Computer Network Security
Computer

Network

Security
MinnesotaStateCommunityand
Technical College
DetroitLakesCampus
Overview
Overview
• Philoso
p
h
y
py
• Noteon2yearColleges
• Certifications
• ProgramCourses
• CCDC
• ProgramNumbers
• Faculty
F
•
F
uture
• Questions
Philosophy
Philosophy
•
You cannot defend what you do not

You

cannot

defend

what

you

do

not

understand.
• Theprogramisdesignedtotrainstudentsto
k i lljb
wor
k

i
nentry
l
eve
l

j
o
b
s

– Networksecurity
–
Networkadministration
Philosophy (cont
’
d)
Philosophy

(cont d)
•
Program is based in skills students need to be
Program

is

based

in

skills

students

need

to

be

employed.

• AdvisoryCommitteeofSecurityandNetwork
Ad i i l d
Ad
m
i
n
i
stratorsmeetyear
l
ytoup
d
ate
curriculum
Note on 2 Year Colleges
Note

on

2

Year

Colleges
•
Students care about real world experience
Students

care

about


real

world

experience
dii fdlijbkill
• E
d
ucat
i
on
i
s
f
ocuse
d
on
l
earn
i
nga
j
o
b
s
kill
• Vitalfortechnicalfacultytostaycurrentinthe
fieldtomaintaincredibilit
y

y
Certifications
Certifications
•
Microsoft
•
CompTIA
Microsoft
– MCP
– MCSA
CompTIA
– Security+
– Linux+
– MCSE – Server+
– Network+
• Planet3
– CWNA
• Cisco
–
CCNA
Program Overview
Program

Overview
•
Associates of Applied Science (71 credits)
Associates

of


Applied

Science

(71

credits)
lf f h d i k dii i
• Ha
lf
o
f
t
h
e
d
egree
i
snetwor
k
a
d
m
i
n
i
str at
i
on
• Halfof thedegreeissecurityadministration

Program Objectives
Program

Objectives
• Designandmaintainsecurecomputernetworks
• Recognizesecuritybreachesandimplement
countermeasures
•
Develop a disaster recovery plan
•
Develop

a

disaster

recovery

plan
• Demonstrateprofessionalcommunicationskillsin
relationtocomputernetworking
• Demonstrateethicalskillsinrelationtocomputer
security
•
Evaluate current practices and recommend security
Evaluate

current

practices


and

recommend

security

measures
• Demonstrateneedforpolicyinimplementationof
security
security
General Education
General

Education
• GSWS1102 • PSYC1200General
ContemporaryCareer
Search
Psychology
• SPCH1114Introto
bl k
• INTD1104Systems
Administration
•
ENGL 1101 College
Pu
bl
icSpea
k
ing

• MNTransferElectives(2
classes)
•
ENGL

1101

College

WritingI
• PHIL1201Ethics
classes)
• CPTR1104Introto
Com
p
uterTech
• CSEC1102Careersin
InformationSystems
p
• MATH0090
IntroductoryAlgebra
Networking Courses
Networking

Courses
• CPTR11
08
Ci
sco
1 • C

S
EC22
0
2Intr
oduc
ti
o
n
08
sco
• CPTR2224LinuxI
• INTD1104 S
y
stems
S 0
oduc o
toWirelessNetworking
• CSEC2204 Managing
y
Administration
• CPTR1118 Cisco2
DirectoryServices
• CSEC2216 Advanced
Rti
• CPTR2272 Network
OperatingSystems
R
ou
ti
ng

• CSEC2218 Disaster
Recovery
Recovery
• CPTR2282 E‐Mail
Administration
Security Courses
Security

Courses
•
CSEC 1110
•
CSEC 2222 Network
CSEC

1110

FundamentalsofIT
Security
CSEC

2222

Network

SecurityDesign
• CSEC2228Network
• CSEC2210Security
Breaches&
Defense

• CSEC2230Com
p
uter
Countermeasures
• CSEC2212WebSecurity
p
Forensics
Studentsarerequiredtosignastatementofethics
CSEC1110 Fundamentals of IT Security
CSEC1110

Fundamentals

of

IT

Security
• CourseObjectives:
Id tif th t f If ti St Sit(INFOSEC)
–
Id
en
tif
y
th
ecomponen
t
so
f


I
n
f
orma
ti
on
S
ys
t
ems
S
ecur
it
y
(INFOSEC)

– ExplainOperationsSecurity(OPSEC)
– DiscussthecomponentsofInformationSecurity
– EmploytheelementsofInformationSystemsSecurity(INFOSEC)
– Formulatesecuritypoliciesandguidancedocuments
–
Interpret legal issues within Information Security
Interpret

legal

issues

within


Information

Security

– Applytheconceptsofriskassessment
– Analyzetheconceptsofsystemlifecyclemanagement
Dttth t f tt
–
D
emons
t
ra
t
e
th
econcep
t
o
f

t
rus
t

– Employthemodesofcomputeroperation
– Analyzetherolesofvariousorganizationalpersonnel
– ApplythefacetsofInformationSecurity
CSEC1110FundamentalsofITSecurity
(’d)

