CS 225 SyllabusComputer and Network SecurityFall 2010CIS DepartmentSaint Vincent CollegeGeneral Information
DescriptionThis course examines both the theory and practice of computer and network security. Topics include cryptography, the Internet, viruses, crackers, sniffers, backdoors, network attacks (such as drive-by downloads), trojan horses, intrusion detection, and firewalls. Examples of attacks and how to protect against them will be drawn from both the Windows and Unix/Linux worlds. Hands on lab exercises are included. Why Take This Course?This course is an elective for most CIS majors (but required for those in the computer security concentration) and a possible course for CIS minors and others interested in this timely topic. In a time when attacks are increasing, both in number and in sophistication, the study of computer security is of considerable importance. Computer security professionals are also in demand, both by the government and industry, as there are too few such professionals to go around. The course aims to demystify common attack techniques and to provide knowledge about appropriate defenses. The PrerequisiteAlthough no programming is likely to be done in this course, some programming ability is helpful in understanding how some of the attacks and defenses work. The TextBe sure to get the second edition, not the original Counter Hack book as there have been considerable revisions in several sections. The text starts with an introduction to topics needed to understand the rest of the book: the essentials of networking, Windows, and Unix. The book is not an encyclopedia of hundreds of attacks. Rather, it concentrates on typical ones and proceeds in a logical manner, following the order that many attackers use: reconnaissance, scanning, various types of attacks, maintaining access, and covering up. This is a very readable book and presents its topics quite clearly. Core GoalsThis course contributes especially toward the following core curriculum goals, listed in order of emphasis:
CIS Department GoalsThis course contributes to the following departmental goals, listed in order of emphasis. Although this course does not involve software engineering skills, it does heavily involve the other skills listed in the first point below.
Course Goals and Means of Assessment
EthicsIn taking this course, the student agrees to use the tools appropriately. In particular, the student promises to only use attack tools against the systems explicitly labeled as targets in the course labs. No attacks of any type are to be launched against other systems or networks, unless clear permission has been obtained from the administrators of those systems and networks. Many of these tools can be dangerous or cause alarm if used inappropriately. In this course, all activity that is worrisome will be conducted on a test LAN that is isolated from all other networks. Students who want to test their own computers for security flaws should exercise similar caution. Students who fail to follow this promise risk disciplinary action by the college, law enforcement, etc. Any apparent breaches of this ethics promise will be reported to the administration for appropriate action. See the CIS Department Policies page for general guidelines on computer ethics. Grading and Course Policies
Letter grades will be assigned according to the scheme found in the current College Bulletin. Exams will be announced in advance and will be closed-book in nature. Quizzes could be given at any time. Calculators may be used on the exams and quizzes. Cell phones and pagers should be turned off and put away during exams. On a test, students may only use the test itself, calculators, pens, pencils, and erasers. Calculators may not be passed between students. No laptops or other computers may be used on an exam or quiz.
Tests and quizzes will ask critical thinking questions that often require a paragraph of analysis, explanation, and conclusions. A few multiple choice, true/false, and other short answer questions are also included. Labs involve a lot of hands-on activity to try out a certain security situation, investigate what occurs, gather data, etc. Besides reporting the raw data, students will usually be required to write several paragraphs of explanation and conclusions based on that data. There will be several such labs. Both the instructor and students are expected to do their best to produce a good class and to treat each other with respect. This includes many factors, such as listening when someone else is speaking, trying to understand what others are saying, being of assistance to others, etc. It definitely does NOT include making fun of others. On a practical level, do your best to improve your grade: read the text, attend class, do the homework and labs, ask questions, and try to answer questions in class! CS courses requires active participation and repeated practice. If you begin to feel lost, see the instructor or work through the difficulties with the help of another student in the course. Do not let yourself get behind. Note in particular that attendance is expected. Student performance is bound to deteriorate when classes are missed. In order to emphasize the importance of attendance, the policies outlined right after this paragraph will be used.
Intellectual honesty is important at Saint Vincent College. Attempts to pass off the work of another as one's own, or group work as one's individual work, will result in action appropriate to the seriousness of the situation. All cases of apparent intellectual dishonesty are referred to the college administration. In this course, students are expected especially to do entirely their own work on the exams and quizzes. Homework and labs can be done together unless explicitly stated otherwise. In fact, the labs are typically done in small groups, though one group should not be using the results created by another group. Some students learn better when working mostly alone. Others do better when working together. However, never simply copy someone else's work as that does little to help you to learn the material. Remember that you are responsible for knowing how to solve the homework problems and that you will have to face the test questions on your own. Be sure to read and follow the CIS Department Policies, available under the main CIS Department Web Page. This statement covers especially the proper use of departmental computing facilities, policies concerning web pages, etc.) In addition, read the Regulations section of the College Bulletin (which covers such things as grading, academic honesty, etc.) and the Student Handbook (which covers academic honesty, classroom etiquette, etc.). Students with disabilities who may be eligible for academic accommodations and support services should please contact the Associate Dean of Studies, Mrs. Sandy Quinlivan, by phone (724-805-2371), email (sandy.quinlivan@email.stvincent.edu) or by appointment (Academic Affairs-Headmaster Hall). Reasonable accommodations do not alter the essential elements of any course, program or activity. If the instructor needs to cancel class, every effort will be made to send an email message to students' Saint Vincent email accounts and to post the class cancellation on the college website as well as the course webpage. |