Implementing Internet Implementing Internet Security and FirewallsSecurity and Firewalls

CISS 330 OrientationCISS 330 Orientation

Instructor: Buddy SpisakInstructor: Buddy Spisak• Office Hours:Office Hours:

– Mondays 6:30-7:40 p.m. in BS-143 (Aug. 23 to Dec. 20, 2010)Mondays 6:30-7:40 p.m. in BS-143 (Aug. 23 to Dec. 20, 2010)– I am also available through Email or you can chat with me using I am also available through Email or you can chat with me using

Microsoft’s Windows Messenger (when I am available).Microsoft’s Windows Messenger (when I am available).

• Phone:Phone: (916) 568-3100 x14162 or (800) 486-8162 x14162 (916) 568-3100 x14162 or (800) 486-8162 x14162

• Email:Email: spisakj@crc.losrios.edu (put “CISS330” in the subject line). spisakj@crc.losrios.edu (put “CISS330” in the subject line). The turn around time for most Email is about one to two days. Be The turn around time for most Email is about one to two days. Be sure to include your name in each Email so that I can identify who sure to include your name in each Email so that I can identify who you are and what the Email is about.you are and what the Email is about.

• Course Web page:Course Web page: https://d2l.losrios.edu/https://d2l.losrios.edu/

• Instructor Web page:Instructor Web page: http://crc.losrios.edu/~spisakj/ http://crc.losrios.edu/~spisakj/

• Microsoft Messenger:Microsoft Messenger: You can also add me to you contact list for You can also add me to you contact list for Windows Messenger. You can use my Email address to find me.Windows Messenger. You can use my Email address to find me.

Course DetailsCourse Details

• Class Credits: 3 unitsClass Credits: 3 units

• Prerequisite: CISS 310Prerequisite: CISS 310

• Lecture: OnlineLecture: Online

• Lab Hours:Lab Hours:– Wednesday 6:00 to 8:05 p.m.Wednesday 6:00 to 8:05 p.m.

• Accepted for Credit: CSUAccepted for Credit: CSU

Required Textbook:Required Textbook:

Guide to Firewall and Network Security: with Intrusion Guide to Firewall and Network Security: with Intrusion Dectection and VPNs, 2ed.Dectection and VPNs, 2ed.

Authors:  Michael E. Whitman, Herbert J. Mattord, Richard D. Austin, Authors:  Michael E. Whitman, Herbert J. Mattord, Richard D. Austin, and Greg Holdenand Greg Holden

Publisher:  Course TechnologyPublisher:  Course TechnologyISBN10:  1-4354-2016-0 ISBN10:  1-4354-2016-0 ISBN13: 978-1-4354-2016-8 ISBN13: 978-1-4354-2016-8

Optional Materials:Optional Materials:

• 3-1/2” floppies or a flash drive to store your work 3-1/2” floppies or a flash drive to store your work for the class.for the class.

Course Description:Course Description:

• With the increased connectivity to the Internet With the increased connectivity to the Internet and the wide availability of automated cracking and the wide availability of automated cracking tools, organizations can no longer simply rely on tools, organizations can no longer simply rely on operating system security to protect their operating system security to protect their valuable corporate data.  The firewall has valuable corporate data.  The firewall has emerged as a primary tool used to prevent emerged as a primary tool used to prevent unauthorized access.  Students will learn how to unauthorized access.  Students will learn how to access key services while maintaining their access key services while maintaining their organization's security as well as how to organization's security as well as how to implement firewall-to-firewall Virtual Private implement firewall-to-firewall Virtual Private Networks (VPNs). Networks (VPNs).

Student Learning Outcomes Student Learning Outcomes and Course Objectives:and Course Objectives:As a result of completing this course, you will be able to:As a result of completing this course, you will be able to:• Explain the relationship among the different aspects of Explain the relationship among the different aspects of

information security, especially network security. information security, especially network security. • Describe the basic elements of computer-based data Describe the basic elements of computer-based data

communication.communication.

• Define management’s role in the development, Define management’s role in the development, maintenance, and enforcement of information security maintenance, and enforcement of information security policy, standards, practices, procedures, and guidelines.policy, standards, practices, procedures, and guidelines.

• Discuss common system and network vulnerabilities.Discuss common system and network vulnerabilities.• Identify the limitations of firewalls.Identify the limitations of firewalls.• Describe packets and packet filtering.Describe packets and packet filtering.

