NETWORK SECURITY

SHE Level 5
SCQF Credit Points 15.00
ECTS Credit Points 7.50
Module Code MMI125234
Module Leader David Hendry
School School of Computing, Engineering and Built Environment
Subject Cyber Security and Networks
Trimesters
  • B (January start)
  • A (September start)

Pre-Requisite Knowledge

CCNA 1 and 2 or ICND

Summary of Content

This module aims to provide students with the ability to analyse and plan network security solutions using an in-depth understanding of network security principles, and technologies. The module will provide the practical experience needed to construct and verify the effectiveness of network security tools and their configuration in a modern business environment.

Syllabus

Modern Network Security Threats (Securing Networks, Network Threats, Mitigating Threats) Securing Network Devices (Securing Device Access, Assigning Administrative Roles, Monitoring and Managing Devices, Using Automated Security Features) Authentication, Authorization and Accounting (Purpose of AAA, Local AAA Authentication, Server-Based AAA, Server-Based AAA Authentication, Server-Based AAA Authorization and Accounting) Implementing Firewall Technologies (Access Control Lists , Firewall Technologies, Zone-Based Policy Firewalls) Implementing Intrusion Prevention (IPS Technologies, IPS Signatures, Implement IPS) Securing the Local Area Network (Endpoint Security , Layer 2 Security Considerations, Cryptographic Systems, Cryptographic Services) Basic Integrity and Authenticity Confidentiality Public Key Cryptography Implementing Virtual Private Networks (VPNs, IPsec VPN Components and Operation, Implementing Site-to-Site IPsec VPNs with CLI) Implementing Perimeter Security Devices (Firewall Configuration, Advanced Perimeter Security Devices, VPN Configuration, Managing a Secure Network) Network Security Testing Developing a Comprehensive Security Policy

Learning Outcomes

On successful completion of this module a student should be able to: 1. Critically analyse network threats, mitigation techniques, and the basics of securing a network2. Design and implement secure administrative access on network infrastructure devices3. Evaluate network perimeter security technologies and construct perimeter defences using firewalls and intrusion protection solutions4. Analyse and plan network and host based intrusion prevention solutions to mitigate attacks on the network5. Modify firewall configurations using CLI and management tools6. Evaluate customer change requests and develop appropriate device configuration7. Assess network security requirements in order to create a technical security policy

Teaching / Learning Strategy

Work Based Education aims to maximise the direct and digitally mediated contact time with students by practicing teaching and learning strategies that use authentic work based scenarios and encourage action learning, enquiry based learning, problem based learning and peer learning. All these approaches aim to directly involve the students in the process of learning and to encourage sharing of learning between students. The module team will determine the level and accuracy of knowledge acquisition at key points in the delivery, inputting when necessary either directly or with the support of external experts who will add to the authenticity, the credibility and application of the education and learning in the workplace. The course material is introduced through lectures in the form of online presentations, which will cover the principles of the subject, will illustrate the relevance of it to the real-world and introduce a range of professional processes and practices. Students will engage with practical assignments and online tutorial material which may include instruction and peer-created content, and there will be seminars on campus which will allow students to discuss key concepts and issues with peers and with instructors. Students will be expected to undertake a significant level of independent study within the workplace, including practical activities, and links will be provided to appropriate external material such as podcasts, MOOCs, videos and literature to supplement the module content. Students will be encouraged to reflect upon the theoretical learning within the workplace and the application of newly learned concepts to the work environment, and this will form part of the module assessment. Students will receive feedback on their performance through the module through undertaking the practical assignments and tutorial exercises and participating in the seminars.

Indicative Reading

Santos, O., Stuppi, J., CCNA Security 210-260 Official Cert Guide, Cisco Press, 2015 Stevens, R., W., Fall, K., R., TCP/IP Illustrated, Volume 1: The Protocols: Protocols v. 1, Addison Wesley, 2011 Northcutt, S., Novak, J., Network Intrusion Detection, Sams Publishing, 3rd ed., 2002 Chapman, D., Cooper, S., Zwicky, E., Building Internet Firewalls, O'Reilly Media, 2nd Edition, 2000

Transferrable Skills

Traditional Academic Skills - specialist knowledge, ability to apply knowledge, logical thinking, critical analysis, problem-solving, written and spoken communication, ability to use numerical data, and research skills Practice: Applied knowledge, skills and understanding: ability to recognise any risks or safety aspects that may be involved in the operation of computing and information systems within a given context. Personal Development Skills - self-confidence, self-discipline, self-reliance, awareness of strengths and weaknesses, creativity, independence, knowledge of international affairs, desire to go on learning, ability to reflect, reliability, integrity, honesty and regard for others Enterprise Or Business Skills - ability to prioritise tasks, time management, interpersonal skills.

Module Structure

Activity Total Hours
Independent Learning (FT) 122.00
Assessment (FT) 4.00
Seminars (FT) 24.00

Assessment Methods

Component Duration Weighting Threshold Description
Exam (School) 1.00 50.00 45% Class Test
Coursework 1 n/a 50.00 45% Practical Lab Assessment