(
cont
’d)
•
Book:
Book:

– Security+GuidetoNetworkSecurity
FundamentalsSecondEdition
–
Course
Technology;CSSIALabManual
• CourseActivities:
–
Studentsusesomebasictoolstogetanov erview
ofsecurity
•
MBSA
Wireshark
IPSorcery
EBCD
Snadboy
•
MBSA
;
Wireshark
;
IPSorcery
;
EBCD

;
Snadboy
Revolution;CainandAble
–
Writeweekl
y

p
a
p
ersonsecurit
y
vulnerabilities
y pp y
CSEC2210SecurityBreaches&
Countermeasures
• Objectives:
Dibth t t d lbilitif t
–
D
escr
ib
e
th
rea
t
s
t
oan
d

vu
l
nera
biliti
eso
f
sys
t
ems
– Performriskmanagementfunctions
– Planasecurityassessmentusingcurrentpractices
–
Perform a security assessment using current practices
–
Perform

a

security

assessment

using

current

practices
– Utilizecurrenttoolstoassessnetworksecurity
– Conductapenetrat iontestusingcurrentpractices
–

Em
p
lo
y
informationreconnaissancetechni
q
ues
py q
– ConductanITauditusingcurrentbestpractices
– Implementcountermeasuresfornetworks
– Completewrittendocumentationofthreats
– Evaluatemethodsofnon‐networkmethodstogainnetworkaccess
– Analyzemethodsattack ersavoiddetection
– Conductattacksonacontrollednetwork
h
–
Demonstrateet
h
ics
CSEC2210SecurityBreaches&
(’d)
Countermeasures
(
cont
’d)
• Books:
– AssessingNetworkSecurity‐ MicrosoftPress(nolongerin
print);NetworkSecurityAssessment‐ O’Reilly;Microsoft
VBSCRIPTStepbyStep– MicrosoftPress;CSSIALabManual
C Aiii

•
C
ourse
A
ct
i
v
i
t
i
es:
– 3weeksonVBScript
– 10weekson
• PenetrationTesting
• Information gathering
• Reportgener ation
•
Hacking techniques
•
Hacking

techniques
• Defensivemeasures
– 2weeksoncapturetheflag
CSEC2212
Web Security
CSEC2212
Web

Security

• Objectives:
Itit t b th li
–
I
nves
ti
ga
t
ecurren
t
we
b

t
ec
h
no
l
og
i
es
– Applycurrentwebbrowsersecuritybestpractices
– Createwebsitevirtualserversanddirectories
M b fld
–
M
anagewe
b

f

o
ld
ers
– ImplementsecurewebcommunicationswithSSL
– Troubleshootwebclientconnectivity
Il tff ti li
–
I
mp
l
emen
t
e
ff
ec
ti
ve
l
ogg
i
ng
– Employwebsiteauthentication
– ImplementFTPservertocurrentstandards
Al b i Ah b
–
A
pp
l
ycurrent
b

estpract
i
cestosecurean 
A
pac
h
ewe
b
server
– ApplycurrentbestpracticestosecureanIISserver
– InstallIISfollowingcurrentbestpractices
IllAh b fll i b i
–
I
nsta
ll

A
pac
h
ewe
b
server
f
o
ll
ow
i
ngcurrent
b

estpract
i
ces
CSEC2212
Web Security (cont
’
d)
CSEC2212
Web

Security

(cont d)
• Books:
– ApacheSecurity‐ O’Reilly;MicrosoftIIS6.0
Administrator’sPock etConsultant‐ Microsoft
Press; Apache Phrasebook
O
’
Reilly
Press;

Apache

Phrasebook
‐
O Reilly
• CourseActivities:
–
Studentss

p
end7weeksonsecurin
g
A
p
ache
p g p
– Studentsspend7weeksonsecuringIIS
– Certificates/SSL
–
Directory security
–
Directory

security
– Browsersecurity
– SecuringFTP
CSEC 2228 Network Defense
CSEC

2228

Network

Defense
• Objectives:
–
Outline physical security measures to current best practices
Outline


physical

security

measures

to

current

best

practices
– Identifypersonnelsecuritypracticesandprocedures
– Explainsoftwaresecuritybestpractices
l k
–
Out
l
inenetwor
k
security
– Describeadministrativesecurityproceduralcontrols
– Definecryptosecurity
– Indicateproperkeymanagementprocedures
– Interprettransmissionsecuritymodels
–
Name the elements of TEMPEST security
Name


the

elements

of

TEMPEST

security
– Completefirewallplanninganddesigntocurrentbestpractices
– Distinguishfirewallcryptographystrategies
C k fil i fi ll
–
C
onstructapac
k
et
fil
ter
i
ng
fi
rewa
ll
CSEC 2228 Network Defense (cont
’
d)
CSEC

