I. General Information
1. Course Title:
Security Essentials
2. Course Prefix & Number:
COMP 2111
3. Course Credits and Contact Hours:
Credits: 4
Lecture Hours: 4
Lab Hours: 0
4. Course Description:
This course is designed to provide students with a broad-based knowledge of network security and assist them in preparing for a career in information technology or for further study in specialized security fields. Subjects covered will include, but not be limited to, the following: authentication, security attacks, malicious code, remote access, e-mail, web security, direct and file transfer services, hacking and anti-hacking utilities, wireless and instant messaging devices, media, network security topologies, intrusion detection, security baselines, cryptography, physical security, disaster recover, and computer forensics. Career Preparation: The studies in this course will help students prepare for careers such as Security Administrator, Network Administrator, Network Engineer, Systems Analyst, and Systems Engineer.
5. Placement Tests Required:
6. Prerequisite Courses:
COMP 2111 - Security Essentials
A total of 1 Course(s) from...
Course Code | Course Title | Credits |
COMP 1230 | Network Essentials | 4 cr. |
COMP 1123 | Introduction to Networks (CCNA-I) | 3 cr. |
8. Prerequisite (Entry) Skills:
Efficiency with a current Microsoft operating system at an administrative level. Efficiency with networking fundamentals.
9. Co-requisite Courses:
COMP 2111 - Security Essentials
There are no corequisites for this course.
II. Transfer and Articulation
1. Course Equivalency - similar course from other regional institutions:
Alexandria Technical College, CVNP 3511 Information Assurance I Security+, 4 credits
Mn State CC and Tech College, CSEC 1110 Fundamentals of IT Security, 3 credits
Mn State CC and Tech College, CSEC 2210 Security Breaches & Countermeasures, 3 credits
3. Prior Learning - the following prior learning methods are acceptable for this course:
- Written
- Oral
- Demonstration
- Portfolio
III. Course Purpose
1. Program-Applicable Courses – This course is required for the following program(s):
Computer Information Technology, AAS Degree
Computer Network Adminisration, AAS Degree
IV. Learning Outcomes
1. College-Wide Outcomes
College-Wide Outcomes/Competencies |
Students will be able to: |
Analyze and follow a sequence of operations |
Explain how to enhance security through network design and properly set-up share and ntfs permissions. |
Utilize appropriate technology |
Use current industry software applications to complete system security assignments. |
2. Course Specific Outcomes - Students will be able to achieve the following measurable goals upon completion of
the course:
- Define information security and explain why it is important;
- Identify the types of attackers that are common today;
- Define virtualization and explain how attackers are targeting virtual systems;
- Define SQL injection and explain how to protect against it;
- Explain the types of network vulnerabilities;
- List the different types of network security devices and explain how they can be used;
- Describe the WPA and WPA2 personal security models;
- List and describe/use vulnerability scanning tools;
- List and describe/use different monitoring tools;
- Define/use cryptography;
- Describe the components of Public Key Infrastructure (PKI); and
- List the types of security policies.
V. Topical Outline
Listed below are major areas of content typically covered in this course.
1. Lecture Sessions
- Introduction to security
- Describe the challenges of securing information
- Define information security and explain why it is important
- Identify the types of attackers that are common today
- List the basic steps of an attack
- Describe the five steps in a defense
- Explain the different types of information security careers and how the Security+ certification can enhance a security career
- System threats and risks
- Describe the different types of software-based attacks
- List types of hardware attacks
- Define virtualization and explain how attackers are targeting virtual systems
- Protecting systems
- Explain how to harden operating systems
- List ways to prevent attacks through a Web browser
- Define SQL injection and explain how to protect against it
- Explain how to protect systems from communications-based attacks
- Describe various software security applications
- Network vulnerabilities and attacks
- Explain the types of network vulnerabilities
- List categories of network attacks
- Define different methods of network attacks
- Network defenses
- Explain how to enhance security through network design
- Define network address translation and network access control
- List the different types of network security devices and explain how they can be used
- IP addressing subnetting in detail - able to subnet a network
- Wireless network security
- Describe the basic IEEE 802.11 wireless security protections
- IEEE 802.11a
- IEEE 802.11b
- IEEE 802.11g
- IEEE 802.11n
- Define the vulnerabilities of open system authentication, WEP, and device authentication
- Describe the WPA and WPA2 personal security models
- Explain how enterprises can implement wireless security
- Access control fundamentals
- Define access control and list the four access control models
- Describe logical access control methods
- Explain the different types of physical access control
- Authentication
- Define authentication
- Describe the different types of authentication credentials
- List and explain the authentication models
- Define authentication servers
- Describe the different extended authentication protocols
- Explain how a virtual private network functions
- Performing vulnerability assessments
- Define risk and risk management
- Describe the components of risk management
- List and describe vulnerability scanning tools
- Define penetration testing
- Conducting security audits
- Define privilege audits
- Describe how usage audits can protect security
- List the methodologies used for monitoring to detect security-related anomalies
- Describe the different monitoring tools
- Basic cryptography
- Define cryptography
- Describe hashing
- List the basic symmetric cryptographic algorithms
- Describe how asymmetric cryptography works
- List types of file and file system cryptography
- Explain how whole disk encryption works
- Applying cryptography
- Define digital certificates
- List the various types of digital certificates and how they are used
- Describe the components of Public Key Infrastructure (PKI)
- List the tasks associated with key management
- Describe the different cryptographic transport protocols
- Business continuity
- Define environmental controls
- Describe the components of redundancy planning
- List disaster recovery procedures
- Describe incident response procedures
- Security policies and training
- Define organizational security policy
- List the types of security policies
- Describe how education and training can limit the impact of social engineering