable)
• Each student is responsible for participating in team assignments and for completing
the delegated task. Each team member must honestly evaluate the contributions by all
members of their respective teams.
Evaluation Criteria Table
The final grade will be based on the following weighted categories:
CATEGORY WEIGHT
Participation 10 %
Case Assignments 20%
Lab Assignments 25%
Course Project 20%
Final Exam 25%
Total 100 %
Grade Conversion Table
Final grades will be calculated from the percentages earned in class as follows:
A 90 - 100% 4.0
B+ 85 - 89% 3.5
B 80 - 84% 3.0
C+ 75 - 79% 2.5
C 70 - 74% 2.0
D+ 65 - 69% 1.5
D 60 - 64% 1.0
F <60% 0.0
Security, Firewalls, and VPNs
Instructor: Mario Perez
Office hours: TBA
Class hours: 6:00 PM - 10:20 PM
COURSE DESCRIPTION
This course offers an introduction to Virtual Private Networks (VPNs) and firewalls for securing a network. Various network security-related issues are introduced and examined. Different types of VPNs for securing data in an organizational setup are discussed as well as the benefits and architecture of a VPN and how to implement a VPN. Other topics include the utility of firewalls tackling security problems and limitations to a firewall. In addition, instruction is also given on how to construct, configure, and administer a firewall and the functionality of a firewall.
MAJOR INSTRUCTIONAL AREAS
Introduction to firewalls
Types of firewalls for securing data
Implementation of firewalls and virtual private networks
Standards of NIST publication 800-41 for firewalls
COURSE OBJECTIVES
After successful completion of this course, the student will have the opportunity to:
1. Explain the concept of firewalls.
1.1. Define firewalls and their need.
1.2. Explain the evolution and history of firewalls.
1.3. Identify limitations and future of firewalls.
1.4. Explain the types of firewalls.
1.5. Determine the best hardware and software for a firewall.
2. Identify the need for a security policy and how it is related to firewall.
2.1. Define a security policy and its need.
2.2. Identify why a security policy is important part of a firewall.
2.3. Identify the goals of firewall and incorporate them into a security policy.
3. Explain firewall configuration strategies.
3.1. Set up firewall rules.
3.2. Explain how to implement different firewall configuration strategies.
3.3. Identify various methods that can be used with firewall.
4. Explain packet filtering.
4.1. Define packets.
4.2. Define packet filtering.
4.3. Identify various approaches to packet filtering.
4.4. Explain rules of specific packet filtering.
5. Describe proxy servers and application-level firewalls.
5.1. Define proxy servers.
5.2. Define application-level firewalls.
5.3. Explain the difference between proxy servers and packet filtering.
5.4. Identify the benefits of the most popular proxy-based firewall products.
6. Explain how encryption complements firewall activities.
6.1. Identify the role encryption plays in firewall architecture.
6.2. Identify the need for digital certificates.
6.3. Identify workings of SSL and other encryption schemes.
6.4. Explain IPSec.
7. Implement and administer a firewall.
7.1. Describe categories of firewalls (desktop and enterprise).
7.2. Explain when each category is used.
7.3. Identify how to administer a firewall.
8. List the main component of National Institute of Standards and Technology (NIST)
publication 800-41 as it applies to firewall.
9. Implement virtual private network (VPN).
9.1. Define VPN.
9.2. Explain the components of a VPN.
9.3. Explain types of VPN solutions.
9.4. Identify VPN setups.
9.5. Identify various tunneling protocols.
9.6. Enable secure remote access via a VPN.
9.7. Identify best practices for configuring and maintaining VPNs.
10. Explain proxy servers and application-level firewalls.
10.1.Define proxy servers.
10.2.Define application-level firewalls.
10.3.Explain the difference between proxy servers and packet filtering.
10.4.Identify the benefits of the most proxy based firewall products.
11. Explain bastion host.
11.1.Define bastion host.
11.2.Define the general requirements for installing a bastion host.
11.3.Describe how to configure a bastion host.
• Research ITT Tech Virtual Library on the use of firewalls and VPNs to address
network security.
Related SCANS Objectives
1. Demonstrates competence in selecting technology for achieving desired outcomes.
2. Demonstrates knowledge of the procedures for setting up computer-based applications.
TEACHING STRATEGIES
The curriculum is designed to promote a variety of teaching strategies that support the outcomes
described in the course objectives and that foster higher cognitive skills. Delivery makes use of
various media and delivery tools in the classroom.
COURSE RESOURCES
Student Textbook Package
Greg Holden. Guide to Firewalls and Network Security Intrusion Detection and VPNs
Intrusion Detection and VPNs. Massachusetts: Thomson Course Technology, 2006
References and Resources
ITT Tech Virtual Library
Login to the ITT Tech Virtual Library (http://www.library.itt-tech.edu/) to access online
books, journals, and other reference resources selected to support ITT Tech curricula.
EVALUATION & GRADING
COURSE REQUIREMENTS
1. Attendance and Participation
• Regular attendance and participation are essential for satisfactory progress in this
course.
2. Completed Assignments
• Each student is responsible for completing all assignments on time.
3. Team Participation (if applicable)
• Each student is responsible for participating in team assignments and for completing
the delegated task. Each team member must honestly evaluate the contributions by all
members of their respective teams.
Evaluation Criteria Table
The final grade will be based on the following weighted categories:
CATEGORY WEIGHT
Participation 10 %
Case Assignments 20%
Lab Assignments 25%
Course Project 20%
Final Exam 25%
Total 100 %
Grade Conversion Table
Final grades will be calculated from the percentages earned in class as follows:
A 90 - 100% 4.0
B+ 85 - 89% 3.5
B 80 - 84% 3.0
C+ 75 - 79% 2.5
C 70 - 74% 2.0
D+ 65 - 69% 1.5
D 60 - 64% 1.0
F <60% 0.0
Subscribe to:
Comments (Atom)