SEC520 - Internet Security

Outline info
Semester
School
Last revision date 2017-05-29 00:33:42.043
Last review date 2017-07-17 00:15:39.638


Subject Title
Internet Security

Subject Description
This subject explores issues surrounding web site construction, operation, and maintenance from a security point of view. Students will learn how to identify attack types from both internal and external sources. Students will learn how to build secure servers. Major topics will include document encryption, server protection, and defense strategies. Example web servers for both Windows and UNIX/LINUX will be investigated.

Credit Status
1 Credit for CNS/CTY Diploma Students

Learning Outcomes
Upon successful completion of this subject the student will be able to:


- Identify the role of security in the provision of an Internet service
- Identify authentication, authorization, and access control elements of a security configuration
- Understand Windows and Unix/Linux security foundations
- Identify common types of server vulnerabilities
- Test a server for vulnerabilities
- Harden a server against threats
- Configure an intrusion detection system
- Configure a firewall
- Configure server activity logging and interpret logs
- Configure secure access to a server for content and server administration
- Configure and use encryption technologies including ssh and kerberos
- Configure a web site to control access to content using passwords, client certificates and advanced login protocols

Cheating and Plagiarism
Each student should be aware of the College's policy regarding Cheating and Plagiarism. Seneca's Academic Policy will be strictly enforced.

To support academic honesty at Seneca College, all work submitted by students may be reviewed for authenticity and originality, utilizing software tools and third party services. Please visit the Academic Honesty site on http://library.senecacollege.ca for further information regarding cheating and plagiarism policies and procedures.

Discrimination/Harassment
All students and employees have the right to study and work in an environment that is free from discrimination and/or harassment. Language or activities that defeat this objective violate the College Policy on Discrimination/Harassment and shall not be tolerated. Information and assistance are available from the Student Conduct Office at student.conduct@senecacollege.ca.

Accommodation for Students with Disabilities
The College will provide reasonable accommodation to students with disabilities in order to promote academic success. If you require accommodation, contact the Counselling and Disabilities Services Office at ext. 22900 to initiate the process for documenting, assessing and implementing your individual accommodation needs.

Prerequisite(s)
INT420

Topic Outline
The Role of Security in the Provision of an Internet Service

Categories of Security Risks and Responses

Controlling Access to Content

  • Passwords
  • Client-side certificates
  • Advanced login protocols

Security Foundations
  • Authentication, Authorization, and Access Control
  • Kerberos
  • PAM
  • Passwords
  • PKI
  • RADIUS
  • Self-generated keys
  • Windows Security Foundations
  • Linux Security Foundations
  • Intrusion detection systems
  • Firewalls

Hardening a Web Server
  • Understanding common types of vulnerabilities
  • Testing a server for vulnerabilities
  • Hardening a server against common threats

Operational Security
  • Administrative access
    • Server administration
    • Site/content administration
  • Logging and log interpretation
  • Auditing
  • Change management

Mode of Instruction
Classroom lectures and discussions are supplemented by lab sessions with the instructor, reinforced by assigned readings and assignments between classes.

It is the student's responsibility to save documents, articles and notes that the instructor has provided on BlackBoard or in class. Students will not be able to access BlackBoard as of the last day of the student’s class.

Prescribed Texts
Hacking Exposed, Sixth Edition: Network Security Secrets & Solutions
by Stuart McClure, 7th edition; McGraw-Hill,  ISBN#9780071780285

Promotion Policy

Grading Policy
A+ 90%  to  100%
A 80%  to  89%
B+ 75%  to  79%
B 70%  to  74%
C+ 65%  to  69%
C 60%  to  64%
D+ 55%  to  59%
D 50%  to  54%
F 0%    to  49% (Not a Pass)
OR
EXC Excellent
SAT Satisfactory
UNSAT Unsatisfactory

For further information, see a copy of the Academic Policy, available online (http://www.senecacollege.ca/academic-policy) or at Seneca's Registrar's Offices.


Modes of Evaluation
Since this is a professional credit subject, marking standards reinforce professional practice by demanding legible, tidy work. Written materials should be well organized and grammatically correct, with proper spelling and punctuation.

Assignments

  • Students must retain a duplicate of all assignments.
  • Computer assignments should be documented to the instructor's standards.
  • Assignments must be handed in on the scheduled due date. Late assignments are penalized.
  • For particulars, please obtain standards, dates, etc. from your instructor.

Absenteeism and Tests
  • Students should be aware that absenteeism will impact on their ability to achieve satisfactory grades.
  • If you miss a test, you must provide the reason in writing to the instructor prior to the next scheduled class. If your reason is accepted, you will be permitted to write a make-up test. Otherwise, you will be given a zero for the test. You must submit an original doctor’s certificate identifying the date, length of time of expected absence and the specific reason for your absence, or other appropriate documentation.

Term Work and Final Exam
  • Students must attain a combined grade of at least 50% on term work and the final exam. Students must pass the final exam in order to pass the subject
  • For further information on evaluation and academic standing, see a copy of the Academic Policy available at Seneca registration offices.

Grading is based on the following marking scheme:

Tests (min. 2) 30%
Assignments (min. 2) 30%
Final Examination 40%

Approved by: Denis Gravelle