CSC-3940 System Security

Fall 2019
Instructor: Roger Shore Class Schedule:
Office Location: Congdon Hall 150 TTh 7:50-9:30AM CSC-2410
Telephone: 841-9031 TTh 9:45-11:25AM CSC-2410
Office Hours: TH 1:30-2:30PM TTh 3:30-5:10PM CSC-3910
MWF 1-3:00PM
E-Mail: rshore@linus.highpoint.edu Web site: linus.highpoint.edu/~rshore

Course Description: A practical course covering the basic concepts that are essential to security of operating systems, networks, software and various computing support systems. Focus will be on creating and exploring systems with a vulnerability, recreating how attacks on the system exposed the vulnerability, system administration tasks related to system hardening, penetration testing, and security monitoring. Topics will include user account and privilege management, software installation, web site configuration, workstation cloning, clustering, and backups in a variety of environments including Linus, Mac OS X and Microsoft Windows.

Prerequisites: CSC-2410

Course time expectation/week: This is a 4 four hour course. According to SACs, our accrediting body, we are required to meet 200 minutes per week for 15 weeks. In addition, you are expected to work on projects and assignments for at least 8 hours (480 minutes) outside of class per week. A portion of the 8 hours should be spent in the computer lab each week in relation to this course.

Course Materials:

  1. Computer Security – A Hands-on Approach 2nd Ed, Wenliang Du, CreateSpace 2019
  2. Security Education (SEED) Labs - https://seedsecuritylabs.org
Course Objectives: After successfully completing this course, the you will have
  1. Students will be able to apply the knowledge gained to successfully install and securely configure software within an established commodity OS. The host machine providing the commodity OS can be local, virtual, or cloud based.
  2. Students will be able to demonstrate their proficiency in the use of scripting languages to write advanced scripts to automate system administration tasks.
  3. Summarize the features and limitations of an operating system used to provide protection and security.
  4. Articulate the need for protection and security in an OS. Access control, buffer overflow exploits, OS mechanisms for providing security and controlling access to resources
  5. Design and implement a backup and restore strategy for a system then confirm the accuracy and completeness of a backup.
  6. Perform system hardening and penetration testing on a variety of systems to discover entry points. Create disaster recovery plan and test the veracity of the plan for a small enterprise.
  7. Explain the mechanisms available in an OS to control access to resources.
  8. Recognize the ethical and professional issues relating to advanced system usage and privileged access to system resources.

Class Preparation: It is assumed that you will read the assigned chapters. Although the material may be summarized, lectures will be used mainly to further demonstrate other approaches to problem solving and to answer specific questions.

SEED Labs: In addition to the major tests and exam, each student will establish a variety of virtual machines either locally or in the cloud such as Amazon Web Services (AWS). With an established server machine, students will participate in a series of labs to further develop their system administration skills, discover system vulnerabilities, perform system attacks, etc. Labs may consist of establishing a new service on their machine or writing scripts to automate processes. Successful completion of a lab will be demonstrating an increasing mastery the learning objectives. NOTE: Part of your grade on all labs will be documentation. If you submit a solution and the solution is lacking clear and concise documentation, your grade on the project will suffer. This includes excessive documentation.

Lab Evaluation:The plan is to complete 12 SEED labs. Each lab will have a due date. Any lab not received by the due date will be charged a late penalty. The penalty will be 1 point per day late with a maximum of 7 pts. Labs will not be accepted 7 days after the due date.

Facilities: The department will provide all software necessary to complete the course. This will require the student to have an account on the departmental server. This account will give them access to the software and space to store solutions to assignments. Access to the server will be provided through a workstation in the departmental lab as well as from any remote location on and off campus.

Course Policy:

  1. Attendance: Attendance will be taken daily at the beginning of class. You are expected to be present in every class meeting. If absent from class, you are responsible for all lectures, in-class exercises, assignments, and handouts. Caution: being absent from class does not change the due date of assignments.
  2. Grades: Your final grade will be determined as follows:
    Component SEED Labs 2 Major Tests Cumulative Final Exam Total
    Weight
    40%
    40%
    20%
    100%
    Range
    93-100
    90-93
    87-90
    83-87
    80-83
    77-80
    73-77
    70-73
    67-70
    63-67
    60-63
    0-60
    Grade
    A
    A-
    b+
    b
    b-
    C+
    C
    C-
    D+
    D
    D-
    F
    You must score at least the minimum of a category to be given the associated grade, i.e. an average of 80 is a b- not a C+.
  3. Make-Up test will not be given. No make-up test will be given unless arrangements have been made prior to the day of the test. If you miss a test your final grade will be used in place of the missed grade. This means the percentage of the final exam will increase. If you miss the final exam, you will receive an F for the course.
  4. In-class worksheets, quizzes, and non-programming assignments must be completed on the assigned date and cannot be made-up. If there are more than 10 of these, the lowest two will be dropped. If there are more than 16 of these, the lowest three will be dropped.
  5. Homework: This will be assigned frequently. Some assignments will take minutes to complete others will take days. Opportunity for homework questions is given at the beginning of each class. Homework may be collected and graded occasionally.
  6. Honor Code: All students are expected to follow the University Honor Code, full details can be found in the Student Handbook. All academic work should be completed with the highest level of honesty and integrity.
  7. Classroom etiquette:
  8. Lab/Classroom Lab etiquette:
  9. Students with Disabilities: Students who require classroom accommodations due to a diagnosed disability must submit the appropriate documentation to Disability Support in the Office of Academic Development, 4th Floor Smith Library. Student’s need for accommodations must be made at the beginning of a course. Accommodations are not retroactive.

Tentative Schedule of Topic Coverage:

Software Security
Web Security
Test #1
Network Security
System Security
Test #2
Cryptography
Mobile Security
Cumulative Final Exam