Implementing Internet Security and Firewalls

Implementing Internet Implementing Internet Security and FirewallsSecurity and Firewalls

CISS 330 OrientationCISS 330 Orientation

Instructor: Buddy Instructor: Buddy SpisakSpisak• Office Hours:Office Hours:

– Mondays 7:30-8:40 p.m. in BS-143 (Aug. 25 to Dec. 15, Mondays 7:30-8:40 p.m. in BS-143 (Aug. 25 to Dec. 15, 2014)2014)

– I am also available through email.I am also available through email.

• Phone:Phone: (916) 286-3691 ext. 14162

• Email:Email: [email protected] (put (put ““CISS330CISS330”” in the in the subject line). The turn around time for most email is subject line). The turn around time for most email is about one to two days. Be sure to include your name in about one to two days. Be sure to include your name in each email so that I can identify who you are and what each email so that I can identify who you are and what the email is about.the email is about.

• Course Web page:Course Web page: https://d2l.losrios.edu/https://d2l.losrios.edu/

• Instructor Web page:Instructor Web page: http://crc.losrios.edu/spisakj/ http://crc.losrios.edu/spisakj/

22CISS 330CISS 330

mailto:[email protected]

Course DetailsCourse Details

• Class Credits: 3 unitsClass Credits: 3 units

• Prerequisites: CISS 310Prerequisites: CISS 310

• Lecture: OnlineLecture: Online

• Lab Hours:Lab Hours:– Thursday 6:00 to 8:05 p.m.Thursday 6:00 to 8:05 p.m.

• Accepted for Credit: CSUAccepted for Credit: CSU

33CISS 330CISS 330

Required Textbook:Required Textbook:

Title: Guide to Firewalls and VPNs, 3rd Edition

Author: Michael E. Whitman, Herbert J. Mattord, and Author: Michael E. Whitman, Herbert J. Mattord, and Andrew GreenAndrew GreenPublisher: Course Technology, 2012Publisher: Course Technology, 2012ISBN10:ISBN10: 1-111-13539-3ISBN13: 978-1-111-13539-8

44CISS 330CISS 330

Optional Materials:Optional Materials:

• a flash drive to store your work for the a flash drive to store your work for the classclass

55CISS 330CISS 330

Course Description:Course Description:

• With the increased connectivity to the Internet and the wide availability of automated cracking tools, organizations can no longer simply rely on operating system security to protect their valuable corporate data. The firewall has emerged as a primary tool used to prevent unauthorized access. Students will learn how to allow access to key services while maintaining their organization's security as well as how to implement firewall-to-firewall Virtual Private Networks (VPNs).

66CISS 330CISS 330

Student Learning Outcomes Student Learning Outcomes and Course Objectives:and Course Objectives:As a result of completing this course, you will be able to:As a result of completing this course, you will be able to:• SLO #01: EXPLAIN THE RELATIONSHIP AMONG THE DIFFERENT ASPECTS OF

INFORMATION SECURITY, ESPECIALLY NETWORK SECURITY (SLO #01).– Define the key terms and critical concepts of information and network

security.– Identify the threats posed to information and network security, as

well as the common attacks associated with those threats.– Differentiate threats to information within systems from attacks

against information within systems.• SLO #02: DESCRIBE THE BASIC ELEMENTS OF COMPUTER-BASED DATA

COMMUNICATION.– Know the key entities and organizations behind current networking

standards, as well as the purpose of and intent behind the more widely used standards.

– Explain the nature and intent of the OSI reference model, and list and describe each of the model’s seven layers.

– Describe the nature of the Internet and the relationship between the TCP/IP protocol and the Internet.

77CISS 330CISS 330

Student Learning Outcomes Student Learning Outcomes and Course Objectives:and Course Objectives:• SLO #03: DEFINE MANAGEMENT’S ROLE IN THE DEVELOPMENT, MAINTENANCE, AND

ENFORCEMENT OF INFORMATION SECURITY POLICY, STANDARDS, PRACTICES, PROCEDURES, AND GUIDELINES.– Describe an information security blueprint, identify its major

components, and explain how it is used to support a network security program.

