FEKT-ZIC2Acad. year: 2017/2018
The course covers the topics connected to computer network security. The topics include: architecture description and administration of modern network devices, overview of security and performance testing principles, overview of today’s malware and its mitigation methods it and the overview of attacks based on social engineering.
Learning outcomes of the course unit
Students will learn the fundamental theoretical knowledge and get practical skills from network security. Students will learn the essential rules for securing networks on each layer of the TCP/IP model. Students will be able to practically implement the security settings and verify them using the methods of penetration testing. Students will learn the non-technical aspects of security, mainly social engineering methods.
After course completion, the students will be able to:
• Explain and practically implement the security mechanisms on the network, transport and application layers.
• Explain and practically implement the security mechanisms for wireless networks.
• Use the basic techniques of penetration testing for information gathering, vulnerability detection and exploitation.
• Choose and use suitable tools for infrastructure security testing.
• Choose and use suitable tools for infrastructure performance testing.
• Classify the types of malware and use methods for their destruction.
• Set rules and policies for the limitation of the human factor-based attacks.
The course requires the basic knowledge of operating systems and principles of TCP/IP networks. CCNA courses are recommended.
Recommended optional programme components
Recommended or required reading
DAVIS, Michael. Hacking exposed malware: malware. New York: McGraw-Hill, c2010, xxi, 377 s. ISBN 978-0-07-159118-8.
DEFINO, Steven a Larry GREENBLATT. Official certified ethical hacker review guide: for version 7.1. Boston: Course Technology, 2012, xxi, 329 s. ISBN 978-1-133-28291-4.
BOYLES, Tim a Larry GREENBLATT. CCNA security: study guide. Hoboken: Wiley Publishing, 2010, xv, 516 s. ISBN 978-0-470-52767-2.
STALLINGS, William. Cryptography and network security: principles and practice. Seventh edition. xix, 731 pages. ISBN 01-333-5469-5.
PROSISE, Chris. Počítačový útok: Detekce, obrana a okamžitá náprava. Vyd. 1. Praha: Computer Press, 2002, xxii, 410 s. ISBN 80-722-6682-9.
Planned learning activities and teaching methods
Methods of educations are described in the article 7 of the BUT’s Study and Examination Regulation. Teaching methods include lectures, laboratories and student projects. Course is taking advantage of e-learning (Moodle) system.
Assesment methods and criteria linked to learning outcomes
The maximum of 25 points is given upon completion of the laboratory assignments. The completion of an individual project adds upto 25 points. The requirements on the completion of the tasks in laboratories and projects are described in the annual supervisor’s notice. The maximum of 50 points can be gained during the final exam.
Language of instruction
1. Network security introduction
2. Secure configuration of switches and routers
3. Secure configuration of wireless networks
4. Firewall s and application filters
5. IDS and IPS systems
6. Network infrastructure vulnerability testing
7. Penetration testing – gathering of information
8. Penetration testing – scanning, identification
9. Penetration testing – vulnerability detection
10. Penetration testing – vulnerability exploitation
11. Network infrastructure performance testing
13. Non-technical attacks
The goals of the course is to extend the knowledge gained during the ICT Security 1 course by knowledge of secure configuration of network devices and secure configuration testing. Students will learn how to practically configure network devices on the network, transport and application TCP/IP layer in a secure way. In addition, students will learn the methods of security evaluation based on ethical hacking.
Specification of controlled education, way of implementation and compensation for absences
The conditions for the successful course completion are stated in the yearly updated supervisor’s notice.
eLearning: currently opened course