SPR320 - Endpoint Security

Outline info
Semester
School
Last revision date 2021-01-21 10:20:22.409
Last review date 2021-01-21 10:20:22.41


Subject Title
Endpoint Security

Subject Description

In the world of increasingly sophisticated attacks on networks, and the disappearance the traditional network edge due to use of the cloud and mobile devices, the endpoint represents the last line of defense. Students learn to harden their systems, investigate them for evidence of compromise, and remediate security problems once they are discovered.

Credit Status
One Credit

Learning Outcomes
Upon successful completion of this subject the student will be able to:

  • Explain objectives of endpoint protection
  • Explain the key capabilities of an endpoint security platform
  • Analyze endpoints for vulnerabilities
  • Describe malware behaviour
  • Analyze malware to identify its primary objectives
  • Analyze boot up sequence for endpoints
  • Apply standard industry system hardening techniques to endpoints

Essential Employability Skills

    •  Communicate clearly, concisely and correctly in the written, spoken and visual form that fulfils the purpose and meets the needs of the audience.

    •  Respond to written, spoken, or visual messages in a manner that ensures effective communication.

    •  Apply a systematic approach to solve problems.

    •  Use a variety of thinking skills to anticipate and solve problems.

    •  Locate, select, organize, and document information using appropriate technology and information systems.

    •  Analyze, evaluate, and apply relevant information from a variety of sources.

    •  Show respect for diverse opinions, values, belief systems, and contributions of others.

    •  Interact with others in groups or teams in ways that contribute to effective working relationships and the achievement of goals.

    •  Manage the use of time and other resources to complete projects.

    •  Take responsibility for one's own actions, decisions, and consequences.

Academic Integrity
Seneca upholds a learning community that values academic integrity, honesty, fairness, trust, respect, responsibility and courage. These values enhance Seneca's commitment to deliver high-quality education and teaching excellence, while supporting a positive learning environment. Ensure that you are aware of Seneca's Academic Integrity Policy which can be found at: http://www.senecapolytechnic.ca/about/policies/academic-integrity-policy.html Review section 2 of the policy for details regarding approaches to supporting integrity. Section 2.3 and Appendix B of the policy describe various sanctions that can be applied, if there is suspected academic misconduct (e.g., contract cheating, cheating, falsification, impersonation or plagiarism).

Please visit the Academic Integrity website http://open2.senecac.on.ca/sites/academic-integrity/for-students to understand and learn more about how to prepare and submit work so that it supports academic integrity, and to avoid academic misconduct.

Discrimination/Harassment
All students and employees have the right to study and work in an environment that is free from discrimination and/or harassment. Language or activities that defeat this objective violate the College Policy on Discrimination/Harassment and shall not be tolerated. Information and assistance are available from the Student Conduct Office at student.conduct@senecapolytechnic.ca.

Accommodation for Students with Disabilities
The College will provide reasonable accommodation to students with disabilities in order to promote academic success. If you require accommodation, contact the Counselling and Accessibility Services Office at ext. 22900 to initiate the process for documenting, assessing and implementing your individual accommodation needs.

Camera Use and Recordings - Synchronous (Live) Classes
Synchronous (live) classes may be delivered in person, in a Flexible Learning space, or online through a Seneca web conferencing platform such as MS Teams or Zoom. Flexible Learning spaces are equipped with cameras, microphones, monitors and speakers that capture and stream instructor and student interactions, providing an in-person experience for students choosing to study online.

Students joining a live class online may be required to have a working camera in order to participate, or for certain activities (e.g. group work, assessments), and high-speed broadband access (e.g. Cable, DSL) is highly recommended. In the event students encounter circumstances that impact their ability to join the platform with their camera on, they should reach out to the professor to discuss. Live classes may be recorded and made available to students to support access to course content and promote student learning and success.

By attending live classes, students are consenting to the collection and use of their personal information for the purposes of administering the class and associated coursework. To learn more about Seneca's privacy practices, visit Privacy Notice.

Prerequisite(s)
SPR200

Topic Outline

  • X86 and x64 architectures
  • Vulnerability assessment
  • Basic malware analysis
    • Introduction
    • Static
    • Dynamic
  • Reverse engineering
  • Disassembly
  • Debugging
  • Recognizing c code construction in assembly
  • Analyzing malicious programs
  • Malware behavior
  • Covert malware launching
  • Countermeasures
  • Root cause analysis of malicious software
  • Endpoint data protection platform
  • System Hardening

Mode of Instruction
?

