Syllabus for cit 217 Security +
Fall Semester 2009
Class: CIT 217: (CY001) Security + # 43443
· Time: 6:00PM – 8:50 PM Tuesdays ( 31 August 2009 – 18 December 2009)
· Classroom: Cheyenne, Telcom Bldg; Room 2726
· Angel Access: http://www.csn.edu/pages/2212.asp
· Instructor Web Site: http://sites.csn.edu/salpern/security02/security.html
· Instructor: Steve Alpern, MCSE/MCSA (NT4.0, 2000, 2003) Microsoft MCIPT Server Administrator 2008, CNA/CNE, Network +, Security +,A+
· Contact Information:
· Email: stephen.alpern@csn.edu To be used ONLY if the Angel Course Mail System is unavailable.
· Telephone: 651-4624
· Office: Room 2535 Telecom Building, Cheyenne Campus
· Available: Students can make appointments by calling or email with instructor.
II. Textbooks/Supplies Required:
· Academic Learning Series, Security + Certification by Joern Wettern, McGraw-Hill, ISB # 0-07-295559-7
III. Course Objectives:
This is a 16 week full semester course with the primary purpose of providing the student with a level of knowledge and the skills necessary to understand the core concepts of computer security. The course is also designed to help prepare students to take the Security + Certification exam which is administered by CompTIA. In addition, successful completion of this course can serve as a basic building block for further MCSE studies, CISCO and Novell certification courses. While a prerequisite of CIT112B or associated certifications is a requirement, and CompTIA sets their certification exam preparation focus on an IT Security professional who has a minimum of 2 years experience in network administration with a orientation on security, as well as technical day to day security experience, students can still pass this course with other networking backgrounds and devoted study and research of core security concepts presented in this course.
The course and textbook are intended to support concepts and objectives for the Security + SY0-101/201 Certification exams. However, newer areas as outlined in the 2008 Edition Certification exams will be discussed in class as well, in order to cover newer certification areas by Comptia. For more detailed information on the Security + objectives and details concerning security + exam related material in this course it is highly recommended you go to the following CompTIA Link: http://certification.comptia.org/security. From this link you can get all detailed and latest information on the CompTIA Security + objectives. You will note that some objectives have changes slightly for 2008, but this mostly relates to the percentages of questions from the objective domains. For example in 2008, there are 6 Certificate Domain objectives vs. only 5 for previous certification exams.
Week 1: (1 Sept)
o Administration and course objectives.
o Setup of VMWare structure with Server and XP Pro
o Familiarization with VMWare.
Week 2: (8 Sept)
o Chapter 1: Addressing Security Threats and Vulnerabilities
Week 3: (15 Sept)
o Chapter 2: Creating Security Baselines
Week 4: (22 Sept)
o Chapter 3: Using Access Control and Authentication
Week 5: (29 Sept)
o Chapter 4: Using Encryption
Week 6: (6 Oct)
o Chapter 5: Using a Public Key Infrastructure
Week 7: (13 Oct)
o Chapter 6: Searching the Network Infrastructure
Week 8: (20 Oct)
o Chapter 7: Securing Communications
Week 9: (27 Oct)
o Midterm Exam (Chapters 1-7)
Week 10: (3 Nov)
o Chapter 8: Securing Network Applications
Week 11: (10 Nov)
o Chapter 9: Securing Internet Messaging
Week 12: (17 Nov)
o Chapter 10: Securing your Network Perimeter
Week 13: (24 Nov)
o Chapter 11: Maintaining Operational Security
Week 14: (1 Dec)
o Chapter 12: Maintaining Organizational Security
Week 15: (8 Dec)
o Chapter 13: Defining and Responding to Incidents
Week 16: (15 Dec)
o Final Exam: (Chapters 1-13)
· Overview on Course Administration and Structure:
· Students will be expected to read the text material prior to class, review video presentations as a supplement to the text materials, and study other Web site materials that might be posted. Students should read the text book chapters in accordance with the schedule of assignments above.
