NWIT 173 - Network Security
An in-depth review of systems security, access control, network infrastructure, assessments and audits, cryptography and organizational security across both private and public enterprises. Real-world scenarios reinforce material covered. This course will help prepare students for the CompTIA Security+ certification exam. PRE- or COREQUISITE(S): NWIT 151 or NWIT 170 or consent of department. Three hours each week.
3 semester hours
Upon course completion, a student will be able to:
- Identify the key features and functions of clients and servers, routers, firewalls, IDSs, VPNs, and antivirus.
- Explain the TCP/IP protocol suite, the OSI model, and the different protocols that operate within the layers of these models.
- Identify various attacks against protocols and ports, along with the tools that can be used to detect these attacks.
- Explain how routers and switches can create a secure infrastructure.
- Describe how techniques such as creating subnets, DMZs, and VLANs can further secure a network.
- Differentiate between varying security assessment techniques and explain how they are used to find vulnerabilities in network security.
- Identify the different types of firewalls, NIDS and NIPS, proxy servers, all-in-one security appliances, and other technologies that can be deployed to secure network environment.
- Discuss mitigation and deterrence techniques, security log analysis, and technical methods of securing DHCP and DNS servers.
- Explain different remote access strategies and technologies such as PPP, VPNs, PPTP, L2TP, IPsec, RADIUS, and TACACS.
- Explain the differences between various wireless security mechanisms such as WEP, WPA, CCMP, EAP, PEAP, LEAP, MAC filters, SSID broadcast, and antenna placement and the attacks they are designed to fend off.
- Identify different authentication services and protocols including biometric security mechanisms and other access security mechanisms such as tokens and smart cards.
- Explain how LDAP can be used to create security in an environment along with risk reduction mechanisms such as policies for mandatory vacations, job rotation and separation of duties.
- Compare the methods, tools, and applications that can be used to secure data, mobile devices, and operating systems, how to deploy environmental controls and physical access controls.
- Discuss locking mechanisms (application and physical) along with encryption schemes for data on servers and mobile devices.
- Explain cryptography and the different ciphers and tools that can be used to secure information and protect against attacks.
- Describe message authentication, digital signatures, Public Key Infrastructure (PKI) and certificate authorization and revocation.
- Discuss the communications standards and protocols that are used in the web server environment, along with the ways to harden web servers and web browsers.
- Distinguish between the different types of attacks that web servers and web-based applications can face.
- Discuss virtualized environments, along with cloud computing and the different types of services and challenges that each present.
- Describe authentication and explain password issues, Kerberos assumptions, challenge handshake authentication protocol, security tokens and biometrics.
Click here for the Fall 2022 Class Schedule
Click here for the Summer II 2022 Class Schedule
Click here for the Summer I 2022 Class Schedule
Click here for the Spring 2022 Class Schedule
Add to Favorites (opens a new window)