Feb 05, 2025  
2024 - 2025 Cowley College Academic Catalog 
    
Catalog Navigation
  Catalog Home
  About Cowley
  Degree Requirements
  Programs (By Degree)
  Programs (By Career)
  Program Maps (Semester Plan)
  Course Descriptions
  Kansas Systemwide General Ed. Core
  Admissions Information
  Contact Information
  Current Academic Year
  Academic & Support Student Services
  Veterans Information
  Enrollment Information
  Financial Aid and Scholarships
  Financial Information
  Policies & Procedures
  Student Life & Alumni
  Graduation Information
  Faculty Instructor Credentials
  My Portfolio
HELP
2024 - 2025 Cowley College Academic Catalog

CIS1914 CERTIFIED NETWORK DEFENDER COURSE PROCEDURE

CIS 1914 - CERTIFIED NETWORK DEFENDER

3 Credit Hours

Student Level:

This course is open to students on the college level in either the Freshman or Sophomore year.

Catalog Description:
CIS1914 - Certified Network Defender (3 hrs.)

This course will introduce students to concepts to protect organizations against network security threats including evaluating network and Internet security issues; and providing security solutions.

KRSN:

None

Course Classification: 

3 Hr. Lecture

Prerequisites:

None

Co-requisites:

None

Controlling Purpose:

This course is designed to provide the fundamental skills needed to analyze the internal and external security threats against a network, and to implement security mechanisms to protect an organization’s information. The course helps to evaluate network and Internet security issues and provides security solutions such as designing a security policy, troubleshooting networks, and digital signatures

Learner Outcomes:

Upon completion of the course, the student will:

  1. Understand the fundamental goals, benefits, challenges, and available countermeasures for network defense.
  2. Analyze cryptography algorithms and design implementation strategies for privacy and security of information
  3. Understand the role of the Intrusion Detection and Prevention System in defending the networks.
  4. Understand Linux and Windows security concerns and hardening techniques such as password management, security baseline configurations, etc.
  5. Identify risks associated with IoT and mobile devices and select appropriate countermeasures including policies, guidelines, and tools.
  6. Implement application whitelisting and blacklisting, sandboxing, patch management, and web application firewall, encryption techniques, and secure design strategies for data loss prevention.
  7. Examine the evolution of network security management in virtualized IT environments.
  8. Understand cloud computing concepts and different security concerns.
  9. Understand wireless networking concepts, network encryption mechanisms, authentication methods, and advantages of network traffic monitoring.
  10. Understand logging concepts, centralized log monitoring and perform log analysis to manage secure network operations.
  11. Examine various network security incidents and develop policies, processes, and guidelines for incident handling, disaster recovery and business continuity.
  12. Develop a risk management program and implement different strategies such as attack surface analysis and cyber threat intelligence to reduce organizational risks.


Unit Outcomes for Criterion Based Evaluation:

The following outline defines the minimum core content not including the final examination period.  Instructors may add other material as time allows.

UNIT 1: Network Defense Management

Outcomes: Upon completion of this unit, the students will be able to:

  • Explain essential terminologies related to network security attacks
  • Describe the various examples of network-level attack techniques
  • Describe the various examples of host-level attack techniques
  • Describe the various examples of applicationlevel attack techniques
  • Describe the various examples of social engineering attack techniques
  • Describe the various examples of email attack techniques
  • Describe the various examples of mobile device-specific attack techniques
  • Describe the various examples of cloud-specific attack techniques
  • Describe the various examples of wireless network-specific attack techniques
  • Describe Attacker’s Hacking Methodologies and Frameworks
  • Explain fundamental goal, benefits, and challenges in network defense
  • Explain Continual/Adaptive security strategy
  • Explain defense-in-depth security strategy
  • Obtain compliance with regulatory frameworks
  • Define various Regulatory Frameworks, Laws, and Acts
  • Learn to design and develop security policies
  • Conduct security awareness training
  • Define other administrative security measures

UNIT 2: Network Perimeter Protection

Outcomes: Upon completion of this unit, the students will be able to:

