IT513: Systems and Network Security

Course Objective

This course deals with security issues in a networked environment and the Internet, and with a guide to obtaining freely available security tools and references. It points out the inadequacies of existing products in keeping out intruders, and enables participants to better estimate their own security requirements, risks, and advantages. These include the World Wide Web security, proxy programs, integrity management tools, secure programming, and how to use secure TCP/IP services. It also covers security issues on passwords, file systems, cryptography, backups, logging, firewalls, virtual private networks, proactive security strategies and policies, physical security and dealing with break-ins.

Course Outline

A. Enterprise Systems Security

  • Scale of the Cyber Crime
  • Sources of Threats
  • Attack Methodologies
  • Security Breaches
  • Remediation Activities
  • Security Tools
  • Security Policies and Procedures
  • Different Standards on IT & Security Management (Cobit, ITIL, ISO 27001, .)

B. Malware Analysis

  • Economics of Malware
  • Malware Objectives
  • Rootkits/Worms/Viruses
  • Introduction to Windows Kernel
  • Analysis Tools

C. Network and Telecommunications Security

  • Network and TCP/IP Basics for Security
  • Network Attacks and Countermeasures
  • Firewall Management
  • VoIP Security
  • IDS, IPS and other Network Security Tools
  • Vulnerability Scanning
  • Penetration Testing
  • Covert Channels

D. Introduction to PKI

  • Encryption Basics
  • Digital Certificates
  • Public Key Infrastructure
  • Implementation Issues

E. Database Security

  • Oracle DB Security
  • MS Sql Server Security
  • Hardening Databases

F. Application Security

  • Common Application Attacks
  • Reverse Engineering
  • Source Code Analysis
  • Web Application Security
  • SAP Security
  • Secure Coding Practices

G. Operating System Security

  • MS Windows Security
  • Unix Security
  • Cisco IOS Security
  • Preventing Attacks/ Systems Hardening

Sample Exams

A. Systems and Network Security Final Exam

B. Systems and Network Security Midterm Exam

C. Systems and Network Security Final Exam

D. Systems and Network Security Midterm Exam