– Discuss how an organization institutionalizes policies, standards, and practices using education, training, and awareness programs.

– Explain contingency planning, and describe the relationships among incident response planning, disaster recovery planning, business continuity planning, and contingency planning.

• SLO #04: DISCUSS COMMON SYSTEM AND NETWORK VULNERABILITIES.– Name the common categories of vulnerabilities.– Locate and access sources of information about emerging

vulnerabilities.– Identify the names and functions of the widely available scanning

and analysis tools.

88CISS 330CISS 330

Student Learning Student Learning Outcomes and Course Outcomes and Course Objectives:Objectives:• SLO #05: IDENTIFY THE LIMITATIONS OF FIREWALLS.

– Identify common misconceptions about firewalls.– Explain why a firewall is dependent on an effective security policy.– Describe the types of firewall protection.– Evaluate and recommend suitable hardware and software for a firewall

application.

• SLO #06: DESCRIBE PACKETS AND PACKET FILTERING.– Explain the approaches to packet filtering.– Recommend specific filtering rules.

• SLO #07: WORK WITH PROXY SERVERS AND APPLICATION-LEVEL FIREWALLS.– Discuss proxy servers and how they work.– Identify the goals your organization can achieve using a proxy server.– Choose a proxy server and work with the SOCKS protocol.– Evaluate the most popular proxy-based firewall products.– Explain how to deploy and use reverse proxy.– Determine when a proxy server isn’t the correct choice.

CISS 330CISS 330 99

Student Learning Student Learning Outcomes and Course Outcomes and Course Objectives:Objectives:• SLO #08: IDENTIFY AND IMPLEMENT DIFFERENT FIREWALL CONFIGURATION

STRATEGIES.– Understand the nature of advanced firewall functions.– Track firewall log files, and follow the basic initial steps in

responding to security incidents.– Use a remote management interface.– Adhere to proven security principles to help the firewall protect

network resources.– Update a firewall to meet new needs and threats.

• SLO #9: DESCRIBE THE ROLE ENCRYPTION PLAYS IN A FIREWALL ARCHITECTURE.– Discuss Internet Protocol Security (IPSec) and identify its

protocols and modes.– Analyze the workings of SSL, PGP, and other popular encryption

schemes.– Explain how digital certificates work and why they are important

security tools.

CISS 330CISS 330 1010

Student Learning Student Learning Outcomes and Course Outcomes and Course Objectives:Objectives:• SLO #10: DESCRIBE USER, CLIENT, AND SESSION AUTHENTICATION.

– Explain why authentication is a critical aspect of network security.

– Explain why firewalls authenticate and how they identify users.– List the advantages and disadvantages of popular centralized

authentication systems.– Discuss the potential weaknesses of password security systems.– Discuss the use of password security tools.– Describe common authentication protocols used by firewalls.

• SLO #11: RECOMMEND BEST PRACTICES FOR EFFECTIVE CONFIGURATION AND MAINTENANCE OF VIRTUAL PRIVATE NETWORKS.– Explain the components and essential operations of virtual

private networks (VPNs).– Enable secure remote access for individual users via a VPN.– Create VPN setups, such as mesh or hub-and-spoke

configurations.

CISS 330CISS 330 1111

Student Obligations:Student Obligations:

• It is important that you understand It is important that you understand what is expected of you in this what is expected of you in this course.course.

• Refer to the Syllabus if you have Refer to the Syllabus if you have any questions.any questions.

1212CISS 330CISS 330

Attendance:Attendance:• Since this course is an online-hybrid class, only attendance Since this course is an online-hybrid class, only attendance

at the On-Campus Orientation on October 16 and the Final on at the On-Campus Orientation on October 16 and the Final on December 4 is necessary. December 4 is necessary. There will be weekly lab time on There will be weekly lab time on campus, and it is up to you to complete the lab assignments campus, and it is up to you to complete the lab assignments during the lab time or at home. Please note that failure to during the lab time or at home. Please note that failure to complete 6% of the total course work by the second week of the complete 6% of the total course work by the second week of the class may result in your being dropped from the course.class may result in your being dropped from the course.