Student Learning Outcomes Student Learning Outcomes and Course Objectives and Course Objectives (continued):(continued):• Work with proxy servers and Work with proxy servers and

application-level firewalls.application-level firewalls.

• Identify and implement different Identify and implement different firewall configuration strategies.firewall configuration strategies.

• Describe the role encryption plays in a Describe the role encryption plays in a firewall architecture.firewall architecture.

• Describe user, client, and session Describe user, client, and session authentication.authentication.

Student Learning Outcomes Student Learning Outcomes and Course Objectives and Course Objectives (continued):(continued):• Recommend best practices for Recommend best practices for

effective configuration and effective configuration and maintenance of virtual private maintenance of virtual private networks.networks.

Student Obligations:Student Obligations:

• It is important that you understand what is It is important that you understand what is expected of you in this course.expected of you in this course.

• Refer to the Syllabus if you have any Refer to the Syllabus if you have any questions.questions.

Attendance:Attendance:

• Since this course is an online-hybrid class, only attendance at Since this course is an online-hybrid class, only attendance at the On-Campus Orientation on October 20, 2010 and the Final the On-Campus Orientation on October 20, 2010 and the Final Exam on December 8, 2010 is necessary. There will be weekly Exam on December 8, 2010 is necessary. There will be weekly lab time on campus, and it is up to you to complete the lab lab time on campus, and it is up to you to complete the lab assignments during the lab time or at home.assignments during the lab time or at home.

• Doing the labs themselves is not optional, but doing them at the Doing the labs themselves is not optional, but doing them at the college is.college is.

• I will be giving credit for students attending the lab On-Campus.I will be giving credit for students attending the lab On-Campus.

• Typically, each week we will be covering two chapters in your Typically, each week we will be covering two chapters in your textbook.textbook.

• Attendance for the On-Campus Final Exam is required. Photo Attendance for the On-Campus Final Exam is required. Photo identification is required at the time of the exam to verify your identification is required at the time of the exam to verify your identity.identity.

Quizzes:Quizzes:

• Each week there will be a quiz that will Each week there will be a quiz that will test you on the material covered.test you on the material covered.

– It is open-book and open-notes.It is open-book and open-notes.– You can take the quiz multiple times to You can take the quiz multiple times to

improve your score, but be aware that the improve your score, but be aware that the questions may change each time you take questions may change each time you take quiz and that your last quiz score will be the quiz and that your last quiz score will be the one counted as your grade.one counted as your grade.

• Each quiz is worth 30 points.Each quiz is worth 30 points.

Desire 2 Learn (d2l):Desire 2 Learn (d2l):

• I want everyone to take a pro-active approach to I want everyone to take a pro-active approach to learning this material. This includes using the learning this material. This includes using the discussion feature d2l to ask questions and also answer discussion feature d2l to ask questions and also answer other students’ questions. I will be posting questions other students’ questions. I will be posting questions to further your understanding of the material.to further your understanding of the material.

• I expect each student to post at least two times per I expect each student to post at least two times per discussion item.discussion item.– You can accomplish this task by asking questions about the You can accomplish this task by asking questions about the

current discussion topic or by responding to existing questions.current discussion topic or by responding to existing questions.– My expectation from you is that you will write at least two- to My expectation from you is that you will write at least two- to

three-sentence responses that add substance to the three-sentence responses that add substance to the discussion.discussion.

• Each discussion assignment is worth 20 points.Each discussion assignment is worth 20 points.

Labs:Labs:

• We will be spending a lot of time working We will be spending a lot of time working on lab activities. on lab activities.

• You are responsible for making sure that You are responsible for making sure that your instructor receives your completed your instructor receives your completed lab work.lab work.

• Each lab assignment is worth 50 points.Each lab assignment is worth 50 points.

Final Exam:Final Exam:

• The final exam will consist of two parts. The final exam will consist of two parts. One part will be a hands-on practical One part will be a hands-on practical demonstration of assigned tasks, and the demonstration of assigned tasks, and the other part will be an exam taken in d2l.other part will be an exam taken in d2l.

• The final exam will be on Wednesday, The final exam will be on Wednesday,

December 8, 2010.December 8, 2010.– I will be having a review session the week I will be having a review session the week

before to help you.before to help you.