  • Define access control principles, terminologies, and models
  • Redefine Access Control security in Today’s Distributed and Mobile Computing World
  • Define Identity and Access Management (IAM) concepts
  • Define cryptographic security techniques
  • Define various cryptographic algorithms
  • Define security benefits of network segmentation techniques
  • Define various essential network security solutions
  • Define various essential network security Protocols
  • Explain firewall security concerns, capabilities, and limitations
  • Explain different types of firewall technologies and their usage
  • Explain firewall topologies and their usage
  • Distinguish between hardware, software, host, network, internal, and external firewalls
  • Select firewalls based on its deep traffic inspection capability
  • Define firewall implementation and deployment process
  • Define recommendations and best practices for secure firewall Implementation and deployment
  • Define firewall administration activities
  • Explain role, capabilities, limitations, and concerns in IDS deployment
  • Define IDS/IPS classification
  • Define various components of IDS
  • Define effective deployment of network and host-based IDS
  • Learn to how to deal with false positive and false negative IDS alerts
  • Define the selection of appropriate IDS solutions
  • Define various NIDS and HIDS Solutions with their intrusion detection capabilities
  • Define router and switch security measures, recommendations, and best practices
  • Leverage Zero Trust Model Security using Software-Defined Perimeter (SDP)

UNIT 3: Endpoint Protection

Outcomes: Upon completion of this unit, the students will be able to:

  • Explain Window OS and Security Concerns
  • Define Windows Security Components
  • Define Various Windows Security Features
  • Define Windows security baseline configurations
  • Define Windows User Account and Password Management
  • Define Windows Patch Management
  • Define User Access Management
  • Define Windows OS Security Hardening Techniques
  • Define Windows Active Directory Security Best Practices
  • Define Windows Network Services and Protocol Security
  • Explain Linux OS and Security Concerns
  • Define Linux Installation and Patching
  • Define Linux OS Hardening Techniques
  • Define Linux User Access and Password Management
  • Define Linux Network and Remote Access Security
  • Define Various Linux Security Tools and Frameworks
  • Define Common Mobile Usage Policies in Enterprises
  • Define the Security Risk and challenges associated with Enterprises mobile usage policies
  • Define security guidelines to mitigate risk associated with enterprise mobile usage policies
  • Define and implement various enterprise-level mobile security management solutions
  • Define and implement general security guidelines and best practices on Mobile platforms
  • Define Security guidelines and tools for Android devices
  • Define Security guidelines and tools for iOS Devices
  • Explain IoT Devices, their need, and Application Areas
  • Explain IoT Ecosystem and Communication models
  • Explain Security Challenges and risks associated with IoT-enabled environments
  • Define the security in IoT-enabled environments
  • Define Security Measures for IoT-enabled environments
  • Define IoT Security Tools and Best Practices
  • Define and refer various standards, Initiatives and Efforts for IoT Security

UNIT 4: Application and Data Protection

Outcomes: Upon completion of this unit, the students will be able to:

  • Define and implement Application Whitelisting and Blacklisting
  • Define and implement application Sandboxing
  • Define and implement Application Patch Management
  • Define and implement Web Application Firewall (WAF)
  • Explain Data Security and its Importance
  • Define the implementation of data access controls
  • Define the implementation of encryption of “Data at rest”
  • Define the implementation of Encryption of “Data at transit”
  • Define the implementation of Encryption of “Data at transit” between browser and web server
  • Define the implementation of Encryption of “Data at transit” between database server and web server
  • Define the implementation of Encryption of “Data at transit” in Email Delivery
  • Define Data Masking Concepts
  • Define data backup and retention
  • Define Data Destruction Concepts
  • Data Loss Prevention(DLP) Concepts

UNIT 5: Enterprise Virtual, Cloud, and Wireless Network Protection

Outcomes: Upon completion of this unit, the students will be able to:

