Module title: Network Security and Cryptography

SCQF level: 09:
SCQF credit value: 20.00
ECTS credit value: 10

Module code: CSN09612
Module leader: Naghmeh Moradpoor Sheykhkanloo
School School of Computing
Subject area group: Cyber Security and Networking
Prerequisites

Module Code CSN08702
Module Title Practical Networks
Examples of Equivalent Learning Level 8 equivalent networking-related.

2018/9, Trimester 3, Blended,
Occurrence: 001
Primary mode of delivery: Blended
Location of delivery: MYANMAR
Partner:
Member of staff responsible for delivering module: Naghmeh Moradpoor Sheykhkanloo
Module Organiser:


Learning, Teaching and Assessment (LTA) Approach:
The module will be introduced by an Edinburgh Napier lecturer who will deliver an initial 25 hours of lectures, practical work and tutorials the additional hours will be delivered by our partner Info Myanmar College (IMC). The module will run over 5 consecutive weeks with the later four weeks being delivered by IMC staff. Lectures are used to introduce underlying principles and the practical and tutorial work is used to broaden & develop deeper understanding of the subject area. This is mixed with student-centred work, such as research questions and online exercises, as well as group activities such as discussion groups, group presentation exercises, and peer review.

• The module will use an advanced virtualised infrastructure which virtualises hosts and devices, and allows network architectures to be created and explored [LO1 and LO2].
• An online learning environment supports learning, allowing students to track their performance and undertake class tests [LO1 and LO2].
• A coursework is undertaken which will involve the design, implementation, evaluation and critical analysis of a system to a given set of security requirements [LO3].



Formative Assessment:
Formative assessment takes place during the timetabled tutorial sessions where students are expected to present evidence of practical work. Feedback is provided to students on a one-to-one basis through discussion during tutorial sessions with the class tutor allowing individual strengths and weaknesses highlighted in timely fashion. The overall objective here is that any remedial study can be put in place at the earliest possible point in the delivery of the module.

Summative Assessment:
There will be two methods of assessment:

• Coursework [50%]. This relates to a coursework on the design, implementation, evaluation and critical analysis of a prototype of a security infrastructure system, based on a range of requirements [LO3].
• Class Tests [50%]: This involves two on-line tests which cover the key areas of network security and cryptography [LO1 and LO2].



Student Activity (Notional Equivalent Study Hours (NESH))
Mode of activityLearning & Teaching ActivityNESH (Study Hours)
Independent Learning Guided independent study 60
Face To Face Lecture 40
Face To Face Practical classes and workshops 60
Face To Face Tutorial 4
Independent Learning Guided independent study 36
Total Study Hours200
Expected Total Study Hours for Module200


Assessment
Type of Assessment Weighting % LOs covered Week due Length in Hours/Words
Class Test 25 1,2 4 HOURS= 2, WORDS= 0
Class Test 25 1,2 4 HOURS= 2, WORDS= 0
Project - Written 50 3 5 HOURS= 25, WORDS= 0
Component 1 subtotal: 100
Component 2 subtotal: 0
Module subtotal: 100
2019/0, Trimester 2, BLENDED,
Occurrence: 002
Primary mode of delivery: BLENDED
Location of delivery: MYANMAR
Partner:
Member of staff responsible for delivering module: Naghmeh Moradpoor Sheykhkanloo
Module Organiser:


Learning, Teaching and Assessment (LTA) Approach:
The module will be introduced by an Edinburgh Napier lecturer who will deliver an initial 25 hours of lectures, practical work and
tutorials the additional hours will be delivered by our partner Info Myanmar College (IMC). The module will run over 5
consecutive weeks with the later four weeks being delivered by IMC staff. Lectures are used to introduce underlying principles
and the practical and tutorial work is used to broaden & develop deeper understanding of the subject area. This is mixed with
student-centred work, such as research questions and online exercises, as well as group activities such as discussion groups,
group presentation exercises, and peer review.
• The module will use an advanced virtualised infrastructure which virtualises hosts and devices, and allows network
architectures to be created and explored [LO1 and LO2].
• An online learning environment supports learning, allowing students to track their performance and undertake class tests [LO1
and LO2].
• A coursework is undertaken which will involve the design, implementation, evaluation and critical analysis of a system to a
given set of security requirements [LO3].


Formative Assessment:
Formative assessment takes place during the timetabled tutorial sessions where students are expected to present evidence of
practical work. Feedback is provided to students on a one-to-one basis through discussion during tutorial sessions with the
class tutor allowing individual strengths and weaknesses highlighted in timely fashion. The overall objective here is that any
remedial study can be put in place at the earliest possible point in the delivery of the module.


Summative Assessment:
There will be two methods of assessment:
• Coursework [50%]. This relates to a coursework on the design, implementation, evaluation and critical analysis of a prototype
of a security infrastructure system, based on a range of requirements [LO3].
• Class Tests [50%]: This involves two on-line tests which cover the key areas of network security and cryptography [LO1 and
LO2].

Student Activity (Notional Equivalent Study Hours (NESH))
Mode of activityLearning & Teaching ActivityNESH (Study Hours)
Face To Face Lecture 40
Face To Face Practical classes and workshops 60
Face To Face Tutorial 4
Independent Learning Guided independent study 36
Independent Learning Guided independent study 60
Total Study Hours200
Expected Total Study Hours for Module200


Assessment
Type of Assessment Weighting % LOs covered Week due Length in Hours/Words
Class Test 25 1,2 4 HOURS= 2, WORDS= 0
Class Test 25 1,2 4 HOURS= 2, WORDS= 0
Project - Written 50 3 5 HOURS= 25, WORDS= 0
Component 1 subtotal: 100
Component 2 subtotal: 0
Module subtotal: 100

Description of module content:

The aim of the module is to develop a deep understanding of network security and cryptography, that will allow graduates to act professionally in the design, analysis, implementation, and reporting related to network security. An outline of the main areas includes: information security controls, Information Policy, Identity, Data exposure mitigation, Risk Management; Network Architectures and Network Device Configuration. Robust, scalable and secure architectures; Firewalls/IDS/IPS/Log/DMZ Configuration; Hosts, servers and services.

Configuration of the range of hosts, services and servers used in network architectures, including covering related test/debug tools; Intrusion Detection Systems. Techniques, Snort, IDS Rules, Distributed/Agent-based, Signature/Anomaly detection, and IDS signature generation; Introduction to Network Protocols/Forensics; Secret Codes. Encoding, Substitution codes, key-based codes, secret sharing, and a wide range of methods; Encryption. Prime Numbers, Weaknesses, Public/private key, CBC/ECB. Coverage of methods: RSA, AES, and so on; Key exchange methods. Diffie-Hellman, El-Gamal, Kerberos, and so on; Hashing methods. Including MD5, SHA-1, and so on. Adding Salt. Collisions, One-time passwords; Authentication methods. Authentication methods, Digital Certificates; Data Integrity. Checksums, Message Authentication Codes (MACs), CRC-32, and other associated methods; Code cracking methods. Brute force, rainbow methods, parallel processing, Man-in-the-middle, known weaknesses.

Learning Outcomes for module:

Upon completion of this module you will be able to

LO1: Develop an advanced knowledge of key security/cryptography principles and methods.
LO2: Understand the key academic principles and practical skills required to build security architectures.
LO3: Develop, implement, evaluate and appraise a system to a given set of security requirements.

Indicative References and Reading List - URL:
Contact your module leader