Due Dates:Due Dates:

• Unless noted, all assignments will be submitted in Unless noted, all assignments will be submitted in d2l under the “Dropbox” link. d2l under the “Dropbox” link. – If, for any reason, you cannot access d2l or are unable to If, for any reason, you cannot access d2l or are unable to

submit the assignment on time, please Email it to me submit the assignment on time, please Email it to me instead so that you are not penalized for being late.instead so that you are not penalized for being late.

• Quizzes and discussion items cannot be taken Quizzes and discussion items cannot be taken past their due date.past their due date.– If you miss a quiz and you want to make up points, you If you miss a quiz and you want to make up points, you

can take advantage of the extra credit assignments can take advantage of the extra credit assignments posted in d2l.posted in d2l.

– Everyone is welcome to work on the extra credit Everyone is welcome to work on the extra credit assignments. Typically, they are five to ten points each, assignments. Typically, they are five to ten points each, depending on the difficulty of the assignment.depending on the difficulty of the assignment.

Late Work:Late Work:

• Unless noted all assignments are due on Unless noted all assignments are due on Tuesday by midnight each week.Tuesday by midnight each week.– I have identified the due dates in the course I have identified the due dates in the course

schedule.schedule.– Late work will be accepted ONLY if you have Late work will be accepted ONLY if you have

contacted me prior to the due date either by contacted me prior to the due date either by Email or voice mail.Email or voice mail.

– In general, late work is due the next week, and In general, late work is due the next week, and no late assignments may be turned in after one no late assignments may be turned in after one week from the original due date regardless of week from the original due date regardless of the reason.the reason.

– For every day an assignment is late, you will For every day an assignment is late, you will lose 10% of its grade.lose 10% of its grade.

Plagiarism Policy/Cheating:Plagiarism Policy/Cheating:

Plagiarism:Plagiarism:• It is inappropriate, and a violation of academic policy, to copy information It is inappropriate, and a violation of academic policy, to copy information

from any source (including, but not limited to, textbooks, magazine from any source (including, but not limited to, textbooks, magazine articles, newspaper articles and Internet articles) without giving proper articles, newspaper articles and Internet articles) without giving proper credit to the author by using standard quotation procedures such as in-credit to the author by using standard quotation procedures such as in-line quotes, footnotes, endnotes, etc. Quotes may not exceed 25% of the line quotes, footnotes, endnotes, etc. Quotes may not exceed 25% of the assignment’s total length.assignment’s total length.

• You will receive no credit (0 points) for any assignment that copies any You will receive no credit (0 points) for any assignment that copies any material from any other source without giving proper credit to the material from any other source without giving proper credit to the author(s). Repeated offenders of this policy are subject to academic author(s). Repeated offenders of this policy are subject to academic discipline as outlined in the polices published by the college.discipline as outlined in the polices published by the college.

Cheating:Cheating:• Students who cheat will receive a failing grade for the course. See the Students who cheat will receive a failing grade for the course. See the

Students Rights and Responsibilities page of the college website Students Rights and Responsibilities page of the college website (http://www.crc.losrios.edu/College_Catalog/General_Information/Students(http://www.crc.losrios.edu/College_Catalog/General_Information/Students_Rights_and_Responsibilities.htm) for additional information._Rights_and_Responsibilities.htm) for additional information.

Dropping:Dropping:

• Students are responsible for dropping the Students are responsible for dropping the course.course.

Email/Discussion Etiquette:Email/Discussion Etiquette:

• Every student will be required to have an Email Every student will be required to have an Email account.account.

• I will not tolerate rude and demeaning comments I will not tolerate rude and demeaning comments or Emails to anyone in this class. Please keep or Emails to anyone in this class. Please keep your comments and Emails topic-related.your comments and Emails topic-related.

• If I determine that a comment or Email to anyone If I determine that a comment or Email to anyone else in the class is rude or demeaning, I will warn else in the class is rude or demeaning, I will warn you once. If your behavior continues to be you once. If your behavior continues to be unacceptable, I will refer you to the unacceptable, I will refer you to the administration of the college for disciplinary administration of the college for disciplinary action.action.

Personal Belongings:Personal Belongings:

• No food or drinks are allowed in the No food or drinks are allowed in the classroom.classroom.

• All cell phones, beepers, pagers, etc. All cell phones, beepers, pagers, etc. should be turned off or set to vibrate.should be turned off or set to vibrate.– Any telephone calls need to be taken outside.Any telephone calls need to be taken outside.

