Oct 23, 2019
CIS 166 - Network Intrusion Detection 5 Credits
Designed to give a networking student professional a solid foundation of network and computer security tasks. Focuses on use of network logs, use of intrusion detection systems, establishment of policies and conducting vulnerability analysis. Introduces knowledge of standard default communication ports and how to alter them for securing the network. Auditing and monitoring of systems without impacting system performance is stressed. Introduces security on multiple platforms similar to the business environment. Covers viruses, worms, DoS (denial of service) and DDoS (distributed denial of service) attacks. Introduces new attack vulnerabilities.
Pre-requisite(s) CIS 161 min 2.0
Designed to Serve Networking Specialist studying security in the network environment; industry professionals with voice/data/video/image or text networking responsibilities.
Active Date 2015-04-17
Grading System Decimal Grade
Class Limit 24
Contact Hours: Lecture 44 Lab 22 Worksite 0 Clinical 0 Other 0
Total Contact Hours 66
I. Course Overview
II. Recognized domains of Network Security
B. Common Body of Knowledge(CBK)
A. Hackers, Crackers, and Phrackers–how they do it
B. Internal and External Threats
IV. How to conduct a Vulnerability Analysis
A. Use standard freeware like SATAN(Security Administrator Tool for Analyzing Networks)to show how to detect vulnerabilities
B. Standard items to check
V. Basic Computer Security Models
VI. Physical Security
VII. Access Methods
A. Network ports
C. Remote Access
D. Wireless Access
VIII. Create a Security Policy
B. Elements of an effective policy
IX. Operating Systems(OS)
A. Install various OSs including current Windows version, Linux, and Macintosh
B. Review standard communications ports and their numbers
C. Close or change default ports on various OS
D. Explore vulnerabilities of different OS
X. Intrusion Detection Systems
A. Monitor network traffic
B. How to read network logs
C. How to conduct a system audit
D. Installing patches
E. Resources for updates
XII. Who is on your network?
A. Use of digital certificates
B. Authenticating access using items such as Kerberos
XIII. Attacks on the Network
A. Install and maintain antiviral software
B. Dealing with infected machines on the network to minimize impact
C. Respond to a DoS of DDoS attack on the network to minimize impact
XIV. Filing and Tracking Incident Reports
XV. Disaster Recovery
Student Learning Outcomes
Be able to demonstrate how hackers/attackers gain entrance to systems.
Identify Internal and External threats.
Identify the basic computer security models.
List standard ports for communications.
Demonstrate ability to install multiple operating systems and close/change default ports.
Be able to list the elements of a good security policy.
Identify and describe the recognized domains in the Common Body of Knowledge (CBK) of Security Professionals.
List characteristics of an effective intrusion detection system.
Read network logs and monitor traffic on a system.
Install network patches.
[Add to Portfolio]