· In addition, supplemental materials will be available for student download in e-mail on Angel. Students will need to become familiar with all these techniques. Students will use the Angel Course e-Mail System, and this will become one of the major methods of student-instructor communications. It will be important for students to understand Angel functions. All examinations will be administered via Angel. Hence students will be given a login name and password to access Angel.
· Student should note that the bonus exams are intended to test student’s comprehension of the reading material and Security + concepts. Information on the scope of each bonus exam will also be provided so students can adequately study and prepare for these exams. Bonus exams will be available throughout the course, but can only be taken one time. There are no make-ups for bonus exams.
· On the other hand, Random Practice Exams will also be available to help students understand the readings and help in preparation for bonus exams as well as the midterm and final exams. These Random Practice Exams will normally consist of a database of 40 questions; however, only 30 questions will be presented when the exam is opened. This is the nature of the Random Exam. The more times that you take the exam, the greater your chances of seeing all 40 questions or as many questions that are used for the database of a particular random exam. All of these Random Practice Exams will be available to students for an unlimited timeframe (duration of course plus 1 week), and an unlimited number of times to take. Most exams are set for a time limit of 90 minutes, so you should try and complete the exam within this time limit. These exams are NOT part of the core exams, and therefore are non-graded. The exams will be a good indication of student comprehension of reading assignments and any additional internet searching for further understanding of core security + concepts. While these exams are not graded, the questions will serve as instructional points, review material and form the basis of the Midterm and Final exams. Students are encouraged to take these practice exams frequently. In addition, these random exams will be the main tool to assist the student in certification for CompTIA Security +
· There will two major core examinations in the course: a Midterm and a Final Exam.
· Angel will host all video instructional presentations prepared by instructor. These Video presentations are based on the textbook and will supplement and enhance student comprehension of the security concepts provided in the textbook. Once a video presentation is available on Angel, it will remain available to students at all times during the duration of the course via Angel connections. A DVD with all video’s will also be available free for all students upon request.
· As noted above, bonus exams will become available throughout the course. The number of these exams will be at the discretion of the instructor. Each bonus exam is normally worth 3-5 points. This could be more or less depending on discretion of instructor. Bonus exams are posted on Angel and can be taken at student discretion. These exams are important to you as they are considered "bonus" exams and will add points to students' final total exam scores. In other words, the points you receive from bonus exams are over and above the core exam points. For example, if a student were to have a core exam total point score of 170, then the student grade would be a B. But if the student also had 10 bonus points, it would push the point total to 180 which would be equivalent to an A
· Students who certify successfully with CompTIA Security + will be awarded with an additional grade bump. Hence if a student's final point total is 162 (equivalent to a B) and the student passes the CompTIA Security + certification, the student grade will be bumped to an A. Any certifications submitted for the grade bump must be sent to the instructor not later than 11 PM on 23 December 2009. So, you must plan ahead if you intend to take the certification exam. This is a difficult exam and will take a special effort by the student to pass. However, the course practice exams will help. There is no exception to this policy. Other exam hints will be provided to students via e-mail as the course proceeds.
· There will be several hands on exercises that will be done during the class. These exercises are to help students better understand and use some of the security concepts explained in the textbook. Because of extended times required to do some lab exercises, the assignment lecture might not be completed in class. However, students are still responsible for the lesson scheduled for that particular day. Students must read and study the lesson regardless of whether or not it is covered in class. To help students, instructor video presentations are available to all students.
· The instructor reserves the right to change the course syllabus, schedule and polices at any time. It is the student’s responsibility to check email often for any changes that might be posted.
