Module title: Network Security

SCQF level: 11:
SCQF credit value: 20.00
ECTS credit value: 10

Module code: CSN11111
Module leader: Robert Ludwiniak
School School of Computing
Subject area group: Computer Systems
Prerequisites

N/A

2018/9, Trimester 1, Face-to-Face, Edinburgh Napier University
Occurrence: 001
Primary mode of delivery: Face-to-Face
Location of delivery: MERCHISTON
Partner: Edinburgh Napier University
Member of staff responsible for delivering module: Robert Ludwiniak
Module Organiser:


Learning, Teaching and Assessment (LTA) Approach:
Learning & Teaching methods including their alignment to LOs

• Students will review a number of difference implementations for firewalls and VPNs, and develop advanced knowledge in these (L1), which will be re-enforced with practical implementations of key principles (L2).
• Where possible, virtual environments will be used to create real-life integrated environments in which students can learn to integrate security in a safe and controlled manner (L2).
• The coursework will involve the design, implementation, evaluation and critical analysis of a system to a given set of network security requirements (L3).

Assessment (formative or summative)

There will be two methods of assessment:

• Coursework (50%). This relates to a coursework on the design, implement and outline evaluation of a prototype of a secure system, based on a range of requirements (LOs 2&3).
• Short Answer Questions (50%): This involves two tests which relate to the key focus elements of the module: Network Security and Cisco CCNA Material. The results of the tests will be normalised and graded, and fed-back to students to indicate their performance (LOs 1&2).


Formative Assessment:
The University is currently undertaking work to improve the quality of information provided on methods of assessment and feedback. Please refer to the section on Learning and Teaching Approaches above for further information about this module’s learning, teaching and assessment practices, including formative and summative approaches.

Summative Assessment:
The University is currently undertaking work to improve the quality of information provided on methods of assessment and feedback. Please refer to the section on Learning and Teaching Approaches above for further information about this module’s learning, teaching and assessment practices, including formative and summative approaches.

Student Activity (Notional Equivalent Study Hours (NESH))
Mode of activityLearning & Teaching ActivityNESH (Study Hours)
Face To Face Lecture 24
Face To Face Practical classes and workshops 24
Independent Learning Guided independent study 152
Total Study Hours200
Expected Total Study Hours for Module200


Assessment
Type of Assessment Weighting % LOs covered Week due Length in Hours/Words
Digital Examination (not Centrally Timetabled) 25 1,2 7 HOURS= 2, WORDS= 0
Digital Examination (not Centrally Timetabled) 25 1,2 13 HOURS= 2, WORDS= 0
Project - Practical 50 2,3 15 HOURS= 16, WORDS= 0
Component 1 subtotal: 100
Component 2 subtotal: 0
Module subtotal: 100

Description of module content:

The aim of the module is to develop a deep understanding of advanced areas related to security and digital forensics that will allow graduates to act professionally in the design, analysis, implementation, and reporting of network security strategies. An outline of the main areas includes:

• Introduction. Networking Concepts; Network Security Concepts; Network Threats and Attacks; Network Defense - Perimeter, Defence in Depth

• Firewalls. Concepts; Types - Host, Network; Technologies - Static packet filtering; Stateful packet filtering; Multilayer firewall; Architectures; Polices; and Implementation and Deployment.

• Intrusion Detection and Prevention Systems (IDPS). Concepts; Types; Alert Monitoring and Sensor Tuning; behavioural analysis, in-line/out-of-line.

• Access Control and Authentication. Concepts: Trust and Identity; Attacks; Models - Access Control Models; Network Device Access Control; AAA, Layer 2; Device Hardening.

• Remote Access and VPNs. Concepts; Cryptography; Types - L2, L3 and L4/5; Technologies; IPSec and SSL.

• Wireless Security. Wireless Overview; Attacks; Encryption; Authentication.

• CCNA Certification - Concepts. CIA; Attacks on CIA; Data Classification; Law and Ethics; Network policies; Risk Management and Secure Network Design; Security in the SDLC; Cisco self-defending network; Secure Administration.

• CCNA Certification - Secure Infrastructure and Extending Security. Cisco Layer 2 Security; Cisco IOS Firewalls. Cisco IOS IPS; Cisco VPN and Cryptographic Solutions; Digital Signatures and PKI.

Learning Outcomes for module:

Upon completion of this module you will be able to

LO1: Develop an advanced knowledge, and critically evaluate, key network security principles and methods.

LO2: Develop analytical skills related to the academic principles and practical skills required to implement and support a complex network infrastructures, with regards to security.

LO3: Research, Design, implement, evaluate and critically analyse a system to a given set of network security requirements.

Indicative References and Reading List - URL:

Core - M WATKINS AND K WALLACE (2008) CCNA SECURITY - OFFICIAL CERTIFICATION GUIDE: CISCO PRESS, 1st ed. - ISBN: 9781587202
Core - WHITMAN AND MATTORD, THOMPSON (2009) PRINCIPLES OF INFORMATION SECURITY, 3rd ed.
Core - W STALLINGS (2006) CRYPTOGRAPHY AND NETWORK SECURITY - PRINCIPLES AND PRACTICE: PRENTICE HALL, 4th ed.
Core - N FERGUSON AND B SCHNEIER (2003) PRACTICAL CRYPTOGRAPHY: JOHN WILEY & SONS, 1st ed. - ISBN: 0471223573
Core - WILLIAM R. CHESWICK, STEVEN M. BELLOVIN (2003) FIREWALLS AND INTERNET SECURITY: ADDISON WESLEY, 2nd ed. - ISBN: 978020163466
Click here to view the LibrarySearch.