TDC 377                                          Fundamentals of Network Security                                     Winter 2015

 

Class :                        Tu 5:45 – 9:00 p.m.

Instructor :                 Dr. Anthony Chung

Office :                       CST 844

 

Office Hours :            Tu W 3:30 – 5:00 PM/ Other times by appointment

Phone :                       (312)-362-8724

Fax   :                         (312)-362-6116

 

Email :                        achung@cdm.depaul.edu  

While email is a great means of communication, increasingly we are bombarded with a volume of emails that is getting difficult to manage. Please observe the following email etiquette so that we will be able to better focus our energy on learning and getting the most out of the class. It is also part of being professional. Some recruiters were abhorred at some of the emails received from recent recruits. It is important to form the good habit of writing appropriate emails in a professional setting.

- Under normal situation I will respond within two business days. Therefore work on your assignments early so as to give you ample time to ask questions. If I do not respond within the normal time frame, it's properly because one or more of the following etiquettes is not followed.

- Expect lab assistants to respond only during posted lab hours (included in the lab assignment).

- Before sending questions via email or posting questions on the d2l discussion forum, make sure that your question is not already answered on the course syllabus, the d2l website (announcements, discussion forums, assignment information etc), or in the lecture (view the class recording if you missed a class, or if you are an OL student).

- Questions that are of general interest to the entire class should be posted on the course discussion forum.

- Be specific about the subject of the email in the mail subject heading and use proper spelling, grammar, and punctuation.  Include course number in the subject. Please don't respond to an old email with a different subject when asking a new question.

- Include your full name in the message body.

- While you have my permission to address me as Tony, you should not assume that you can address other professors on a first name basis unless you have their explicit permissions.
 

 

 

Home Page :                https://d2l.depaul.edu/ 

 

Prerequisites:             TDC 365 (Network Interconnection Technologies)

                                    Note: This is a STRONG prerequisite, Students are expected to

have a good knowledge of TCP/IP including IP packet format,

IP addressing, IP routing, and TCP operation.

 

Required Texts:          CCNA Security 640-554 - Official Cert Guide  by Keith Barker and Scott Morris,

                                     Cisco Press, 2012. ISBN: 978-1-58720-446-3  (Available on Safari)

  

Optional Texts:          (They are optional but helpful All free electronically via DePaul’s library. )

 

Safari Collection

Network Security Architectures                                                                 

Convery, Prentice Hall/Cisco Press, 2004.  ISBN: 1-58705-115-X                                      

  

Reference:                  Text of TDC 365

 

Course Description and Objective:

This course is an introductory class in network security and security applications. Both the theory behind security methods and their applications in today's business environments will be presented. Topics include: Review of components used in an enterprise security infrastructure including routers, firewalls, security auditing and assessment tools, Virtual Private Networks (VPN), and Intrusion Detection/Prevention Systems. The integration of the different components will be studied in detail, including IP addressing, Network Address Translation (NAT), design of firewall rule sets and performance considerations.

 

 

Grading

 

Homework

16%

        Alert Monitoring 

10%

 

        Firewall Rules 

 6% 

 

Mini Lab Assignments (Performed in Network Security Lab or on a student's own computer)

11%

        Mini Lab 1 - General

  2%

 

        Mini Lab 2 - NMAP and Wireshark

  3%

 

        Mini Lab 3 - MBSA

  2%

        Mini Lab 4 - Steganography

  1%

 

        Mini Lab 5 - Traffic Analysis

  3%

 

Lab Assignments (Performed in Network Security Lab)    

 33%

        Configure ASA via CLI (Lab 2 in Lab Manual)

 2% 

 
        Configure ASA via ASDM (Lab 3)  2%   

        Basic Site-to-Site VPN (Lab 4)

 4%

 
           Core 2-layer Firewall (Lab 5)  4%  
          Inermediate Site-to-Site VPN (Lab 6)  4%  

        3-Sites VPN (Lab 7)

