Teaching again

| No Comments

I have started preparing my introductory computer security course for next semester. The course is geared towards junior and senior undergraduate computer science and information systems students. As much as possible, I like to bring in writing assignments (human language, not computer code), and hands-on assignments. 

This year, I feel that it is time to shake stuff up a bit and change a bunch of topics around. So, I've decided to ask for some community feedback. There are 15 weeks in a semester. Each week, I have 2.5 hours of instructional time, and assignments can go in addition to that. My expectation is that all student spend 4-5 hrs per week on the material. 

Here are some of the topics that I want to include. Note that this is just a simple bullet list. What do you think? Should I add/remove topics? How would you order them in time? What kind of assignments and what kind of reading materials would you recommend?

Topics to be covered
  1. Introduction to describe what we are protecting, who is attacking and how we are being  attacked
    1. Defender methodology (defense in depth, cia, pirl, business continuity)
    2. Attacker methodology
    3. Risk and stuff
  2. Ethics and law
    1. Ethics
    2. Codes of Ethics
    3. Relevant Law (Federal and State)
    4. Relevant Law Enforcement Agencies
    5. Investigations
    6. Evidence
  3. Authentication
    1. Identification plus verification
    2. Multi factor authentication (aka: why passwords suck)
    3. Password attacks
    4. Social engineering
    5. Stupidity (default passwords, silly reset mechanisms, etc)
  4. Access control
    1. Some boring theory about models (DAC, MAC, RBAC)
    2. Examples of access control bypass
  5. Cryptography
    1.  Confidentiality
    2. Authenticity
    3. Non-repudiation
    4. Hashing
    5. PKI vs web of trust
    6. Block ciphers vs. stream ciphers
    7. Symmetric vs. Asymmetric crypto
    8. SSL
    9. SSH (hands-on) including hardening
    10. WEP/WPA
  6. Open source intelligence gathering
    1. Domain and IP registration process
    2. Whois
    3. DNS
    4. Web sites
    5. Job advertisements
  7. Networking
    1. TCP/IP
    2. Layer 2 stuff
    3. Equipment (Firewall, Router, Switch, Hub)
    4. Nmap
    5. Tcpdump
    6. Vulnerability scanning
  8. Common causes of exploitation
    1. Bad software
    2. Bad configuration
    3. Bad people
  9. Web application attacks
    1. SQL injection
    2. XSS
    3. CSRF
    4. OWASP top-20
  10. Endpoint attacks
    1. OS exploitation
    2. Application exploitation
    3. Vulnerability management 
    4. Metasploit Framework
    5. Antivirus
  11. Mobile stuff
    1. OWASP mobile project
  12. Enterprise security
    1. IDS / IPS
    2. Log management and SIEM
    3. DLP (on-premise and in-cloud)
    4. NAC
    5. Vulnerability management / patch management

Removed from the course
- forensics 
- building buffer overflows

Leave a comment

Latest Tweet