INTERNET SECURITY

SHE Level 4
SCQF Credit Points 20.00
ECTS Credit Points 10.00
Module Code MHI125242
Module Leader David Hendry
School School of Computing, Engineering and Built Environment
Subject Cyber Security and Networks
Trimester
  • A (September start)

Pre-Requisite Knowledge

Computer Networking One

Summary of Content

This module provides a theoretical understanding of network security concepts and is concerned with understanding how to design, configure and maintain core perimeter security through the implementation of device hardening, secure access,VPN encryption, firewalls and intrusion revention. Further concepts related to perimeter security will also be explored. The percentage of Work Based Learning for this module, as represented by the proportion of the Activity Types which take place off campus, is 78%. The percentage of Work Based Assessment for this module is 0%.

Syllabus

Secure Administrative Access on Network Devices Secure device access Assign administrative roles Monitor and Manage Devices Secure Administrative Access with Authentication, Authorisation and Accounting Explain how AAA is used to secure a network locally and centrally Implement firewall technologies to secure the network perimeter Implement access control lists to filter traffic and mitigate network attacks on a network Firewall Technologies: Configure a classic firewall to mitigate network attacks Zone Based Firewalls: Implement Zone-based policy firewall using CLI Implement Intrusion Prevention to mitigate attacks Explain how network based IPS is used to help secure the network. Explain how signatures are used to detect malicious network traffic VPN Cryptography Explain how the types of encryption, hashes and digital signatures work together to provide confidentiality, integrity and authentication Explain how cryptographic hashes are used to ensure data integrity and authentication Explain how cryptographic algorithms are used to ensure data confidentiality. Explain how a public key infrastructure is used to ensure data confidentiality and provide authentication. Implement secure Virtual Private Networks Explain the purpose of VPN's Explain IP Security components and operation Implement Site to Site IPsec VPNs Content and Endpoint Security Mitigation Technologies for EW-Mail Based and Web-Based Threats Mitigation Technologies for Endpoint Threats

Learning Outcomes

On completion of this module the students should be able to:Secure Access1. Understand the approaches to secure management of network devices and the methods used to provide this access.2. Demonstrate a theoretical understanding of IP Security Protocols and a practical understanding of Virtual Private Network design, configuration and maintenance.3. Demonstrate a theoretical understanding of different firewall technologies and a practical understanding of firewall design, configuration and maintenance.4. Demonstrate a theoretical understanding of Intrusion Prevention Sensor technologies and a practical understanding of Intrusion Prevention design, configuration and maintenance.

Teaching / Learning Strategy

Work Based Education aims to maximise the direct and digitally mediated contact time with students by practicing teaching and learning strategies that use authentic work based scenarios and encourage action learning, enquiry based learning, problem based learning and peer learning. All these approaches aim to directly involve the students in the process of learning and to encourage sharing of learning between students. The module team will determine the level and accuracy of knowledge acquisition at key points in the delivery, inputting when necessary either directly or with the support of external experts who will add to the authenticity, the credibility and application of the education and learning in the workplace. The Learning and Teaching Strategy is informed by the University's Strategy for Learning. The course material will be introduced through online presentations as well as guided reading material made available on GCULearn. These are supported by practical exercises, and there will be seminars on campus which will allow students to discuss key concepts and issues with peers and tutors. Students will be expected to undertake a significant level of independent study within the workplace, including practical activities, and links will be provided to appropriate external material such as articles, podcasts and videos to supplement the module content. Students will be encouraged to reflect upon the theoretical learning within the workplace and the application of newly learned concepts to the work environment, and this will form part of the module assessment. Students will receive feedback on their performance throughout the module through undertaking the practical assignments and tutorial exercises and participating in the seminars.

Indicative Reading

Santos Omar, CCNA Security (210-260 Official Cert Guide), Cisco Press (2016). ISBN-13: 978-1-58720-566-8 Stewart, M J., CISSP, Sybex (2015). ISBN 978-1-119-04271-6 Karamanian, A et al. PKI Uncovered: Certificate Based Security Solutions for Next-Generation Networks. Cisco Press (2011). ISBN 13: 978-158705-916-2. Cisco Networking Academy Programme Syllabus: CCNA Security Version 2.

Transferrable Skills

Logical thinking and problem solving. Critical analysis. Effective information management, retrieval and research skills for independent enquiry and learning. Numeracy in both understanding and presenting cases involving a quantitative dimension. Awareness of my strengths and weaknesses Creativity, innovation and independent thinking. Appreciating and desiring the need for reflection and planning for self-learning and improving performance as the foundation for CPD and life-long learning. Reliability, integrity, honesty and ethical awareness. Ability to prioritise tasks and time management (organising and planning work). Interpersonal skills, the ability to work as a member of a team (work with and relate effectively to others) recognising the different roles within a team and different ways of organising teams (leadership).

Module Structure

Activity Total Hours
Independent Learning (FT) 108.00
Lectures (FT) 24.00
Assessment (FT) 20.00
Practicals (FT) 24.00
Seminars (FT) 24.00

Assessment Methods

Component Duration Weighting Threshold Description
Coursework 1 3.00 50.00 35% Lab Based Skills Test (Create, Configure and document a secure network specification
Exam (Exams Office) 2.00 50.00 35% Unseen written exam (3/5 questions)