I. General Information
1. Course Title:
Security Essentials
2. Course Prefix & Number:
COMP 2111
3. Course Credits and Contact Hours:
Credits: 4
Lecture Hours: 4
Lab Hours: 0
4. Course Description:
This course addresses the objectives of CompTIA's Security+ Certification and will help prepare students to pass the Security+ Certification Exam. This course is designed to provide students with a broad-based knowledge of network security and assist them in preparing for a career in information technology or for further study in specialized security fields. Subjects covered will include, but not be limited to, the following: authentication, security attacks, malicious code, remote access, e-mail, web security, direct and file transfer services, hacking and anti-hacking utilities, wireless and instant messaging devices, media, network security topologies, intrusion detection, security baselines, cryptography, physical security, disaster recover, and computer forensics. Career Preparation: The studies in this course will help students prepare for careers such as Security Administrator, Network Administrator, Network Engineer, Systems Analyst, and Systems Engineer. Certification Preparation: Optional. CompTIA Security+ SYO – 201.
5. Placement Tests Required:
6. Prerequisite Courses:
COMP 2111 - Security Essentials
All Course(s) from the following...
Course Code | Course Title | Credits |
COMP 1230 | Network Essentials | 4 cr. |
COMP 1253 | Client Operating System Administration | 4 cr. |
8. Prerequisite (Entry) Skills:
Efficiency with a current Microsoft operating system such as Windows XP, Windows Vista, or Windows 7 at an administrative level. Efficiency with networking fundamentals.
9. Co-requisite Courses:
COMP 2111 - Security Essentials
There are no corequisites for this course.
II. Transfer and Articulation
1. Course Equivalency - similar course from other regional institutions:
Alexandria Technical College, CVNP3511 Information Assurance I Security+, 4 credits
Mn State CC and Tech College, CSEC1110 Fundamentals of IT Security, 3 credits
Mn State CC and Tech College, CSEC2210 Security Breaches & Countermeasures, 3 credits
3. Prior Learning - the following prior learning methods are acceptable for this course:
- Written
- Oral
- Demonstration
- Portfolio
III. Course Purpose
1. Program-Applicable Courses – This course is required for the following program(s):
Computer Information Technology, AAS Degree
Computer Network Adminisration, AAS Degree
IV. Learning Outcomes
1. College-Wide Outcomes
College-Wide Outcomes/Competencies |
Students will be able to: |
Utilize appropriate technology |
Use current industry software applications to complete system security assignments. Completed projects are reviewed for accuracy and technical proficiency. |
2. Course Specific Outcomes - Students will be able to achieve the following measurable goals upon completion of
the course:
- Define information security and explain why it is important.
- Identify the types of attackers that are common today.
- Define virtualization and explain how attackers are targeting virtual systems.
- Define SQL injection and explain how to protect against it.
- Explain the types of network vulnerabilities.
- List the different types of network security devices and explain how they can be used.
- Describe the WPA and WPA2 personal security models.
- List and describe/use vulnerability scanning tools.
- List and describe/use different monitoring tools.
- Define/use cryptography.
- Describe the components of Public Key Infrastructure (PKI).
- List the types of security policies.
V. Topical Outline
Listed below are major areas of content typically covered in this course.
1. Lecture Sessions
- Introduction to Security
- Describe the challenges of securing information
- Define information security and explain why it is important
- Identify the types of attackers that are common today
- List the basic steps of an attack
- Describe the five steps in a defense
- Explain the different types of information security careers and how the Security+ certification can enhance a security career
- System Threats and Risks
- Describe the different types of software-based attacks
- List types of hardware attacks
- Define virtualization and explain how attackers are targeting virtual systems
- Protecting Systems
- Explain how to harden operating systems
- List ways to prevent attacks through a Web browser
- Define SQL injection and explain how to protect against it
- Explain how to protect systems from communications-based attacks
- Describe various software security applications
- Network Vulnerabilities and Attacks
- Explain the types of network vulnerabilities
- List categories of network attacks
- Define different methods of network attacks
- Network Defenses
- Explain how to enhance security through network design
- Define network address translation and network access control
- List the different types of network security devices and explain how they can be used
- IP Addressing Subnetting in detail - able to subnet a network
- Wireless Network Security
- Describe the basic IEEE 802.11 wireless security protections
- IEEE 802.11a
- IEEE 802.11b
- IEEE 802.11g
- IEEE 802.11n
- Define the vulnerabilities of open system authentication, WEP, and device authentication
- Describe the WPA and WPA2 personal security models
- Explain how enterprises can implement wireless security
- Access Control Fundamentals
- Define access control and list the four access control models
- Describe logical access control methods
- Explain the different types of physical access control
- Authentication
- Define authentication
- Describe the different types of authentication credentials
- List and explain the authentication models
- Define authentication servers
- Describe the different extended authentication protocols
- Explain how a virtual private network functions
- Performing Vulnerability Assessments
- Define risk and risk management
- Describe the components of risk management
- List and describe vulnerability scanning tools
- Define penetration testing
- Conducting Security Audits
- Define privilege audits
- Describe how usage audits can protect security
- List the methodologies used for monitoring to detect security-related anomalies
- Describe the different monitoring tools
- Basic Cryptography
- Define cryptography
- Describe hashing
- List the basic symmetric cryptographic algorithms
- Describe how asymmetric cryptography works
- List types of file and file system cryptography
- Explain how whole disk encryption works
- Applying Cryptography
- Define digital certificates
- List the various types of digital certificates and how they are used
- Describe the components of Public Key Infrastructure (PKI)
- List the tasks associated with key management
- Describe the different cryptographic transport protocols
- Business Continuity
- Define environmental controls
- Describe the components of redundancy planning
- List disaster recovery procedures
- Describe incident response procedures
- Security Policies and Training
- Define organizational security policy
- List the types of security policies
- Describe how education and training can limit the impact of social engineering