KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY

Welcome toWelcome toIntroduction to Network Introduction to Network

Security!Security!Course Name – IT286-01 Introduction to Network Security – 1203 C Term Instructor – Jan McDanolds, MS, Security+ Contact Information: AIM – JMcDanolds Email: jmcdanolds@kaplan.edu Phone: 641-649-2980

Office Hours: Tuesday, 7:00 PM ET or Thursday, 7:00 PM ET

INTRODUCTION

Exercise…get to know your classmatesPractice a little human networking…

1. Type in the text chat: Short answers – your general location

(area/state), your experience/years in IT/security/computers and something unusual/memorable that you can share with the class. (Ex: ride a Harley, dog lover, sing, etc - one sentence)

2. NEXT: type another student’s name, their location, and their memorable thing.

3. Continue: Select classmates until everyone has been entered at least three entries.

4. After last one, answer the following question: How is this exercise similar to the way computers communicate over a network? Example: source and destination, protocol, security

CLASS CONTENT

Course Syllabus1. The Syllabus link is located under Course Home2. Please read the ENTIRE document 3. Review the section on Discussion requirements 4. Ask questions. Yes, you do need to participate in

the seminar or you need to take the quiz.

1203C TermBegins July 5th and ends September 11th Holiday: Labor Day, Sept 1st through Sept 3rd

CLASS CONTENT

Textbook as eBook1. The textbook for this course is:

CompTIA Security+ Study Guide2. Each chapter of the textbook is posted in Doc

Sharing (eBook)3. The front cover section shows a Security+ Study

Guide outline for Exam SY0-201 (if you wish to study for the Security+ exam)

4. CompTIA exam is vendor-neutral. Study material available for a reduced cost. There are a number of ways to study for the exam.

5. This class does NOT teach the exam.

CLASS CONTENT

Course OutcomesBy the end of this course, you should be able to: 1.    Describe systems security concepts.2.    Explain general communication and network infrastructure security concepts.3.    Examine physical and logical access control methods.4.    Summarize security assessment and auditing techniques.5.    Define general cryptography concepts technologies.6.    Examine operational and organization security components and procedures. General Education Outcomes: the following General Education outcomes are assessed during this course:1.    Formulate a logical solution to a problem.2.    Demonstrate college-level communication through the composition of original materials in Standard American English.

CLASS SUCCESS

Success in Class1. This class requires you to write college-level

essays.

2. All project assignment (essays) are to be submitted in APA Style format.

3. Submit assignments as Word documents with your name and unit in the title (ex: SmithM-IT286-U1.docx) Each assignment has a Grading Rubric that outlines the point values. The rubric is a .pdf file. Review the rubric BEFORE you begin your project.

4. An APA Style sample is posted in Resources on your Kaplan home page. You can use this to prepare your essays. I DO require references! Even if your textbook is your only reference, you must cite it in your References page.

Review the guidelines for plagiarism and cite your sources!

UNIT I

General Security ConceptsREAD Chapter 1

Understanding Information Security

Understanding the Goals of Information Security

Comprehending the Security Process

Authentication Issues to Consider

Distinguishing Between Security TopologiesReading – The link for presentations shows content from a previous textbook and does not match the CompTIA content No Project Assignment due in Unit 1

UNIT I

Understanding Information Security

The security triad…Physical security

involves the protection of assets and information from physical access by unauthorized personnel.

Operational securityincludes access control, authentication, and security topologies after network installation is complete.

Management and Policiesprovide the guidance, rules, and procedures for implementing a security environment.

UNIT I

Goals of Information Security

Prevention refers to preventing computer or information violations from occurring. Examples?

Detectionrefers to identifying events when they occur.

Response refers to developing strategies and techniques to deal with an attack or loss.

UNIT I

Comprehending the Security Process

Antivirus softwareAccess control

MAC, DAC, and RBACAuthentication

Biometrics, Certificates, CHAP, KerberosMulti-factor, Mutual, PAPSecurity Tokens, Smart CardsUsername / Password

UNIT I

Authentication Issues to Consider

Authentication security can be a high maintenance activity

Identity proofing is necessary when a user cannot be authenticated

Use of multi-factor authentication

UNIT I

Distinguish between Security Topologies

Design Goals (CIA)Confidentiality – Integrity – Availability - Accountability

Security ZonesInternet, Intranets, Extranets, DMZDesigning Security Zones

TechnologiesVLANs, NAT (Network Address Translation), and Tunneling

Business Requirements

UNIT I

Business Requirements

Identifying assetsAssessing riskIdentifying threats

Internal ThreatsExternal Threats

Understanding vulnerabilities

Issues with telephonyVoIP

CHAPTER 1

Security Triad

Goals of Info Security Security Processes and Products

Securing the Physical EnvironmentExamining Operational SecurityWorking with Management and Policies

PreventionDetectionResponse

Antivirus softwareAccess ControlAuthentication

Review: Real World Scenarios

Review: Terminology, Review Questions, and Web Links.

Chapter 1 – General Security Concepts

UNIT I

Unit 1 Assignments

Download chapters from Doc SharingRead Chapter 1 (Check out Chapter 2) Post your IntroductionNo Project is due this weekReview the Unit 2 Assignment, Ask QuestionsEmail any questions: JMcDanolds@kaplan.edu or call me - 641-649-2980