Active Outline

General Information

Course ID (CB01A and CB01B)
CIS D069E
Course Title (CB02)
IT Security: Defense Against the Digital Dark Arts
Course Credit Status
Credit - Degree Applicable
Effective Term
Fall 2022
Course Description
This course covers a wide variety of IT security concepts, tools, and best practices. It introduces threats and attacks and demonstrates the many ways they can reveal themselves. It further explores the functionality of encryption algorithms and how they're used to safeguard data, and it introduces the three As of information security: authentication, authorization, and accounting. The use of network security solutions, ranging from firewalls to Wi-Fi encryption options, is also covered. The course is rounded out by combining all these elements together into a multi-layered, in-depth security architecture, supplemented by practical recommendations on how to integrate a culture of security into an organization or team.
Faculty Requirements
Course Family
Not Applicable

Course Justification

This CTE, CSU transferable course is on the IT Support Specialist certificate and will provide a deeper understanding of IT security concepts, tools and best practices. This course shows detecting network threats, attacks and using security solution to combat risks.

Foothill Equivalency

Does the course have a Foothill equivalent?
No
Foothill Course ID

Course Philosophy

Course Philosophy
Course is designed to use experiential learning that support self-paced learning combined with instructional support. At choice of the instructor, a fictional organization can be used throughout the program for simulation.

Formerly Statement

Course Development Options

Basic Skill Status (CB08)
Course is not a basic skills course.
Grade Options
  • Letter Grade
  • Pass/No Pass
Repeat Limit
0

Transferability & Gen. Ed. Options

Transferability
Transferable to CSU only

Units and Hours

Summary

Minimum Credit Units
4.5
Maximum Credit Units
4.5

Weekly Student Hours

TypeIn ClassOut of Class
Lecture Hours4.08.0
Laboratory Hours1.50.0

Course Student Hours

Course Duration (Weeks)
12.0
Hours per unit divisor
36.0
Course In-Class (Contact) Hours
Lecture
48.0
Laboratory
18.0
Total
66.0
Course Out-of-Class Hours
Lecture
96.0
Laboratory
0.0
NA
0.0
Total
96.0

Prerequisite(s)

Corequisite(s)

Advisory(ies)

Limitation(s) on Enrollment

Entrance Skill(s)

General Course Statement(s)

Methods of Instruction

Lecture and visual aids

Discussion of assigned reading

Laboratory discussion sessions and quizzes that evaluate the proceedings weekly laboratory exercises

Collaborative learning and small group exercises

Quiz and examination review performed in class

Assignments

  1. Readings from the text
  2. Hands-on lab exercises
  3. Two to three exams to assess (comprehensive or multiple choice) competency in different modules

Methods of Evaluation

  1. One or two midterm examinations requiring students to apply topics covered in the lectures and reading. Responses are evaluated on implementation of stated constructs and correctness of responses
  2. Final examination requiring students to apply topics covered in the lectures and reading. Responses are evaluated on implementation of stated constructs and correctness of responses
  3. Evaluation of lab topics, based on correctness, documentation, quality, and explanations

Essential Student Materials/Essential College Facilities

Essential Student Materials: 
  • None
Essential College Facilities:
  • None.

Examples of Primary Texts and References

AuthorTitlePublisherDate/EditionISBN
Course Guide 5Google IT Support Professional Certificate.

Examples of Supporting Texts and References

None.

Learning Outcomes and Objectives

Course Objectives

  • Relate how various encryption algorithms and techniques work as well as their benefits and limitations.
  • Interpret various authentication systems and types.
  • Contrast the differences between authentication and authorization.
  • Evaluate potential risks and recommending ways to reduce risk.
  • Identify and apply best practices for securing a network.
  • Articulate how to help others to grasp security concepts and protect themselves.

CSLOs

  • Summarize how various encryption algorithms and techniques work and their benefits and limitations, various authentication systems and difference between authentication and authorization.

  • Evaluate potential risks and recommend ways to reduce risk, make recommendations on how best to secure a network and help others to understand security concepts and protect themselves.

