Implementing Internet Security and Firewalls CISS 330 Orientation
Instructor: Buddy Spisak Office Hours: Office Hours: –Mondays 7:30-8:40 p.m. in BS-143 (Aug. 25 to Dec. 15, 2014) –I am also available through . Phone: Phone: (916) ext (put “CISS330” in the subject line). The turn around time for most is about one to two days. Be sure to include your name in each so that I can identify who you are and what the is about. (put “CISS330” in the subject line). The turn around time for most is about one to two days. Be sure to include your name in each so that I can identify who you are and what the is Course Web page: Course Web page: Instructor Web page: Instructor Web page: 2CISS 330
Course Details Class Credits: 3 units Class Credits: 3 units Prerequisites: CISS 310 Prerequisites: CISS 310 Lecture: Online Lecture: Online Lab Hours: Lab Hours: –Thursday 6:00 to 8:05 p.m. Accepted for Credit: CSU Accepted for Credit: CSU 3CISS 330
Required Textbook: Title: Guide to Firewalls and VPNs, 3 rd Edition Author: Michael E. Whitman, Herbert J. Mattord, and Andrew Green Publisher: Course Technology, 2012 ISBN10: ISBN10: ISBN13: CISS 330
Optional Materials: a flash drive to store your work for the class a flash drive to store your work for the class 5CISS 330
Course Description: With the increased connectivity to the Internet and the wide availability of automated cracking tools, organizations can no longer simply rely on operating system security to protect their valuable corporate data. The firewall has emerged as a primary tool used to prevent unauthorized access. Students will learn how to allow access to key services while maintaining their organization's security as well as how to implement firewall-to-firewall Virtual Private Networks (VPNs). 6CISS 330
Student Learning Outcomes and Course Objectives: As a result of completing this course, you will be able to: SLO #01: EXPLAIN THE RELATIONSHIP AMONG THE DIFFERENT ASPECTS OF INFORMATION SECURITY, ESPECIALLY NETWORK SECURITY (SLO #01). – –Define the key terms and critical concepts of information and network security. – –Identify the threats posed to information and network security, as well as the common attacks associated with those threats. – –Differentiate threats to information within systems from attacks against information within systems. SLO #02: DESCRIBE THE BASIC ELEMENTS OF COMPUTER-BASED DATA COMMUNICATION. – –Know the key entities and organizations behind current networking standards, as well as the purpose of and intent behind the more widely used standards. – –Explain the nature and intent of the OSI reference model, and list and describe each of the model’s seven layers. – –Describe the nature of the Internet and the relationship between the TCP/IP protocol and the Internet. 7CISS 330
Student Learning Outcomes and Course Objectives: SLO #03: DEFINE MANAGEMENT’S ROLE IN THE DEVELOPMENT, MAINTENANCE, AND ENFORCEMENT OF INFORMATION SECURITY POLICY, STANDARDS, PRACTICES, PROCEDURES, AND GUIDELINES. – –Describe an information security blueprint, identify its major components, and explain how it is used to support a network security program. – –Discuss how an organization institutionalizes policies, standards, and practices using education, training, and awareness programs. – –Explain contingency planning, and describe the relationships among incident response planning, disaster recovery planning, business continuity planning, and contingency planning. SLO #04: DISCUSS COMMON SYSTEM AND NETWORK VULNERABILITIES. – –Name the common categories of vulnerabilities. – –Locate and access sources of information about emerging vulnerabilities. – –Identify the names and functions of the widely available scanning and analysis tools. 8CISS 330
Student Learning Outcomes and Course Objectives: SLO #05: IDENTIFY THE LIMITATIONS OF FIREWALLS. – –Identify common misconceptions about firewalls. – –Explain why a firewall is dependent on an effective security policy. – –Describe the types of firewall protection. – –Evaluate and recommend suitable hardware and software for a firewall application. SLO #06: DESCRIBE PACKETS AND PACKET FILTERING. – –Explain the approaches to packet filtering. – –Recommend specific filtering rules. SLO #07: WORK WITH PROXY SERVERS AND APPLICATION-LEVEL FIREWALLS. – –Discuss proxy servers and how they work. – –Identify the goals your organization can achieve using a proxy server. – –Choose a proxy server and work with the SOCKS protocol. – –Evaluate the most popular proxy-based firewall products. – –Explain how to deploy and use reverse proxy. – –Determine when a proxy server isn’t the correct choice. CISS 3309