• Doing the labs themselves is not optional, but doing them at Doing the labs themselves is not optional, but doing them at the college is.the college is.

• I will be giving credit for students attending the lab On-I will be giving credit for students attending the lab On-Campus.Campus.

• Typically each week we will be covering one section in your Typically each week we will be covering one section in your textbook.textbook.

• Attendance for the On-Campus Final Exam is required. Photo Attendance for the On-Campus Final Exam is required. Photo identification is required at the time of the exam to verify identification is required at the time of the exam to verify your identity.your identity.


Quizzes:Quizzes:

• Many weeks there will be a quiz Many weeks there will be a quiz that will test you on the material that will test you on the material covered.covered.– It is open book and open notes.It is open book and open notes.– You can take the quiz multiple times You can take the quiz multiple times

to improve your score, but be aware to improve your score, but be aware that the questions may change each that the questions may change each time you take quiz and that your last time you take quiz and that your last quiz score will be the one counted as quiz score will be the one counted as your grade.your grade.

• Each quiz is worth 30 points.Each quiz is worth 30 points.


Desire 2 Learn (D2L):Desire 2 Learn (D2L):

• I want everyone to take a pro-active approach to I want everyone to take a pro-active approach to learning this material. This includes using the learning this material. This includes using the D2L Discussions feature to ask questions and also D2L Discussions feature to ask questions and also answer other studentsanswer other students’’ questions. I will be questions. I will be posting questions to further your understanding posting questions to further your understanding of the material.of the material.

• I expect each student to post at least two times I expect each student to post at least two times per discussion item.per discussion item.– You can accomplish this task by asking questions about You can accomplish this task by asking questions about the current discussion topic or by responding to existing the current discussion topic or by responding to existing questions.questions.

– My expectation from you is that you will write at least My expectation from you is that you will write at least two to three sentence responses that add substance to the two to three sentence responses that add substance to the discussion.discussion.

• Each discussion assignment is worth 20 points.Each discussion assignment is worth 20 points.


Labs:Labs:

• We will be spending a lot of time We will be spending a lot of time working on lab activities. working on lab activities.

• You are responsible for making sure You are responsible for making sure that your instructor receives your that your instructor receives your completed lab work.completed lab work.

• Each lab assignment is worth 50 Each lab assignment is worth 50 points.points.


Final Exam:Final Exam:

• The final exam will consist of two The final exam will consist of two parts. One part will be a hands-on parts. One part will be a hands-on practical demonstration of assigned practical demonstration of assigned tasks, and the other part will be an tasks, and the other part will be an exam taken in D2L.exam taken in D2L.

• The final exam will be on Thursday, The final exam will be on Thursday, December 4, 2014.December 4, 2014.– I will be having a review session the I will be having a review session the week before to help you.week before to help you.


Due Dates:Due Dates:

• Unless noted, all assignments will be Unless noted, all assignments will be submitted in D2L under the submitted in D2L under the ““DropboxDropbox”” link. link. – If, for any reason, you cannot access D2L or are If, for any reason, you cannot access D2L or are unable to submit the assignment on time, please unable to submit the assignment on time, please email it to me instead so that you are not penalized email it to me instead so that you are not penalized for being late.for being late.

• Quizzes and discussion items cannot be taken Quizzes and discussion items cannot be taken past their due date.past their due date.– If you miss a quiz and you want to make up points, If you miss a quiz and you want to make up points, you can take advantage of the extra credit you can take advantage of the extra credit assignments posted in D2L.assignments posted in D2L.

– Everyone is welcome to work on the extra credit Everyone is welcome to work on the extra credit assignments. Typically, they are five to ten points assignments. Typically, they are five to ten points each, depending on the difficulty of the assignment.each, depending on the difficulty of the assignment.


Late Work:Late Work:

• Unless noted all assignments are due Unless noted all assignments are due on on SundaySunday by midnight each week. by midnight each week.– I have identified the due dates in the I have identified the due dates in the course schedule.course schedule.