A variety of instructional techniques will be used including interactive media-rich lectures, problem-based learning, and computer-based lab exercises. Extensive use of analytical tools used for analyzing and reverse engineering binary applications.

Prescribed Texts
Hacking : The Art of Exploitation, 2nd Edition Paperback – Feb 1 2008
by Jon Erickson (Author)
Publisher: No Starch Press; 2 edition (Feb. 1 2008)
ISBN-13: 9781593271442
 
Practical Malware Analysis: A Hands-On Guide to Dissecting Malicious Software Paperback – Feb 1 2012
by Michael Sikorski (Author), Andrew Honig (Author)
Publisher: No Starch Press; 1 edition (Feb. 1 2012)
ISBN-13: 9781593272906
 
Attacking Network Protocols: A Hacker's Guide to Capture, Analysis, and Exploitation
by James Forshaw (Author)
Publisher: No Starch Press; 1 edition (Dec 8 2017)
ISBN-13: 9781593277505

Reference Material
Reference site:
 
https://www.cisecurity.org/cis-benchmarks/

Required Supplies
n/a

Student Progression and Promotion Policy
http://www.senecapolytechnic.ca/about/policies/student-progression-and-promotion-policy.html

Grading Policyhttp://www.senecapolytechnic.ca/about/policies/grading-policy.html)

A+90%  to  100%
A80%  to  89%
B+75%  to  79%
B70%  to  74%
C+65%  to  69%
C60%  to  64%
D+55%  to  59%
D50%  to  54%
F0%    to  49% (Not a Pass)
OR
EXCExcellent
SATSatisfactory
UNSATUnsatisfactory

For further information, see a copy of the Academic Policy, available online (http://www.senecapolytechnic.ca/about/policies/academics-and-student-services.html) or at Seneca's Registrar's Offices.(https://www.senecapolytechnic.ca/registrar.html)


Modes of Evaluation
Tests, practical and written           30%
Labs                                             25%
Assignments                                25%
Final project                                  20%

Policy on Missed Tests/Presentations and Late Assignments
Due dates for all your assessments (assignments, quizzes and exams) are posted, and you are expected to meet those specified dates and deadlines.  In the case of an extenuating circumstance that will result in your being unable to meet the stated deadline, you are encouraged to contact your professor.  Your professor may (or may not) grant an extension to a stated due date.  Such extension requests must be discussed prior to the due date, or very closely following.  Late submission or completion of any assessments may be subject to a penalty grade deduction.  It is a best practice, for all students, to keep a copy (PDF) of all final, submitted assignments.
 
You are welcome to discuss your completed and submitted assessments with your professor during posted meeting or 'virtual office' hours, or by mutually agreed appointment.
 
In order to provide effective feedback to students, graded assignments may be taken up, commented upon, posted to Blackboard, or discussed.  After feedback is posted and/or discussion of the assessment has taken place, any opportunity to complete or submit that assessment for grades, will be deemed to have “passed."

English Competency

 
The ability to communicate effectively is essential for success in business. Therefore, you must demonstrate English competency in this subject in both oral and written work. Strive to be clear and concise. Ensure your written work is consistent with the rules of English grammar, especially in sentence structure, spelling, and punctuation. Always spell-check, edit, and proof-read your work. 

Seneca College Library Resources
 
Be sure to begin all your research, assignment support and career preparation at the Seneca College libraries website http://library.senecapolytechnic.ca where you will find information about our services and collections including, print and e-books, databases that will lead you to thousands of articles in magazines, newspapers, journals, encyclopedias, carefully selected websites, how-to tutorials, streamed videos and much more.

Accounting & Financial Services Subject Guide
 
Go to https://seneca.libguides.com/Accounting-FinancialServices for an online customized guide for accounting and financial services students that meets specific program needs – you will find library resources, websites, industry associations and organizations, a business glossary, career sites for accounting and financial services students and more.

Citation
 
For rules on citing your sources, consult Seneca Libraries' online MLA Citation Guide at http://seneca.libguides.com/mla, or purchase a print copy of the Guide to Research & Citation: MLA Style in the Seneca Bookstore.  Ensure that you do not commit plagiarism. Information on Academic Integrity & Plagiarism, including a tutorial, is available through the library at: https://seneca.libguides.com/academicintegrity.



Approved by: Suzanne Abraham