Student Learning Outcomes and Course Objectives: SLO #08: IDENTIFY AND IMPLEMENT DIFFERENT FIREWALL CONFIGURATION STRATEGIES. – –Understand the nature of advanced firewall functions. – –Track firewall log files, and follow the basic initial steps in responding to security incidents. – –Use a remote management interface. – –Adhere to proven security principles to help the firewall protect network resources. – –Update a firewall to meet new needs and threats. SLO #9: DESCRIBE THE ROLE ENCRYPTION PLAYS IN A FIREWALL ARCHITECTURE. – –Discuss Internet Protocol Security (IPSec) and identify its protocols and modes. – –Analyze the workings of SSL, PGP, and other popular encryption schemes. – –Explain how digital certificates work and why they are important security tools. CISS 33010
Student Learning Outcomes and Course Objectives: SLO #10: DESCRIBE USER, CLIENT, AND SESSION AUTHENTICATION. – –Explain why authentication is a critical aspect of network security. – –Explain why firewalls authenticate and how they identify users. – –List the advantages and disadvantages of popular centralized authentication systems. – –Discuss the potential weaknesses of password security systems. – –Discuss the use of password security tools. – –Describe common authentication protocols used by firewalls. SLO #11: RECOMMEND BEST PRACTICES FOR EFFECTIVE CONFIGURATION AND MAINTENANCE OF VIRTUAL PRIVATE NETWORKS. – –Explain the components and essential operations of virtual private networks (VPNs). – –Enable secure remote access for individual users via a VPN. – –Create VPN setups, such as mesh or hub-and-spoke configurations. CISS 33011
Student Obligations: It is important that you understand what is expected of you in this course. It is important that you understand what is expected of you in this course. Refer to the Syllabus if you have any questions. Refer to the Syllabus if you have any questions. 12CISS 330
Attendance: Since this course is an online-hybrid class, only attendance at the On-Campus Orientation on October 16 and the Final on December 4 is necessary. There will be weekly lab time on campus, and it is up to you to complete the lab assignments during the lab time or at home. Please note that failure to complete 6% of the total course work by the second week of the class may result in your being dropped from the course. Since this course is an online-hybrid class, only attendance at the On-Campus Orientation on October 16 and the Final on December 4 is necessary. There will be weekly lab time on campus, and it is up to you to complete the lab assignments during the lab time or at home. Please note that failure to complete 6% of the total course work by the second week of the class may result in your being dropped from the course. Doing the labs themselves is not optional, but doing them at the college is. Doing the labs themselves is not optional, but doing them at the college is. I will be giving credit for students attending the lab On-Campus. I will be giving credit for students attending the lab On-Campus. Typically each week we will be covering one section in your textbook. Typically each week we will be covering one section in your textbook. Attendance for the On-Campus Final Exam is required. Photo identification is required at the time of the exam to verify your identity. Attendance for the On-Campus Final Exam is required. Photo identification is required at the time of the exam to verify your identity. 13CISS 330
Quizzes: Many weeks there will be a quiz that will test you on the material covered. Many weeks there will be a quiz that will test you on the material covered. –It is open book and open notes. –You can take the quiz multiple times to improve your score, but be aware that the questions may change each time you take quiz and that your last quiz score will be the one counted as your grade. Each quiz is worth 30 points. Each quiz is worth 30 points. 14CISS 330
Desire 2 Learn (D2L): I want everyone to take a pro-active approach to learning this material. This includes using the D2L Discussions feature to ask questions and also answer other students’ questions. I will be posting questions to further your understanding of the material. I want everyone to take a pro-active approach to learning this material. This includes using the D2L Discussions feature to ask questions and also answer other students’ questions. I will be posting questions to further your understanding of the material. I expect each student to post at least two times per discussion item. I expect each student to post at least two times per discussion item. –You can accomplish this task by asking questions about the current discussion topic or by responding to existing questions. –My expectation from you is that you will write at least two to three sentence responses that add substance to the discussion. Each discussion assignment is worth 20 points. Each discussion assignment is worth 20 points. 15CISS 330
Labs: We will be spending a lot of time working on lab activities. We will be spending a lot of time working on lab activities. You are responsible for making sure that your instructor receives your completed lab work. You are responsible for making sure that your instructor receives your completed lab work. Each lab assignment is worth 50 points. Each lab assignment is worth 50 points. 16CISS 330