– Late work will be accepted ONLY if you Late work will be accepted ONLY if you have contacted me prior to the due date have contacted me prior to the due date either by email or voice mail.either by email or voice mail.

– In general, late work is due the next In general, late work is due the next week, and no late assignments may be week, and no late assignments may be turned in after one week from the original turned in after one week from the original due date regardless of the reason.due date regardless of the reason.

– For every day an assignment is late, you For every day an assignment is late, you will lose 10% of its grade.will lose 10% of its grade.


Plagiarism Plagiarism Policy/Cheating:Policy/Cheating:Plagiarism:Plagiarism:• It is inappropriate, and a violation of academic policy, to copy It is inappropriate, and a violation of academic policy, to copy

information from any source (including, but not limited to, information from any source (including, but not limited to, textbooks, magazine articles, newspaper articles and Internet textbooks, magazine articles, newspaper articles and Internet articles) without giving proper credit to the author by using articles) without giving proper credit to the author by using standard quotation procedures such as in-line quotes, footnotes, standard quotation procedures such as in-line quotes, footnotes, endnotes, etc. Quotes may not exceed 25% of the assignmentendnotes, etc. Quotes may not exceed 25% of the assignment’’s total s total length.length.

• You will receive no credit (0 points) for any assignment that You will receive no credit (0 points) for any assignment that copies any material from any other source without giving proper copies any material from any other source without giving proper credit to the author(s). Repeat offenders of this policy are credit to the author(s). Repeat offenders of this policy are subject to academic discipline as outlined in the polices subject to academic discipline as outlined in the polices published by the college.published by the college.

Cheating:Cheating:• Students who cheat will receive a failing grade for the course. Students who cheat will receive a failing grade for the course.

See the Students Rights and Responsibilities page of the college See the Students Rights and Responsibilities page of the college website website athttp://www.crc.losrios.edu/College_Catalog/General_Information/Sathttp://www.crc.losrios.edu/College_Catalog/General_Information/Students_Rights_and_Responsibilities.htm for additional tudents_Rights_and_Responsibilities.htm for additional information.information.


Honor CodeHonor Code

• Academic integrity requires honesty, Academic integrity requires honesty, fairness, respect and responsibility. See fairness, respect and responsibility. See the Cosumnes River College Honor Code the Cosumnes River College Honor Code posted on the college website posted on the college website ((http://www.crc.losrios.edu/files/resourceguide/CRC-HonorCodeForm.pdf ). ).


Dropping:Dropping:

• Students are responsible for Students are responsible for dropping the course.dropping the course.


email/Discussion email/Discussion Etiquette:Etiquette:• Every student will be required to have an email Every student will be required to have an email account. If you do not have an email account, the account. If you do not have an email account, the college provides free email accounts for all college provides free email accounts for all current students. To activate your account, go to current students. To activate your account, go to https://apps.losrios.edu/login.html and follow the https://apps.losrios.edu/login.html and follow the directions provided.directions provided.

• I will not tolerate rude and demeaning comments or I will not tolerate rude and demeaning comments or emails to anyone in this class. Please keep your emails to anyone in this class. Please keep your comments and emails topic-related.comments and emails topic-related.

• If I determine that a comment or email to anyone If I determine that a comment or email to anyone else in the class is rude or demeaning, I will warn else in the class is rude or demeaning, I will warn you once. If your behavior continues to be you once. If your behavior continues to be unacceptable, I will refer you to the unacceptable, I will refer you to the administration of the college for disciplinary administration of the college for disciplinary action.action.


Personal Belongings:Personal Belongings:

• No food or drinks are allowed in the No food or drinks are allowed in the classroom.classroom.

• All cell phones, beepers, pagers, All cell phones, beepers, pagers, etc. should be turned off or set to etc. should be turned off or set to vibrate.vibrate.– Any telephone calls need to be taken Any telephone calls need to be taken outside.outside.


Disabilities:Disabilities:

• If you have a documented disability If you have a documented disability and wish to discuss academic and wish to discuss academic accommodations, please contact me accommodations, please contact me after class or contact the Office of after class or contact the Office of Disabled Student Programs and Disabled Student Programs and Services at 691-7275 as soon as Services at 691-7275 as soon as possible.possible.