· Grading Scale: Grading is based on a point scale equal to 200 points as follows:
· A: 180-200+
· B: 160-179
· C: 140-159
· D: 120-139
· F: <120
**Note: Successful CompTIA Security + Certification adds one grade level
· Point Distribution: Points are determined based on following criteria:
· Core Test #1: Midterm 90 points
· Core Test #2: Final 110 points
· Total Exam Points: 200 points
· Bonus Points: 25 points (estimated and can vary)
· Security Presentation 5 points ( can vary depending on quality of presentation)
VI. Attendance:
There is no attendance in this course. However it is the student’s responsibility to follow the schedule of reading assignments and maintain contact with the instructor for up to date information as the course proceeds. However continued lack of attendance without notification to the instructor could result in an automatic withdrawal from the course by the instructor. Your contact points are via Angel email. You are encouraged to check your Angel email frequently depending on outstanding course issues. Your knowledge of core security concepts will come from your studies, reviewing the visual presentations by the instructor, and practice on the random exams. College enrollment assumes maturity, seriousness of purpose, and self-discipline for meeting the responsibilities associated with this course. Hence it is your responsibility to completely fulfill the course requirements as noted in this syllabus. However, there is an understanding that a student could be ill or have another emergency, which precludes completing the reading assignments. You should advise the instructor of such circumstances.
· There will be two core examinations in this course. Exam #1, which is the Midterm and Exam 2 which is the Final. The Midterm exam will cover Chapters 1-7 has a point value of 90 points. The Final Exam will cover Chapters 1-13 has a point value of 110 points. The dates of these courses are as noted above in the Course Outline and Schedule of Assignments. Total test scores will determine your course grade. Keep in mind that the bonus exams can add points to your score. As noted above, a computer problem will not be an excuse. You must give yourself flexibility, so that if you do have a computer problem you have a backup and can get to a campus location.
· With proper planning there should not be any instances of missed exams. If an exam is missed the instructor will determine whether or not a makeup exam will be available. In any case, any makeup exams will be deducted "late points". Makeup exams are not encouraged and very strict rules in determining a makeup exam will be enforced. You do not want to miss an exam!. If you miss an exam, one probable way to pass the course will be if you can pass the CompTIA Security + Certification Exam and gain maximum bonus points from the bonus exams. Passing the certification exam will add an additional grade to your overall class grade as explained above. Copies of certification passing certificates must be submitted to the instructor not later than 11PM on 23 December 2009. No exceptions. If you are planning on CompTIA certification for a grade bump, you must meet this deadline.
If you wish to audit or withdraw from this course, you should contact Admissions and Records. Instructor will not normally withdraw any student. It is the responsibility of the student to submit all required documents to Admissions and Records according to the time guidelines found in the CSN 2009 Fall Class Schedule which is on-line only. If you do not audit or withdraw from this class according to the guidelines set forth by CSN, you will receive a grade based on the point distribution above. If you go beyond the deadline for withdrawal as dictated by Admissions and Records without having advised Admissions, or made some arrangements with the instructor, you are in the course for a grade. Be sure the check with Admissions and Records if you decide on either a withdrawal or a change in status to audit. Any student who begins the course and then stops attending, but does not officially withdraw from the course, or notify the instructor, will receive an F. However, the one exception is any student that starts this course, and then has extended absences, without any notification to the instructor, could be withdrawn from the course at instructor discretion.
IX. Additional Information:
· Safety:
There could be times when you are in a campus building. If so at the sound of a fire alarm, everyone is required to exit the building immediately. Take your important personal property with you. Students must not move, disconnect or open computers. Remain outside the building until told that it is safe to re-enter the building.
· Students with Disabilities:
If you have a documented disability that may require assistance, you will need to contact the Disability Resource Center (DRC) for coordination of your academic accommodations. The DRC is located in Student Services on each campus. For Cheyenne, the number is 651-4045, at Charleston 651-5089 and at Henderson 651-3086. For any student interested in earning some extra cash, you can stop by the DRC, and fill out a job interest card. DRC office hires students as note takers, proctors, scribes and research assistants as needed.
· Student Resources
Four (4) hours of free tutoring per each one (1) credit hour is available to each student. Contact Tutorial Services at 651-4232 at Cheyenne Campus or West Charleston at 651-5132 to arrange for free tutorial service if needed. In addition, Computer Lab instructors are available at each campus. Use them, as they are an excellent source for additional help.