 6%

 
           Client-Based VPN (Lab 8)  2%  
           ASA to IOS VPN Setup (Lab 9) 4%  

        Vulnerability Scaning (This is an exception - performed in Room 6XX)

 5%

 

Midterm

15%

Final

15%

Class Participation

10%

 

(Up to 7% in extra credits may be given from Labs below)

Extra Credit Lab Assignments (Performed in Network Security Lab)    

 

        Site-to-Site VPN (Lab E1)

 2% 

 

        Full mesh VPN as backup to T1s (Lab E2)

 5%

 

             

A

90-100%

A-

87-89%

B+

84-86%

B

80-83%

B-

77-79%

C+

74-76%

C

70-73%

C-

67-69%

D+

64-66%

D

60-63%

F

< 60%

 

 

Students at or above the class average (calculated from grades 60% or above) will receive at least an B-. I will modify the grading scale if the class average is below 77%.

 

Note:

·         This class will have significant lab components: Students need to be aware that some of these labs will need to be performed at CDM’s Network Security Laboratory outside of class time.

·        Late assignments are accepted upto 3 days after the due date with a 20% penalty for each day late. No late extra credit assignments are accepted. Note that even though I do acept late assignments, you are highly encouraged to turn in your assignment on time as a lot of time in the business world (or life in general) there are strict deadlines.

·         All exams are closed books and notes. Calculators are allowed. The final is comprehensive (covering all materials.)

·         Makeups of exams must be arranged before the scheduled time.

 

·         Any grading questions must be directed to me within 1 week of the posting of the grade. No grade adjustments will be made more than a week after the grade is posted. You should email me with the following information:

·         The assignment

·         The problem in question

·         Why you think you should get a grade rather than the one given.

 

·         About class participation: Attendance is expected for this class. Quizzes will be given at the beginning of most classes (will let you know the week before). Various in-class exercises may also be assigned. Participations points are given as follows:

·         If a student is NOT present for the entire class period, 0 point will be assigned for that class.

·         If a student is present for the entire class period.: Particpation points will be assigned based on performance in quizzes, in class exercises, and participation in class discussion. Sometimes I will require students to post something on the disucssion forum, and that will also affect the participation points .

 

·         Wireless Internet Access Policy: Do not work on your laptops / Internet during class for non-class related activities. If you need to do something not relaed to the class on the Internet, please leave the room and complete what you need to do.

 

·         Please check DePaul’s academic calendar http://oaa.depaul.edu/what/calendar.jsp  for important dates such as last day to add/drop/withdraw from classes.

 

·         Please make sure that you read and understand DePaul’s academic integrity policy: http://academicintegrity.depaul.edu/AcademicIntegrityPolicy.pdf For additional resources concerning academic quality, please check here: http://academicintegrity.depaul.edu/Resources/index.html You should not work so close with another student as to produce solutions that are identical or almost identical.

 

·         By enrolling in this class, you are committed to devote enough time so as to learn the materials covered in this class. You should assess your situation to decide if you can devote sufficient amount of time to this class. A grade is assigned based on completion of the assignments and an assessment of your understanding of the materials and nothing else. Please give your best effort to every assignment and exam. Contact me when you need help to understand course materials. Talk to me at the first sign of problems so that we can decide the best course of action. Please also make sure you understand the University’s incomplete policy.

 

˖Change of Syllabus: This syllabus is subject to change as necessary during the quarter.  If a change occurs, it will be thoroughly addressed during class, posted under Announcements in D2L and sent via email. 

 

 

Schedule (Tentative. Will continue to be updated here):

Date

Topic

Reading/Reference

Read before each class

Assignments

1-6

Class overview, general security concept, threats and defenses; Security technologies.