Online Course Online Course Responsibilities: Responsibilities: • This course requires significant self-motivation. You This course requires significant self-motivation. You

must not get behind. Labs and weekly assignments can must not get behind. Labs and weekly assignments can take up to eight hours to finish. Please dontake up to eight hours to finish. Please don’’t try to t try to finish them in one day. Not all activities are finish them in one day. Not all activities are created equal. Some may take a bit longer than created equal. Some may take a bit longer than others. others.

• You would normally spend three hours per week in class You would normally spend three hours per week in class for this course: a total of 54 hours. Allow yourself for this course: a total of 54 hours. Allow yourself at least eight hours per week to complete the at least eight hours per week to complete the activities online, including the time spent writing activities online, including the time spent writing for online class discussion postings. You should plan for online class discussion postings. You should plan additional time to read the textbook and study for the additional time to read the textbook and study for the quizzes.quizzes.

• Some people believe the online format provides a much Some people believe the online format provides a much easier way to study this subject than an on-campus easier way to study this subject than an on-campus framework framework because they can avoid parking problems. because they can avoid parking problems. Others feel very intimidated at first. Others feel very intimidated at first. Be patient as Be patient as you work your way through the activities. you work your way through the activities.


Using Desire 2 Learn:Using Desire 2 Learn:• How to log in:How to log in:

– You will not be able to participate in the online You will not be able to participate in the online portion of your class using Los Rios Online until portion of your class using Los Rios Online until you have enrolled in your course through your you have enrolled in your course through your college's registration system. college's registration system.

– Students registered as of the first day of the term Students registered as of the first day of the term should already have Los Rios Online accounts and be should already have Los Rios Online accounts and be linked to the classes in which they are enrolled.linked to the classes in which they are enrolled.

• To log on to your D2L account, open your web To log on to your D2L account, open your web browser and go to the following URL: browser and go to the following URL: https://d2l.losrios.edu/https://d2l.losrios.edu/

• Your User Name is the letter w followed by Your User Name is the letter w followed by your Student ID# Example: w0123456.your Student ID# Example: w0123456.

• Your default password is your birthday in Your default password is your birthday in the format: MMDDYYYY Example: Birthday is the format: MMDDYYYY Example: Birthday is June 12, 1974, then password = 06121974.June 12, 1974, then password = 06121974.


Grading:Grading: Course Topic Points Total Approximate % the of

Grade

Labs (6) 50 300 40

Orientation Quiz (1) 10 10 1

Quizzes (4) 30 120 16

D2L Discussions (6) 20 120 16

Final Exam (1) 200 200 27

Point System:Point System:There are 750 total assigned points.There are 750 total assigned points.

Grade Ranges:Grade Ranges:A= 675-750, B=600-674, C=525-599, D=450-524, A= 675-750, B=600-674, C=525-599, D=450-524,

F=0-449F=0-4492828CISS 330CISS 330

Sample Schedule:Sample Schedule:

Day: Lecture/Lab Schedule:Assignment

Due:Due Date

(By Midnight):

Week 1Thurs

. 10/16 Orientation and Introductions

View the Online

OrientationSun., Oct. 19

Ch 1: Introduction to Information Security

Orientation Disc.

Orientation Quiz

Ch 2: Security Policies and Standards

Lab #1

Week 2Thurs

.10/26

Ch 3: Authenticating UsersDisc. #1 (Ch

1-3)Sun., Oct. 26

Lab #2 Lab Review #1


Conclusion:Conclusion:

• Log into D2L and take the Orientation Log into D2L and take the Orientation Quiz. It is due on Quiz. It is due on Sunday, October 19Sunday, October 19, , 2014.2014.

• Go to the Orientation Discussion and Go to the Orientation Discussion and introduce yourself to the class.introduce yourself to the class.

• Registered students for the class have Registered students for the class have access to D2L can log into the campus access to D2L can log into the campus network.network.

• email any questions you might have to email any questions you might have to me.me.


Documents

Implementing Internet Security and Firewalls