CST203 Security Hardware and Software
Main Page
Thursday, December 13, 2007, 3:05pm
Classes Cancelled after 3pm due to
snow, but the Final Exam goes on!
The Final Exam is available here:
CST203 Final
Exam
You will have the weekend to work on it... I will expect your solutions
to be emailed to me before midnight Monday the 17th.
Please email your answers to the following address:
antonakos_j@sunybroome.edu
Instructor
Professor James L. Antonakos
Computer Studies Department
Broome Community College
(607) 778-5122
hello.wav, Greetings from JLA
Catalog Description
This course lists and describes various networking hardware and software
components relating to security. Students peform a forensic analysis of an
actual attack, and create a security baseline analysis.
Introduction
The purpose of this course, the third in a series of four courses, is to
explore the aspects of security hardware and software. The four security
courses are:
- CST 103 General Security Concepts
- CST 104 Remote Security Methods
- CST 203 Security Hardware and Software
- CST 210 Business Security
All four courses draw upon information found in the following locations:
- Word documents, PDFs, executable code, and figures provided by the
instructor.
- Web sites specializing in certain aspects of security.
At a minimum, the four courses provide a comprehensive examination and
exposure to all of the security topics included in the CompTIA Security+
Certification objectives. Click here for a PDF of the
Security+ objectives.
Assignments
There will be weekly, or sometimes bi-weekly, assignments that will require
you to read the posted information or selected pages from your book. You will
also perform a number of experiments designed to familiarize youself with
security hardware and software. There will also be a midterm exam and a final
exam.
Course Content
- Week 1: Overview of Security Hardware and Software
- Hardware Devices
- Software (OS, application, and protocols)
- DDOS attack on a network camera
- Sniffing Traffic on a Switched LAN
- Week 2: Firewalls
- Overview
- Software Firewall: ZoneAlarm
- Hardware Firewall: SonicWall Pro VX
- Week 3: Steganography
- JPG Image File Format and Lossy DCT Compression
- EXIF
- Information Hiding
- Week 4: Spanning Trees
- What is a Spanning Tree?
- Prim's Algorithm
- Kruskal 's Algorithm
- Managed Switch with Spanning Tree
- Week 5: VLAN Operation
- What is a VLAN?
- VLANs on a Managed Switch
- VLAN to VLAN Communication
- Week 6: Biometrics, Part 1: Fingerprint Readers
- Fingerprint Features
- Optical Readers
- Capacitive Readers
- Graph Isomorphism
- Week 7: SNMP on a Managed Switch
- Security Aspects of SNMP
- Agents and Traps
- Week 8: Midterm Exam
- Week 9: Forensics, Part 1
- Where is search information stored on a PC?
- The History Folder
- Temporary Internet Files
- Week 10: Forensics, Part 2
- The Sysinternal Utilities
- The Process Log
- The File System Log
- The Registry Log
- Week 11: Fault Tolerance
- What is Fault Tolerance?
- RAID 0 and RAID 5
- Multi-homing
- Failover Topologies
- Salt Lake and Athens Olympic Networks
- Week 12: Biometrics, Part 2: Facial Recognition
- Normalization and Feature Extraction
- Eigenfaces
- VideoLock Software
- Week 13: Forensics, Part 3: Machine Code
- 80x86 Software Architecture
- EXE and COM Files
- DEBUG and IDA Pro
- Week 14: Forensics, Part 4: Analysis of an Infection
- Assembly Language and Malicious Code
- Run-Time Stacks, Buffers, and Malicious Code
- Week 15: Final Exam
Student Learning Outcomes
At the conclusion of this course, the student will…
- be able to describe the ways a network can be used in an attack.
- be able to use steganography to hide information.
- be able to describe the operation and features of DDOS, buffer overflow,
and stack attacks.
- be able to explain the operation of a managed switch, including error
logging, reporting, and VLAN capabilities.
- understand the security features of firewalls, routers, switches, hubs, and
cabling.
- understand the basics of the 80x86 architecture, assembly language and
machine language, and how malicious code operates.
- be familiar with biometric security devices and software.
Grading
Your final grade will be based on the following areas:
- 40%, Weekly Homework / Lab Assignments
- 25%, Midtern
- 25%, Final
Important Notes:
- Homework and labs are typically due one week after covering the material.
When I grade an assignment I am not looking for the correct answer as much as I
am looking for the correct approach. You must submit all homeworks and labs and
other assignments to pass the course. You can not do 'just enough' of them to
get a certain grade.
- After two weeks, your work will be considered late and will receive a zero.
However, you must still submit the completed assignment, no matter how late.
You must submit all the assignments to pass the course.
Your letter grade will be assigned as follows:
| A : 93 to 100 |
A- : 90 up to 93 |
. |
| B+ : 87 up to 90 |
B : 83 up to 87 |
B- : 80 up to 83 |
| C+ : 77 up to 80 |
C : 73 up to 77 |
C- : 70 up to 73 |
| D : 60 up to 70 |
F : Below 60 |
. |
Good Luck!
Last updated Fall 2007
by JLA