Objectives and competences
The objective of this course is for students to understand the network security and be able to apply secure network design approaches.
Content (Syllabus outline)
• Network security principles: network attack methodologies, operation security, network security policy, self-defending network.
• Perimeter security: securing administrative access to switches, routers and access points.
• Secure management and reporting: Syslog, SNMP, SSH and time features. Locking down the router.
• AAA security concept: authentication, authorization and accounting.
• Firewall technologies: static packet filters using ACLs.
• Site-to-site VPN introduction: cryptographic services, symmetric/ssymmetric encryption, cryptographic hashes, digital signatures, PKI, IPsec VPN basics, site-to-site VPN construction.
• Intrusion detection/prevention: Cisco IOS implementations, network/host IPS, deploying sensors.
• Endpoint security, securing LANs, voice security, mitigating OSI L2 attacks.
Learning and teaching methods
• lectures,
• tutorial,
• lab work,
• homework assignments.
Intended learning outcomes - knowledge and understanding
Upon completion of this course the student will be able to
• interpret network security approaches,
• analyse and design network security,
• troubleshoot fundamental network security problems,
• illustrate internetworking devices security configurations.
Intended learning outcomes - transferable/key skills and other attributes
• Communication skills: oral lab work defence, skills exam defence, manner of expression at the tests or written exam.
• Problem solving: designing and implementing of basic network security configurations.
Readings
• O. Santos, J. Stuppi: CCNA Security 210-260 Official Cert Guide, Cisco Press, Indianapolis, 2015.
• O. Santos, P. Kampanakis, A. Woland: Cisco Next-Generation Security Solutions: All-in-one Cisco ASA Firepower Services, NGIPS, and AMP, Cisco Press, Indianapolis, 2016.
• W. Stallings: Cryptography and Network Security, Seventh Edition, Pearson Education, Indianapolis, 2016.
• E. Cole, R. L. Krutz, J. Conley: Network Security Bible, John Wiley & Sons, Indianapolis, 2009.
Prerequisits
Basic knowledge of networking technologies is recommended.
Additional information on implementation and assessment The written exam may be substituted with continuous knowledge testing and assessment.