Disabilities:Disabilities:

• If you have a documented disability and If you have a documented disability and wish to discuss academic wish to discuss academic accommodations, please contact me after accommodations, please contact me after class or contact the Office of Disabled class or contact the Office of Disabled Student Programs and Services at 691-Student Programs and Services at 691-7275 as soon as possible.7275 as soon as possible.

Online Course Online Course Responsibilities: Responsibilities: • This course requires significant self-motivation. You must This course requires significant self-motivation. You must

not get behind. Labs and weekly assignments can take up not get behind. Labs and weekly assignments can take up to eight hours to finish. Please don’t try to finish them in to eight hours to finish. Please don’t try to finish them in one day. Not all activities are created equal. Some may one day. Not all activities are created equal. Some may take a bit longer than others. take a bit longer than others.

• You would normally spend 3 hours per week in class for this You would normally spend 3 hours per week in class for this course: a total of 54 hours. Allow yourself at least 8 hours course: a total of 54 hours. Allow yourself at least 8 hours per week to complete the activities online, including the per week to complete the activities online, including the time spent writing for online class discussion postings. You time spent writing for online class discussion postings. You should plan additional time to read the textbook and study should plan additional time to read the textbook and study for the quizzes.for the quizzes.

• Some people believe this is a much easier way to study this Some people believe this is a much easier way to study this subject than an on-campus framework because they love to subject than an on-campus framework because they love to read and avoid the parking problems. Others feel very read and avoid the parking problems. Others feel very intimidated at first. Be patient as you work your way intimidated at first. Be patient as you work your way through the activities. through the activities.

Using Desire 2 Learn:Using Desire 2 Learn:• How to log in:How to log in:

– You will not be able to participate in the online portion of You will not be able to participate in the online portion of your class using Los Rios Online until you have enrolled in your class using Los Rios Online until you have enrolled in your course through your college's registration system. your course through your college's registration system.

– Students registered as of the first day of the term should Students registered as of the first day of the term should already have Los Rios Online accounts and be linked to already have Los Rios Online accounts and be linked to the classes in which they are enrolled.the classes in which they are enrolled.

• To log on to your d2l account, open your web To log on to your d2l account, open your web browser and go to the following URL: browser and go to the following URL: https://d2l.losrios.edu/https://d2l.losrios.edu/

• Your User Name is the letter w followed by your Your User Name is the letter w followed by your Student ID# Example: w0123456Student ID# Example: w0123456

• Your default password is your birthday in the Your default password is your birthday in the format: MMDDYYYY Example: Birthday is June 12, format: MMDDYYYY Example: Birthday is June 12, 1974 then password = 061219741974 then password = 06121974

Grading:Grading: Course Topic

Points Total Approximate % the of Grade

Labs (6)50

300 40

Orientation Quiz (1)10

101

Quizzes (4)30

120 16

Discsussions (6)20 120 16

Final Exam (1)200

200 27

Point System:Point System:There are 750 total assigned points.There are 750 total assigned points.

Grade Ranges:Grade Ranges:A= 675-750, B=600-674, C=525-599, D=450-524, F=0-A= 675-750, B=600-674, C=525-599, D=450-524, F=0-

449449

Sample Schedule:Sample Schedule:

Day: Lecture/Lab Schedule:Assignment

Due:Due Date

(By Midnight):

Week 1 Wed. (10/20) Orientation and IntroductionsOrientation DB

Orientation Quiz Tues., 10/26

Ch 1: Intro. to Information Security View the Online

Orientation

Lab #1: Projects 1-1 thru 1-7, Case 1-2

Week 2 Wed. (10/27) Ch 2: Developing a Security PolicyDB #1

Quiz #1(Ch1-2)Tues. , 11/2

Ch 3: Firewall Configuration Strategies

Lab Review #1

Lab #2: Projects 2-1 thru 2-6, Case 2-3,

Projects 3-1 thru 3-7, Case 3-3

Conclusion:Conclusion:

• Log into d2l and take the Orientation Quiz. Log into d2l and take the Orientation Quiz. It is due on Tuesday, October 26, 2010. It is due on Tuesday, October 26, 2010.

• Go to the Discussion #1 and introduce Go to the Discussion #1 and introduce yourself to the class.yourself to the class.

• Registered students for the class have Registered students for the class have access to d2l and can log into the campus access to d2l and can log into the campus network.network.

• Email any questions you might have to Email any questions you might have to me.me.