 

Barker and Morris: Chapter 1

 

Convery: Chapters 1, 3

 

 

1-13

Introduction to ASA configuration

Barker and Morris: Chapter 14

 

Mini Lab #1 due

HW #1 Assigned (a non-traditional assignment. That’s why a due date is not listed. Will explain in class)

Non-graded assignments due (Prereq assessment, academic integrity pledge and security tool usage agreement, syllabus scavenger hunt, and posting of self-introduction on discussion forum)

1-20

Firewalls I - Firewall types and filtering strategies

 

 Barker & Morris: Chapters 11 and 12 (up to p. 278 before NAT)

Mini Lab #2 due

 

1-27
Firewalls II – Firewall deployment; Network Address Translation (NAT)

 

Barker & Morris: Chapters 12 (p. 278 to end) and 13

 

HW #2 due

Lab #2 due

2-3

Midterm

(and catch up on topics if necessary)

Lab  #3 due (2-6)

Mini Lab #3 due (2-6)

2-10

Virtual Private Networks (VPNs) and IPSEC

 

Barker & Morris: Chapters 17,19 and 20

Convery: Chapter 10

Mini Lab #4 due

Lab #5 due

2-17
Vulnerability scanning and assessment Security policy development

 Barker & Morris: Chapter 2

Convery: Chapter 2

Mini Lab #5 due

Lab #4 due

2-24

Fundamentals of Cryptography.  Symmetric and asymmetric cryptography. Steganography

Barker and Morris: Chapter 17

 

 

Lab #6 due

HW #3 due

3-3

Authentication + Public Key Infrastructure (PKI)

Barker & Morris: Chpater 18

Convery: Chapter 9

 

 

Labs #7 and #8 due

 

3-10

Intrusion Detection Systems (IDS)

 

Barker & Morris: Chaper 15

 

Lab #9 due

Vulnerability Scanning Lab due

3-17

Final

 Extra Credit Labs due

 

 

Online Instructor Evaluation

Evaluations are a way for students to provide valuable feedback regarding their instructor and the course. Detailed feedback will enable the instructor to continuously tailor teaching methods and course content to meet the learning goals of the course and the academic needs of the students. They are a requirement of the course and are key to continue to provide you with the highest quality of teaching. The evaluations are anonymous; the instructor and administration do not track who entered what responses. A program is used to check if the student completed the evaluations, but the evaluation is completely separate from the student’s identity. Since 100% participation is our goal, students are sent periodic reminders over two weeks. Students do not receive reminders once they complete the evaluation.


Email

Email is the primary means of communication between faculty and students enrolled in this course outside of class time. Students should be sure their email listed under "demographic information" at http://campusconnect.depaul.edu is correct.

Academic Integrity Policy

Academic Integrity Policy

This course will be subject to the faculty council rules on the Academic Integrity Policy

Plagiarism

Plagiarism

The university and school policy on plagiarism can be summarized as follows: Students in this course, as well as all other courses in which independent research or writing play a vital part in the course requirements, should be aware of the strong sanctions that can be imposed against someone guilty of plagiarism. If proven, a charge of plagiarism could result in an automatic F in the course and possible expulsion. The strongest of sanctions will be imposed on anyone who submits as his/her own work a report, examination paper, computer file, lab report, or other assignment which has been prepared by someone else. If you have any questions or doubts about what plagiarism entails or how to properly acknowledge source materials be sure to consult the instructor.

Incomplete

Incomplete

An incomplete grade is given only for an exceptional reason such as a death in the family, a serious illness, etc. Any such reason must be documented. Any incomplete request must be made at least two weeks before the final, and approved by the Dean of the College of Computing and Digital Media. Any consequences resulting from a poor grade for the course will not be considered as valid reasons for such a request.

Resources for Students with Disabilities

Resources for Students with Disabilities

Students who feel they may need an accommodation based on the impact of a disability should contact the instructor privately to discuss their specific needs. All discussions will remain confidential. To ensure that you receive the most appropriate accommodation based on your needs, contact the instructor as early as possible in the quarter (preferably within the first week of class), and make sure that you have contacted the following office for support and additional services:

Center for Students with Disabilities (CSD)                                                                                                                                                                                                             Lincoln Park Campus, Student Center #370                              Phone number: (773)325.1677
Loop Campus, Lewis Center #1400                                            Phone number: (312)362.8002
Website: http://www.studentaffairs.depaul.edu/csd                    Email: csd@depaul.edu