SEC703 - Advanced Security

Outline info
Semester
School
Last revision date 2023-10-02 00:49:00.728
Last review date 2023-12-04 00:15:10.119


Subject Title
Advanced Security

Subject Description
This subject will introduce students techniques to combat computer and network intrusions. Students will learn how to manage situations prior to being attacked as well as how to deal with the effects of attacks on their system. This course will also expose students to information gathering from compromised systems and how to prepare documentation that will record all aspects of their computer and network system. Students will build and maintain their own secure networks in this hands-on one semester course.

Credit Status
1 credit in the CNS / CTY program.

Learning Outcomes
Upon successful completion of this subject the student will be able to:

  •     Students will be able to systematically deal with attacks through documentation and planning
  •     Students will use management skills to create a secure system and demonstrate how to encourage users to maintain that security
  •     Students will demonstrate ability to design and maintain a secure network for internal and external situations
  •     Students will understand and demonstrate the requirements needed to deal with management in regards to security
  •     Students will learn how to deal with system attacks from both internal and external sources

Essential Employability Skills

    •  Communicate clearly, concisely and correctly in the written, spoken and visual form that fulfils the purpose and meets the needs of the audience.

    •  Respond to written, spoken, or visual messages in a manner that ensures effective communication.

    •  Execute mathematical operations accurately.

    •  Apply a systematic approach to solve problems.

    •  Use a variety of thinking skills to anticipate and solve problems.

    •  Locate, select, organize, and document information using appropriate technology and information systems.

    •  Analyze, evaluate, and apply relevant information from a variety of sources.

    •  Show respect for diverse opinions, values, belief systems, and contributions of others.

    •  Interact with others in groups or teams in ways that contribute to effective working relationships and the achievement of goals.

    •  Manage the use of time and other resources to complete projects.

Academic Integrity
Seneca upholds a learning community that values academic integrity, honesty, fairness, trust, respect, responsibility and courage. These values enhance Seneca's commitment to deliver high-quality education and teaching excellence, while supporting a positive learning environment. Ensure that you are aware of Seneca's Academic Integrity Policy which can be found at: http://www.senecapolytechnic.ca/about/policies/academic-integrity-policy.html Review section 2 of the policy for details regarding approaches to supporting integrity. Section 2.3 and Appendix B of the policy describe various sanctions that can be applied, if there is suspected academic misconduct (e.g., contract cheating, cheating, falsification, impersonation or plagiarism).

Please visit the Academic Integrity website http://open2.senecac.on.ca/sites/academic-integrity/for-students to understand and learn more about how to prepare and submit work so that it supports academic integrity, and to avoid academic misconduct.

Discrimination/Harassment
All students and employees have the right to study and work in an environment that is free from discrimination and/or harassment. Language or activities that defeat this objective violate the College Policy on Discrimination/Harassment and shall not be tolerated. Information and assistance are available from the Student Conduct Office at student.conduct@senecapolytechnic.ca.

Accommodation for Students with Disabilities
The College will provide reasonable accommodation to students with disabilities in order to promote academic success. If you require accommodation, contact the Counselling and Accessibility Services Office at ext. 22900 to initiate the process for documenting, assessing and implementing your individual accommodation needs.

Camera Use and Recordings - Synchronous (Live) Classes
Synchronous (live) classes may be delivered in person, in a Flexible Learning space, or online through a Seneca web conferencing platform such as MS Teams or Zoom. Flexible Learning spaces are equipped with cameras, microphones, monitors and speakers that capture and stream instructor and student interactions, providing an in-person experience for students choosing to study online.

Students joining a live class online may be required to have a working camera in order to participate, or for certain activities (e.g. group work, assessments), and high-speed broadband access (e.g. Cable, DSL) is highly recommended. In the event students encounter circumstances that impact their ability to join the platform with their camera on, they should reach out to the professor to discuss. Live classes may be recorded and made available to students to support access to course content and promote student learning and success.

By attending live classes, students are consenting to the collection and use of their personal information for the purposes of administering the class and associated coursework. To learn more about Seneca's privacy practices, visit Privacy Notice.

Prerequisite(s)
INT420 and SEC520

Topic Outline

  • Ensuring System Lockdown - 17%
    •         for XP/2000/Linux
    •         patches and default setups
    •         for mail (specifically dealing with SendMail)
    •         Web (Apache/IIS)
    •         User/password
  • Perimeter Design - 16%
    •         firewalls
    •         honeypots
    •         Intrusion Detection Systems (IDS)
    •         Demilitarized Zone (DMZ)
    •         Self Defending Networks
  • Documentation - 16%
    •         convince management of the importance of security
    •         acceptable user policy
    •         documentation setup
    •         security policy
    •         TRA Threat Risk Analysis
  • Penetration Testing and Auditing - 17%
    •         creating toolkits
    •         doing actual testing
    •         reading IDS logs
    •         determining attack footprints
    •         dealing with DoS and DdoS attacks
    •         password attacks
  • Incident Handling - 17%
    •         dealing with actual attacks
    •         isolating machines
    •         CERT, Bugtraq
    •         Dealing with vendors
  • Computer Forensics - 17%
    •         tracking down all of the "cracker's" activities
    •         recovering logs
    •         documentation
    •         legal issues

Mode of Instruction
4 hours lab time per week.

Prescribed Texts

  • Computer Security: Practice and Principles, 2nd Edition by Stallings and Brown; ISBN 0-13-277506-9 published by Prentice Hall

Reference Material
None

Required Supplies
None

Student Progression and Promotion Policy
To obtain a credit in this subject, a student must:

  •     Satisfactorily complete all assignments
  •     Achieve a weighted average of 55% or better for the tests and final exam
  •     Achieve a grade of 55% or better on the overall course
  •     Complete ALL assignments and labs
  •     Achieve a weighted average of 55% or better for the tests

http://www.senecapolytechnic.ca/about/policies/student-progression-and-promotion-policy.html

Grading Policyhttp://www.senecapolytechnic.ca/about/policies/grading-policy.html

A+90%  to  100%
A80%  to  89%
B+75%  to  79%
B70%  to  74%
C+65%  to  69%
C60%  to  64%
D+55%  to  59%
D50%  to  54%
F0%    to  49% (Not a Pass)
OR
EXCExcellent
SATSatisfactory
UNSATUnsatisfactory

For further information, see a copy of the Academic Policy, available online (http://www.senecapolytechnic.ca/about/policies/academics-and-student-services.html) or at Seneca's Registrar's Offices. (https://www.senecapolytechnic.ca/registrar.html).


Modes of Evaluation

Assignments (minimum of 3) 25%
Tests (4) 35%
Final Project 40%

Approved by: Mary-Lynn Manton