  • Explain Virtualization Essential Concepts
  • Define Network Virtualization (NV) Security
  • Define Software-Defined Network (SDN) Security
  • Define Network Function Virtualization (NFV) Security
  • Discus OS Virtualization Security
  • Define Security Guidelines, recommendations and best practices for Containers
  • Define Security Guidelines, recommendations and best practices for Dockers
  • Define Security Guidelines, recommendations and best practices for Kubernetes
  • Explain Cloud Computing Fundamentals
  • Explain the Insights of Cloud Security
  • Evaluate CSP for Security before Consuming Cloud Service
  • Define security in Amazon Cloud (AWS)
  • Define security in Microsoft Azure Cloud
  • Define Security in Google Cloud Platform (GCP)
  • Define general security best practices and tools for cloud security
  • Explain wireless network fundamentals
  • Explain wireless network encryption mechanisms
  • Explain wireless network authentication methods
  • Define and implement wireless network security measures

UNIT 6: Incident Detection

Outcomes: Upon completion of this unit, the students will be able to:

  • Explain the need and advantages of network traffic monitoring
  • Setting up the environment for network monitoring
  • Determine baseline traffic signatures for normal and suspicious network traffic
  • Perform network monitoring and analysis for suspicious traffic using Wireshark
  • Define network performance and bandwidth monitoring concepts
  • Explain logging concepts
  • Define log monitoring and analysis on Windows systems
  • Define log monitoring and analysis on Linux
  • Define log monitoring and analysis on Mac
  • Define log monitoring and analysis on Firewall
  • Define log monitoring and analysis on Routers
  • Define log monitoring and analysis on Web Servers
  • Define centralized log monitoring and analysis

UNIT 7: Incident Response

Outcomes: Upon completion of this unit, the students will be able to:

  • Explain incident response concepts
  • Explain the role of first responder in incident response
  • Define Do’s and Don’t in first response
  • Describe incident handling and response process
  • Describe forensics investigation process
  • Introduction to Business Continuity (BC) and Disaster Recovery (DR)
  • Define BC/DR Activities
  • Explain Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)
  • Define various BC/DR Standards

UNIT 8: Incident Prediction

Outcomes: Upon completion of this unit, the students will be able to:

  • Explain risk management concepts
  • Learn to manage risk though risk management program
  • Learn different Risk Management Frameworks (RMF)
  • Learn to manage vulnerabilities through vulnerability management program
  • Learn vulnerability assessment and scanning
  • Explain the attack surface analysis
  • Explain and visualize your attack surface
  • Learn to identify Indicators of Exposures (IoE)
  • Learn to conduct attack simulation
  • Learn to reduce the attack surface
  • Explain the role of cyber threat intelligence in network defense
  • Explain different types of threat Intelligence
  • Explain the Indicators of Threat Intelligence: Indicators of Compromise (IoCs) and Indicators of Attack (IoA)
  • Explain the layers of Threat Intelligence
  • Learn to leverage/consume threat intelligence for proactive defense

Projects Required:

Varies, refer to syllabus.

Textbook:

Contact Bookstore for current textbook.

Materials/Equipment Required:

None

Attendance Policy:

Students should adhere to the attendance policy outlined by the instructor in the course syllabus.

Grading Policy:

The grading policy will be outlined by the instructor in the course syllabus.

Maximum class size:

Based on classroom occupancy

Course Time Frame:

The U.S. Department of Education, Higher Learning Commission and the Kansas Board of Regents define credit hour and have specific regulations that the college must follow when developing, teaching and assessing the educational aspects of the college.  A credit hour is an amount of work represented in intended learning outcomes and verified by evidence of student achievement that is an institutionally-established equivalency that reasonably approximates not less than one hour of classroom or direct faculty instruction and a minimum of two hours of out-of-class student work for approximately fifteen weeks for one semester hour of credit or an equivalent amount of work over a different amount of time.  The number of semester hours of credit allowed for each distance education or blended hybrid courses shall be assigned by the college based on the amount of time needed to achieve the same course outcomes in a purely face-to-face format.

Refer to the following policies:

402.00 Academic Code of Conduct

263.00 Student Appeal of Course Grades

403.00 Student Code of Conduct

Disability Services Program:

Cowley College, in recognition of state and federal laws, will accommodate a student with a documented disability.  If a student has a disability which may impact work in this class and which requires accommodations, contact the Disability Services Coordinator.

Created 3/30/2023