Revised 8/2023
ITN 262 - Network Communication, Security and Authentication (4 CR.)
Course Description
Covers an in-depth exploration of various communication protocols with a concentration on TCP/IP. Explores communication protocols from the point of view of the hacker in order to highlight protocol weaknesses. Includes Internet architecture, routing, addressing, topology, fragmentation and protocol analysis, and the use of various utilities to explore TCP/IP. Lecture 4 hours per week.
General Course Purpose
This course provides a “deep dive” into TCP/IP and other networking protocols and technologies. The student will learn how to use packet sniffing tools, such as Wireshark, to review network traffic to detect attack signatures and will be able to demonstrate, when provided with specific attack scenarios, an understanding of how to apply encryption and authentication technologies, such as IPSec and SSL, as countermeasures to such attacks. This course also includes content, as indicated below in parenthesis behind each learning objective, that directly maps to DHS/NSA’s Center of Academic Excellence – 2 Year (CAE2Y) criteria.
Course Prerequisites/Corequisites
Prerequisite: ITN 260
Course Objectives
Upon successful completion of this course, the student will have a working knowledge of:
- Network Security Policy.
- TCP/IP Protocol, Application Services and utilities.
- Network Authentication and Encryption.
- Wireless Security
Major Topics to Be Included
- Network Security Policy
- Security Design Principles
- TCP/IP Protocols
- Network Authentication
- Network Encryption
- Wireless Security
- Required Additional Topics
Student Learning Outcomes
Network Security Policy (SPM, SRA)
- Describe Authorization, Authentication, Confidentiality and Non-Repudiation.
- Define risk management and its role in creating the network security policy.
- Describe the risk management phases and the activities associated with each phase.
- Define the process of identifying attack surfaces/vectors and attack trees.
- Describe network security goals, philosophy and decisions related to creating a security policy.
- Define the difference between policies, standards, guidelines and procedures.
- Explain the elements of the security policy as it relates to users, maintenance personnel, contractors, clearances, position description and sensitivity.
- Describe administrative security control as it relates to such topics as attribution, passwords, copyrights and classification of media and its handling.
- Describe the Security Assessment and Authorization (SAA) and other compliance methods for ensuring that systems are compliant with security policies.
Security Design Principles (CSF, SPM, SRA)
- Understand the role of security design as an enforcer/implementation tool for desired security policies.
- Describe the Security System Development Life Cycle.
- Understand basic security design roles, including the role of separation (of domains) and isolation, simplicity of design, minimization of implementation, fail safe defaults vs. fail secure, modulatory, layering, principle of Least Astonishment, open design, and usability.
- Describe the system mode of operation (i.e. compartmented/partitioned, dedicated, multilevel, system-high) and the impact to security architecture and policy.
- Describe security models, including Bell La-Padula, Biba, Clark-Wilson, Non-Interference Model, Chinese Wall and others,
- Analyze common security failures and identify specific design principles that have been violated.
- When provided with a specific scenario, be able to identify the needed design principle to resolve the security problem.
- Be able to understand the importance of minimizing the effects of security mechanisms to enable usability and describe why good human machine interfaces are important to system use.
- Be able to examine the architecture of a typical complex system and identify significant vulnerabilities, risks, and points at which specific security technologies/methods should be employed.
TCP/IP Protocols (BNW)
- Describe the encapsulation process and its employment in the OSI model.
- Explain attacks against the data link layer, network and transport protocols.
- Explain the use of firewalls and other security devices in defending against attacks on network protocols.
- Explain the employment and operation of the Network Address Translation (NAT).
- Explain the employment and operation of TCP Wrappers.
- Explain the employment and operation of security protocols such as SSL, TLS, and IPSec.
Network Authentication (ANT, BNW, NDF)
- Recognize how authentication, authorization and identification techniques are used to protect the network.
- Describe the three major authentication principles (factors).
- Describe the most common attacks against passwords, smart cards (i.e., microprobing), and biometrics and the defense against those attacks, including multifactor authentication and HSPD-12
- Describe False Acceptance Rates (FARs), False Rejection Rates (FRRs), and Cross-Over Error Rates (CER) and the impact on FARs and FRRs when tuning biometric systems.
- Explain the employment of Kerberos and other authentication protocols, their operation, strengths and weaknesses.
Network Encryption (ACR, BCY, NDF)
- Explain the security functions of cryptography (confidentiality, integrity, and authentication).
- Define such terms as encryption, cryptography, cryptanalysis, encryption key, and encryption algorithm.
- Explain and identify common symmetric key cryptosystems, their strengths and weaknesses.
- Explain asymmetric key cryptosystems, their strength and weaknesses.