2228


Network

Defense

(cont d)
• Books:
– GuidetoFirewallsandNetworkSecurityIntrusion
DetectionandVPNs‐CourseTechnology;Managing
Security with Snort and IDS Tools
‐
O
’
Reilly
Security

with

Snort

and

IDS

Tools

O Reilly
• CourseActivities:
– Learnproperdesignofnetworkdefenses
– WorkwithCiscoPIX

– Buildandconfigur eaSnortsystem
Il tPi
–
I
mp
l
emen
t

P
rox
i
es
– Workwithvariouspersonalfirewalls
–
Com
p
leteawritten
p
ro
p
osaland
p
resentationonfirewalls
p pp p
CSEC 2230 Computer Forensics
CSEC

2230


Computer

Forensics
• Objectives:
Examine computer forensics as a profession
–
Examine

computer

forensics

as

a

profession
– Explainthestepsinacomputerinvestigation
– Evaluatecurrentcomputerforensictools
Employ proper procedures fin processing crime and incident scenes
–
Employ

proper

procedures

fin

processing


crime

and

incident

scenes
– Applydigitalevidencecontrols
– Selectthebestdataacquisitionmethodsforeachinvestigation.
Describe computer forensics analysis
–
Describe

computer

forensics

analysis
– Demonstrateprocedurestorecoverimagefiles
– Employstandardprocedurestoperformnetworkforensics
Use specialized e
mail computer forensics tools
–
Use

specialized

e
‐

mail

computer

forensics

tools
– Formulatereportfindingswithforensicsoftwaretools
– Examinedisksofvariousfilesystems
Dtt
il ititithi
–
D
emons
t
ra
t
epropere‐ma
il

i
nves
ti
ga
ti
on
t
ec
h
n

i
ques
CSEC2230ComputerForensics 
(’d)
(
cont
’d)
•
Book:
Book:

– GuidetoComputerForensicsandInvestigations
3
rd
Edition‐ CourseTechnology
• CourseActivities:
–
StudentsuseWindowstools:
• FTK,WinHex,ProDiscover,Helix
– StudentslearntouseLinuxtools:
• Autopsy, Sleuth,dd,Fubuntu
– Requiredtowriteareportonstartingupa
forensic lab
forensic

lab
.
CSEC 2222 Network Security Design
CSEC


2222

Network

Security

Design
• Objectives:
–
Identifycomponentsofnetworksecurityplanning
– Describecomponentsofsystemslifecyclemanagement
–
Conductanetworkvulnerabilit
y
anal
y
sisusin
g
currentbest
p
ractices
y y g p
– Implementacomputernetwork
– Constructasecurenetworkframework
Implement security countermeasures using current best practices
–
Implement

security


countermeasures

using

current

best

practices
– Demonstrateabilitytosecureanetworkclienttocurrentbest
practices
Dttbilit t tk t t bt
–
D
emons
t
ra
t
ea
bilit
y
t
osecurene
t
wor
k
resources
t
ocurren
t


b
es
t

practices
– Demonstrateabilitytosecurenetworkservertocurrentbestpractices
–
ImplementaDMZ
– Demonstrateethics
CSEC2222NetworkSecurityDesign
(’d)
(
cont
’d)
• Book:
– MCSEGuidetoDesigningSecurityforaMicrosoft
WindowsServer2003Network‐ CourseTechnology
•
Course Activities:
Course

Activities:
– Capstonecourse:studentsmustuseatechnologylearned
ineachclassusedintheireducation
–
5 weeks on secure design
–
5


weeks

on

secure

design
– 6weeksonbuildingandsecuringtheirnetwork
– 4weeksonconductingasecurityassessmentona
different team
’
s network
different

team s

network
– Thebuildingaassessmentphasesrequireawrittenreport
andpresentation
CSEC2222NetworkSecurityDesign
(’d)
(
cont
’d)
• CapstoneProjectRequirementsfor • MinimumSystem Requirements
2008
• ProvidedEquipment
– 3servers
2 lt
– ActiveDirectory

– DNS
– DHCP
Eh 2003
–
2

l
ap
t
op
– 2Cisco2500router
– 1CiscoSwitch
–
1 Cisco 1232 Access Point.
–
E
xc
h
ange
2003
– CiscoWireless
– CiscoRouter
–
C
i
sco

S
wi
tc

h
1

Cisco

1232

Access

Point.
CscoStc
– Wirelessclientmachine
– IIS
– Apache
– FTPsite
CCDC
CCDC
•
Collegiate Cyber Defense Competition
Collegiate

Cyber

Defense

Competition
– 8studentsfromtheprogramontheteameach
year
year
– 2007and2008heldatInverHills CC

–
http://ccdc minnesota edu
–
http://ccdc
.
minnesota
.
edu