INTERNET SECURITY

SHE Level 4
SCQF Credit Points 20.00
ECTS Credit Points 10.00
Module Code MHI124467
Module Leader David Hendry
School School of Computing, Engineering and Built Environment
Subject Cyber Security and Networks
Trimester
  • A (September start)

Pre-Requisite Knowledge

Computer Networking One

Summary of Content

This module provides a theoretical understanding of network security concepts and is concerned with understanding how to design, configure and maintain core perimeter security through the implementation of device hardening, secure access, VPN encryption, firewalls and intrusion prevention. Further concepts related to perimeter security will also be explored.

Syllabus

Secure Administrative Access on Network Devices Secure device access Assign administrative roles Monitor and Manage Devices Secure Administrative Access with Authentication, Authorisation and Accounting Explain how AAA is used to secure a network locally and centrally Implement firewall technologies to secure the network perimeter Implement access control lists to filter traffic and mitigate network attacks on a network Firewall Technologies: Configure a classic firewall to mitigate network attacks Zone Based Firewalls: Implement Zone-based policy firewall using CLI Implement Intrusion Prevention to mitigate attacks Explain how network based IPS is used to help secure the network. Explain how signatures are used to detect malicious network traffic VPN Cryptography Explain how the types of encryption, hashes and digital signatures work together to provide confidentiality, integrity and authentication Explain how cryptographic hashes are used to ensure data integrity and authentication Explain how cryptographic algorithms are used to ensure data confidentiality. Explain how a public key infrastructure is used to ensure data confidentiality and provide authentication. Implement secure Virtual Private Networks Explain the purpose of VPN's Explain IP Security components and operation Implement Site to Site IPsec VPNs Content and Endpoint Security Mitigation Technologies for EW-Mail Based and Web-Based Threats Mitigation Technologies for Endpoint Threats

Learning Outcomes

Secure AccessUnderstand the approaches to secure management of network devices and the methods used to provide this access.Demonstrate a theoretical understanding of IP Security Protocols and a practical understanding of Virtual Private Network design, configuration and maintenance.Demonstrate a theoretical understanding of different firewall technologies and a practical understanding of firewall design, configuration and maintenance.Demonstrate a theoretical understanding of Intrusion Prevention Sensor technologies and a practical understanding of Intrusion Prevention design, configuration and maintenance.

Teaching / Learning Strategy

The university 'Strategy for Learning' documentation has informed the learning and teaching strategy for this module. The module's material will be introduced through lectures, while practical laboratory exercises, based on lecture material, will be given to students whereby the will install, configure and maintain secure network infrastructures. Tutorials will be used to help explain and elaborate on both the lecture material and the laboratory exercises. All lecture, tutorial and laboratory material will be available on GCU Learn and links will be provided to appropriate external material such as podcasts, videos and literature. In addition, students will be encouraged to access the Cisco Networking Academy interactive online learning environment providing curriculum, continuous self-assessment and an innovative hand-on online lab learning environment providing access to live network devices. During all laboratory and tutorial sessions students will receive formative feedback on their performance in undertaking the laboratory and tutorial exercises. Summative feedback and grades will also be provided through the Cisco Networking Academy, for the coursework assignment undertaken as part of the module using GCU Learn. GCU Learn will also be used to provide the students with module specific forums and wiki's to stimulate student and lecturer interaction out-with the normal lecture, laboratory and tutorial session.

Indicative Reading

Santos Omar, CCNA Security (210-260 Official Cert Guide), Cisco Press (2016). ISBN-13: 978-1-58720-566-8 Stewart, M J., CISSP, Sybex (2015). ISBN 978-1-119-04271-6 Karamanian, A et al. PKI Uncovered: Certificate Based Security Solutions for Next-Generation Networks. Cisco Press (2011). ISBN 13: 978-158705-916-2. Cisco Networking Academy Programme Syllabus: CCNA Security Version 2.

Transferrable Skills

C1 Logical thinking and problem solving. C2 Critical analysis. -709 C3 Effective information management, retrieval and research skills for independent enquiry and learning. -709 D2 Numeracy in both understanding and presenting cases involving a quantitative dimension. E1 Awareness of my strengths and weaknesses E2 Creativity, innovation and independent thinking. -709 E3 Appreciating and desiring the need for reflection and planning for self-learning and improving performance as the foundation for CPD and life-long learning. E4 Reliability, integrity, honesty and ethical awareness. E6 Ability to prioritise tasks and time management (organising and planning work). E7 Interpersonal skills, the ability to work as a member of a team (work with and relate effectively to others) recognising the different roles within a team and different ways of organising teams (leadership).

Module Structure

Activity Total Hours
Lectures (FT) 24.00
Practicals (PT) 24.00
Tutorials (PT) 6.00
Independent Learning (FT) 120.00
Assessment (PT) 20.00
Assessment (FT) 20.00
Tutorials (FT) 12.00
Practicals (FT) 24.00
Independent Learning (PT) 126.00
Lectures (PT) 24.00

Assessment Methods

Component Duration Weighting Threshold Description
Coursework 1 3.00 50.00 35% Lab Based Skills Test (Create, Configure and document a secure network specification
Exam (Exams Office) 2.00 50.00 35% Unseen written exam (3/5 questions)