- Understand the function and operation of the /AES encryption algorithm and the evolution from DES to AES.
- Understand the function and operation of the Diffie-Hellman key exchange.
- Understand the function and operation of the RSA encryption algorithm.
- Explain the function and operation of digital signatures.
- Explain the function and operation of the Public Key Infrastructure (PKI), including the role of the CA and protection of the keying material and CA environment.
- Explain the function and operation of the common hashing algorithms(MD4, MD5, SHA-1, SHA-2, SHA-3) for protecting integrity, protecting authentication data, and their relative resistance to collisions.
- Explain the Digital Signature Standard (DSS).
- Explain the function and operation of common cryptographic protocols such as SSL and IPSec, and their use in Virtual Private Networks.
- Explain Key Management (creation, exchange/distribution issues, revocation, suspension, escrow).
- Explain the different types of cryptographic attacks, including brute force, chosen plaintext, known plaintext, differential and linear cryptanalysis, etc.)
- Wireless Security (WSN)
- Explain cellular-based wireless systems and Wireless Local Area networks.
- Describe current attacks on mobile phones and wireless systems.
- Describe the various components of the Wireless Local Area Network.
- Describe the different Wireless Local Area Network types.
- Describe the operation of CSMA/CA.
- Describe wireless topology.
- Describe WEP, WPA, and WPA2 and their advantages and vulnerabilities. Describe the various mobile and wireless threats and their mitigations.
Required Additional Topics
- Describe emanations security, including TEMPEST and the various elements and requirements of
TEMPEST security, including attenuation, banding, cabling, filtered power, grounding, shielding,
TEMPEST separation, and zone of control/zoning. - Social engineering techniques.
| KU Category | Course Content Mapping | KU Name | Description |
|---|---|---|---|
| Foundational CDE Knowledge Units | CSF | Cybersecurity Foundations | Provide students with a basic understanding of the fundamental concepts behind cybersecurity. This is a high level introduction or familiarization of the Topics, not a deep dive into specifics. |
| Core Technical CDE Knowledge Units | BCY | Basic Cryptography | Provide students with a basic ability to understand where and how cryptography is used. |
| BNW | Basic Networking | Provide students with basic understanding of how networks are built and operate, and to give students some experience with basic network analysis tools. Students are exposed to the concept of potential vulnerabilities in a network. | |
| NDF | Network Defense | Provide students with knowledge of the concepts used in defending a network, and the basic tools and techniques that can be taken to protect a network and communication assets from cyber threats | |
| Core Non-Technical CDE Knowledge | SPM | Security Program Management | provide students with the knowledge necessary to define and implement a security program for the protection of an organizations systems and data. |
| SRA | Security Risk Analysis | Provide students with sufficient understanding of risk assessment models, methodologies and processes such that they can perform a risk assessment of a particular systems and recommend mitigations to identified risks. | |
| Optional Knowledge Units | ACR | Advanced Cryptography | provide students with knowledge of cryptographic algorithms, protocols, and their uses in the protection of information in various states |
| ANT | Advanced Network Technology and Protocols | provide students with an understanding of advanced networking concepts, including the latest network technologies and more complex security issues involved in network communications. Examples may include (but are not limited to): software defined networking, converged voice/data networking | |
| WSN | Wireless Sensor Networks | provide students with a basic understanding of wireless sensor networks and the security issues associated with them. |
NOTE: the course content KU mapping represents the KU Domain topic as shown in the Center of Academic Excellence (CAE) KU mapping matrix (Excel file).
Required Time Allocation
In order to standardize the core topics of ITN 262 so that a course taught at one campus is equivalent to the same course taught at another campus, the following student contact hours per topic are required. Each syllabus should be created to adhere as closely as possible to these allocations. Of course, the topics cannot be followed sequentially. Many topics are taught best as an integrated whole, often revisiting the topic several times, each time at a higher level. There are normally 60 student-contact-hours per semester for a four credit course. (This includes 15 weeks of instruction and does not include the final exam week so 15* 4 = 60 hours. Sections of the course that are given in alternative formats from the standard 16 week section still meet for the same number of contact hours.) The final exam time is not included in the time table. The category, Other Optional Content, leaves ample time for an instructor to tailor the course to special needs or resources.
|
Topic |
Time in Hours |
Percentages |
| Network Security Policy | 8 | 13% |
| Security Design Principles | 8 | 13% |
| TCP/IP Protocols | 16 | 27% |
| Network Authentication | 6 | 10% |
| Network Encryption | 6 | 10% |
| Wireless Security | 3 | 5% |
| Required Additional Topics | 1 | 2% |
| Exams, Quizzes | 4 | 7% |
| Optional Topics | 8 | 13% |
| Total | 60 | 100% |