KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Welcome to Introduction to Network Security! Course Name – IT Introduction to Network Security Instructor – Jan McDanolds, MS Contact Information: AIM – JMcDanolds – Office Hours: Tuesday 4:00 PM ET and Wednesday 6:00 PM ET
INTRODUCTION Exercise…get to know your classmates 1.We are going to practice a little networking… 2.First student ( ) tell your name, general location, your experience in networking and something goofy you want to share. 3.Second student ( ) begin by stating another student’s name repeating one thing First/Second/etc student mentioned. 4.NEXT - add your own name, general location, experience in networking and something you want to share. 5.Continue… learn about each student in the class.
CLASS CONTENT Textbook and eBook 1.The textbook for this course is: CompTIA Security+ Study Guide 2.A full copy of the text is included as an eBook on the CD in the back of the book 3.There are flash cards you may use for study on the CD 4.Inside the front cover is a Security+ Study Guide outline for Exam SY0-201 (if you wish to study for the Security+ exam) 5.CompTIA exam is vendor-neutral
CLASS CONTENT Course Syllabus 1.The Syllabus link is located under Course Home 2.Please read the ENTIRE document 3.Review the section on Discussion requirements 4.Ask questions. Yes, you do need to participate in the seminar or you need to take the quiz. Course Calendar – part of Syllabus No Holidays in this 1101B Term
CLASS CONTENT Course Outcomes By the end of this course, you should be able to: 1. Describe systems security concepts. 2. Explain general communication and network infrastructure security concepts. 3. Examine physical and logical access control methods. 4. Summarize security assessment and auditing techniques. 5. Define general cryptography concepts technologies. 6. Examine operational and organization security components and procedures. General Education Outcomes: the following General Education outcomes are assessed during this course: 1. Formulate a logical solution to a problem. 2. Demonstrate college-level communication through the composition of original materials in Standard American English.
CLASS SUCCESS Success in Class 1.This class requires you to write college-level essays. 2.All project assignment (essays) are to be submitted in APA Style format. 3.Submit assignments as Word documents with your name and unit in the title (ex: SmithM-IT278-U1.doc) Each assignment has a Grading Rubric that outlines the point values. 4.An APA Style template is posted in Doc Sharing – “APA Sample for IT286”. You can use this to prepare your essays. I DO require references! Review the guidelines for plagiarism and cite your sources!
UNIT I General Security Concepts READ Chapter 1 Understanding Information Security Understanding the Goals of Information Security Comprehending the Security Process Authentication Issues to Consider Distinguishing Between Security Topologies No Project Assignment due in Unit 1
UNIT I Understanding Information Security The security triad… Physical security involves the protection of assets and information from physical access by unauthorized personnel. Operational security includes access control, authentication, and security topologies after network installation is complete. Management and Policies provide the guidance, rules, and procedures for implementing a security environment.
UNIT I Goals of Information Security Prevention refers to preventing computer or information violations from occurring. Detection refers to identifying events when they occur. Response refers to developing strategies and techniques to deal with an attack or loss.
UNIT I Comprehending the Security Process Antivirus software Access control MAC, DAC, and RBAC Authentication Biometrics, Certificates, CHAP, Kerberos Multi-factor, Mutual, PAP Security Tokens, Smart Cards Username / Password
UNIT I Authentication Issues to Consider Authentication security can be a high maintenance activity Identity proofing is necessary when a user cannot be authenticated Use of multi-factor authentication
UNIT I Distinguish between Security Topologies Design Goals Confidentiality – Integrity – Availability - Accountability Security Zones Internet, Intranets, Extranets, DMZ Designing Security Zones Technologies VLANs, NAT (Network Address Translation), and Tunneling Business Requirements
UNIT I Business Requirements Identifying assets Assessing risk Identifying threats Internal Threats External Threats Understanding vulnerabilities Issues with telephony VoIP
CHAPTER 1 Security Triad Goals of Info SecuritySecurity Processes and Products Securing the Physical Environment Examining Operational Security Working with Management and Policies Prevention Detection Response Antivirus software Access Control Authentication Review: Real World Scenarios Review: Terminology, Review Questions, and Web Links. Chapter 1 – General Security Concepts