Final Exam: The final exam will consist of two parts. One part will be a hands-on practical demonstration of assigned tasks, and the other part will be an exam taken in D2L. The final exam will consist of two parts. One part will be a hands-on practical demonstration of assigned tasks, and the other part will be an exam taken in D2L. The final exam will be on Thursday, December 4, The final exam will be on Thursday, December 4, –I will be having a review session the week before to help you. 17CISS 330
Due Dates: Unless noted, all assignments will be submitted in D2L under the “Dropbox” link. Unless noted, all assignments will be submitted in D2L under the “Dropbox” link. –If, for any reason, you cannot access D2L or are unable to submit the assignment on time, please it to me instead so that you are not penalized for being late. Quizzes and discussion items cannot be taken past their due date. Quizzes and discussion items cannot be taken past their due date. –If you miss a quiz and you want to make up points, you can take advantage of the extra credit assignments posted in D2L. –Everyone is welcome to work on the extra credit assignments. Typically, they are five to ten points each, depending on the difficulty of the assignment. 18CISS 330
Late Work: Unless noted all assignments are due on Sunday by midnight each week. Unless noted all assignments are due on Sunday by midnight each week. –I have identified the due dates in the course schedule. –Late work will be accepted ONLY if you have contacted me prior to the due date either by or voice mail. –In general, late work is due the next week, and no late assignments may be turned in after one week from the original due date regardless of the reason. –For every day an assignment is late, you will lose 10% of its grade. 19CISS 330
Plagiarism Policy/Cheating: Plagiarism: It is inappropriate, and a violation of academic policy, to copy information from any source (including, but not limited to, textbooks, magazine articles, newspaper articles and Internet articles) without giving proper credit to the author by using standard quotation procedures such as in-line quotes, footnotes, endnotes, etc. Quotes may not exceed 25% of the assignment’s total length. It is inappropriate, and a violation of academic policy, to copy information from any source (including, but not limited to, textbooks, magazine articles, newspaper articles and Internet articles) without giving proper credit to the author by using standard quotation procedures such as in-line quotes, footnotes, endnotes, etc. Quotes may not exceed 25% of the assignment’s total length. You will receive no credit (0 points) for any assignment that copies any material from any other source without giving proper credit to the author(s). Repeat offenders of this policy are subject to academic discipline as outlined in the polices published by the college. You will receive no credit (0 points) for any assignment that copies any material from any other source without giving proper credit to the author(s). Repeat offenders of this policy are subject to academic discipline as outlined in the polices published by the college.Cheating: Students who cheat will receive a failing grade for the course. See the Students Rights and Responsibilities page of the college website athttp:// s_Rights_and_Responsibilities.htm for additional information. Students who cheat will receive a failing grade for the course. See the Students Rights and Responsibilities page of the college website athttp:// s_Rights_and_Responsibilities.htm for additional information. s_Rights_and_Responsibilities.htmhttp:// s_Rights_and_Responsibilities.htm 20CISS 330
Honor Code Academic integrity requires honesty, fairness, respect and responsibility. See the Cosumnes River College Honor Code posted on the college website ( ). Academic integrity requires honesty, fairness, respect and responsibility. See the Cosumnes River College Honor Code posted on the college website ( HonorCodeForm.pdf ). HonorCodeForm.pdf 21CISS 330
Dropping: Students are responsible for dropping the course. Students are responsible for dropping the course. 22CISS 330
/Discussion Etiquette: Every student will be required to have an account. If you do not have an account, the college provides free accounts for all current students. To activate your account, go to and follow the directions provided. Every student will be required to have an account. If you do not have an account, the college provides free accounts for all current students. To activate your account, go to and follow the directions provided. I will not tolerate rude and demeaning comments or s to anyone in this class. Please keep your comments and s topic-related. I will not tolerate rude and demeaning comments or s to anyone in this class. Please keep your comments and s topic-related. If I determine that a comment or to anyone else in the class is rude or demeaning, I will warn you once. If your behavior continues to be unacceptable, I will refer you to the administration of the college for disciplinary action. If I determine that a comment or to anyone else in the class is rude or demeaning, I will warn you once. If your behavior continues to be unacceptable, I will refer you to the administration of the college for disciplinary action. 23CISS 330