Outline

  1. Relate how various encryption algorithms and techniques work as well as their benefits and limitations.
    1. Summarize the basics of security in an IT environment.
    2. Relate how to define and recognize security risks, vulnerabilities, and threats.
    3. Interpret the most common security attacks in an organization and understand how security revolves around the "CIA" principle.
    4. Examine the types of malicious software, network attacks, client-side attacks, and the essential security terms they will see in the workplace.
  2. Interpret various authentication systems and types.
    1. Define cryptology and outline different types of encryption practices and how they work.
    2. Journaling the most common algorithms used in cryptography and how they've evolved over time.
    3. Identify how symmetric encryption, asymmetric encryption, and hashing work.
    4. Outline how to choose the most appropriate cryptographic method for a scenario they may see in the workplace.
  3. Contrast the differences between authentication and authorization.
    1. Tabulate the "three A's" in cybersecurity: authentication, authorization, and accounting work within an organization.
    2. Contrast different methods and be able to choose the most appropriate method of authentication, authorization, and level of access granted for users in an organization.
  4. Evaluate potential risks and recommend ways to reduce risk.
    1. Define secure network architecture.
    2. Outline risks of wireless networks and how to mitigate them.
    3. Identify ways to monitor network traffic and read packet captures.
    4. Determine how VPNs, proxies, and reverse proxies work; why 802.1X is important for network protection; understand why WPA/WPA2 is better than WEP, and know how to use tcpdump to capture and analyze packets on a network.
  5. Identify and apply best practices for securing a network.
    1. Examine the depth of security defense mechanisms.
    2. Implement methods for system hardening, application hardening, and determine the policies for OS security.
    3. Rationalize why it's important to disable unnecessary components of a system, learn about host-based firewalls, set up anti-malware protection, implement disk encryption, and configure software patch management and application policies.
  6. Articulate how to help others to grasp security concepts and protect themselves.
    1. Adopt ways to create a company culture for security that meet the three goals of security.
    2. Develop a security plan for an organization to demonstrate the skills they’ve learned in this course.

Lab Topics

  1. Using the list of common compromises/attacks available in the glossary for this module, randomly assign each learner an attack. The learners then create a scenario that they will read aloud to the class that describes but does not explicitly state the attack. The class can work together to determine which attack type is being described.
  2. Use www.haveibeenpwned.com/passwords to show learners simple passwords that have been owned, like “123abc.” Another resource is www.howsecureismypassword.net which can help to illustrate how fast simple passwords can be cracked. Please ensure that the learners aren’t typing in their own passwords for good security practices!
  3. Create an encrypted message worksheet and give learners the key to figure out what it would be in plain text.
  4. Give learners a one-page “essay,” but have a form of a message hidden in it, like having the first letter of each line become a sentence.
  5. Ask learners to brainstorm a process in their own life where AAA occurred, then describe each aspect of the process and share it with others.

    ● Ex: Getting a driver's license or signing up for classes

    ● Bonus: Have learners identify an experience where AAA didn't happen, but should have.
  6. Ask learners to provide a non-IT scenario where risk mitigation would be useful, then create and discuss steps to mitigate that risk.

    ● Ex: Protecting a giant diamond (risk mitigations: guards, lasers, etc.), driving on a highway near a cliff (risk mitigations: a lower speed limit, safety rails, etc.)
  7. Learners can design and stage a play that demonstrates how kerberos works. The “cast” would include servers and tickets. If learners are broken into groups, other AAA services (like TACACS+) could also be demonstrated.
  8. Do a class demonstration of Wireshark/TCPDump.
  9. Use md5sum on a Linux machine to demonstrate how passwords are hashed. Demonstrate how adding a salt changes the hash. Relate this back to passwords in general.
  10. Prepare a worksheet of 5 -10 wireless network configs (e.g., Protocol: WPA SSID: nachowifi; passphrase: password1324) that can be ordered in terms of security (attempt to avoid ties). Learners should order the network setups from least to most secure. Class discussion could cover the factors against which the networks are evaluated and why one setup is more or less secure than another.
  11. Propose various attack scenarios and have learners describe at least three layers of detection, protection, and prevention for each. Ex.:

    ● Malware from a game: Network firewall, binary whitelisting, acceptable use policies

    ● Phishing: Spam filter, second-factor authentication, user education initiatives
  12. Ask learners to perform in-depth research of a large-scale malware attack or vulnerability disclosure, then present their findings in class. Sections could include background information, impact, and mitigation. Examples include heartbleed, Stuxnet, and cryptolocker ransoms.
  13. Using a fictional organization, ask learners to come up with a plan to harden an organization against attack. The plan should include measures at the network, systems, and applications level, as well as security policies that apply to users within the organization (e.g., password complexity, second factor).
  14. Pull up an example phishing email and discuss how learners can identify a phishing email.

    ● What are some visible clues?

    ● What are some technical characteristics of phishing email?
  15. Create a small organization with a set of security practices and rules and place some intentional bad rules in it.

    ● Have learners break out to identify the bad rules.

    ● Have learners name some additional rules that they would have in place for their fictional organization.
Back to Top