20 credits at level HE6
As computer networks have become mission critical to all but the smallest of enterprises the need to protect them from deliberate or accidental disruption has become paramount. The move towards Internet technologies has opened up these networks to a wide range of threats which can result in extensive damage to the organizations function or reputation. Consequently there is a need for computer professionals to have a broad understanding of this fast evolving and highly technical subject area.
Risk Assessment in an Internet environment including an exploration of attack and defence strategies and tools and the context in which they are employed.
Introduction to the theory and practice of basic network security technologies.
Configuration of simple firewalls and implementation of strategies to improve the security of Internet-attached servers.
Packet filtering, stateful inspection and application proxies.
Host based, boundary and internal firewalls.
Motivation for attacks
Attack mechanisms and tools
Defensive strategies and tools
Manufacturer or product specific security issues
Security technologies and protocols and their applications
Intrusion detection and response
Network Address Translation
Assessment will be carried out by a practical assignment in which students will impose a security policy between two networks (30%)Interactive Web based learning (20%) and an end-of-module examination (50%).
Delivery will be through a Web-based Learning Environment supported by laboratory exercises. Students will be expected to visit a number of Internet resources to gain knowledge which will be tested through the learning environment.
NB Where this module is offered online (via BoltOnline) lectures and seminars delivered by Elluminate.
Formal Lectures 14 hours
Tutorials/seminars 13 hours
Supervised practicals 13 hours
Unsupervised Practical 40 hours
Coursework 40 hours
Directed reading 40 hours
ExamInation preparation 40 hours
when you have successfully completed this module you will:
to demonstrate that you have achieved the learning outcome you will:
|1.||Demonstrate an understanding of the relationship between elements in a risk assessment.||
Be able to correctly carry out a simple risk assessment, and comment on its usefulness
|2.||Demonstrate familiarity with contemporary attack and defensive techniques, and analyse the main strengths and weaknesses of contemporary security technologies||
Be able to formulate and justify an appropriate defensive strategy.
|3.||Be able to configure and test a packet filtering firewall and associated defensive technology||
Under laboratory conditions, configure and test a packet filtering firewall and associated defensive technology to the required standard, evaluate the work done and reflect on the outcomes
|4.||Demonstrate understanding and knowledge of the context of contemporary of Internet-based attacks||
Investigate and research current Internet-based attacks, and analyse their contemporary context
|5.||Demonstrate an in-depth understanding of specific Internet related security techniques||
Discuss the details of Internet related security techniques and analyse their strengths and weaknesses.
Your achievement of the learning outcomes for this module will be tested as follows:
|Description||Two-part assessment - practical and interactive components||2-hour Examination|
There are no prerequisites for this module.
No restrictions apply.
An extensive Web-based reading list will be made available through the Web-based learning Environment consisting of documents such as:
Systems and Network Attack Center (2006) The 60 Minute Network Security Guide: (First Steps Towards a Secure Network Environment)
Version 2.1, National Security Agency, Ft Meade, Maryland.
Scarfone K. and Hoffman P. (2009) Guidelines on Firewalls and Firewall Policy, National Institute of Standards and Technology, US Department of Commerce.
Symantec Corporation (2010) Internet Security Threat Report, Symantec.[Available from:] http://www.symantec.com/business/theme.jsp?themeid=threatreport
Schneier, B. (1996), Applied Cryptography, 2nd Ed. Wiley & Sons,
|Host Subject Group:|
|User Name||Date Accessed||Action|