Personal Belongings: No food or drinks are allowed in the classroom. No food or drinks are allowed in the classroom. All cell phones, beepers, pagers, etc. should be turned off or set to vibrate. All cell phones, beepers, pagers, etc. should be turned off or set to vibrate. –Any telephone calls need to be taken outside. 24CISS 330
Disabilities: If you have a documented disability and wish to discuss academic accommodations, please contact me after class or contact the Office of Disabled Student Programs and Services at as soon as possible. If you have a documented disability and wish to discuss academic accommodations, please contact me after class or contact the Office of Disabled Student Programs and Services at as soon as possible. 25CISS 330
Online Course Responsibilities: This course requires significant self-motivation. You must not get behind. Labs and weekly assignments can take up to eight hours to finish. Please don’t try to finish them in one day. Not all activities are created equal. Some may take a bit longer than others. This course requires significant self-motivation. You must not get behind. Labs and weekly assignments can take up to eight hours to finish. Please don’t try to finish them in one day. Not all activities are created equal. Some may take a bit longer than others. You would normally spend three hours per week in class for this course: a total of 54 hours. Allow yourself at least eight hours per week to complete the activities online, including the time spent writing for online class discussion postings. You should plan additional time to read the textbook and study for the quizzes. You would normally spend three hours per week in class for this course: a total of 54 hours. Allow yourself at least eight hours per week to complete the activities online, including the time spent writing for online class discussion postings. You should plan additional time to read the textbook and study for the quizzes. Some people believe the online format provides a much easier way to study this subject than an on-campus framework because they can avoid parking problems. Others feel very intimidated at first. Be patient as you work your way through the activities. Some people believe the online format provides a much easier way to study this subject than an on-campus framework because they can avoid parking problems. Others feel very intimidated at first. Be patient as you work your way through the activities. 26CISS 330
Using Desire 2 Learn: How to log in: How to log in: –You will not be able to participate in the online portion of your class using Los Rios Online until you have enrolled in your course through your college's registration system. –Students registered as of the first day of the term should already have Los Rios Online accounts and be linked to the classes in which they are enrolled. To log on to your D2L account, open your web browser and go to the following URL: To log on to your D2L account, open your web browser and go to the following URL: Your User Name is the letter w followed by your Student ID# Example: w Your User Name is the letter w followed by your Student ID# Example: w Your default password is your birthday in the format: MMDDYYYY Example: Birthday is June 12, 1974, then password = Your default password is your birthday in the format: MMDDYYYY Example: Birthday is June 12, 1974, then password = CISS 330
Grading: Course TopicPointsTotal Approximate % the of Grade Labs (6) Orientation Quiz (1)10 1 Quizzes (4) D2L Discussions (6) Final Exam (1) Point System: There are 750 total assigned points. Grade Ranges: A= , B= , C= , D= , F= CISS 330
Sample Schedule: Day:Lecture/Lab Schedule:Assignment Due: Due Date (By Midnight): Week 1Thurs.10/16Orientation and Introductions View the Online Orientation Sun., Oct. 19 Ch 1: Introduction to Information Security Orientation Disc. Orientation Quiz Ch 2: Security Policies and Standards Lab #1 Week 2Thurs.10/26 Ch 3: Authenticating UsersDisc. #1 (Ch 1-3) Sun., Oct. 26 Lab #2 Lab Review #1 29CISS 330
Conclusion: Log into D2L and take the Orientation Quiz. It is due on Sunday, October 19, Log into D2L and take the Orientation Quiz. It is due on Sunday, October 19, Go to the Orientation Discussion and introduce yourself to the class. Go to the Orientation Discussion and introduce yourself to the class. Registered students for the class have access to D2L can log into the campus network. Registered students for the class have access to D2L can log into the campus network. any questions you might have to me. any questions you might have to me. 30CISS 330