Module Title: | Enterprise Network Security |
Language of Instruction: | English |
Teaching & Learning Strategies: |
A combination of traditional lectures and laboratory sessions will be employed. The laboratory sessions will allow for regular formative assessment and feedback. |
Module Aim: |
To provide the learners with the knowledge and skills to design, configure, maintain and troubleshoot a secure network. |
Learning Outcomes |
On successful completion of this module the learner should be able to: |
LO1 |
Appraise threats and vulnerabilities to network and information security. |
LO2 |
Evaluate wired and wireless LAN vulnerabilities and justify mitigation techniques to reduce the attack surface. |
LO3 |
Plan, install, troubleshoot and monitor security infrastructure and peripheral equipment |
Pre-requisite learning |
Module Recommendations
This is prior learning (or a practical skill) that is recommended before enrolment in this module.
|
8917 |
NETW |
Networking III |
Incompatible Modules
These are modules which have learning outcomes that are too similar to the learning outcomes of this module. |
No incompatible modules listed |
Co-requisite Modules
|
No Co-requisite modules listed |
Requirements
This is prior learning (or a practical skill) that is mandatory before enrolment in this module is allowed. |
No requirements listed |
Module Content & Assessment
Indicative Content |
Wired and Wireless LAN Security:
Endpoint vulnerabilities and protective measures, Layer 2 vulnerabilities and security measures, Switch security features (e.g. Port Stealing, Switch flooding, storm control), rogue Access Points and devices, man-in-the-middle attacks
|
Authentication, Authorisation and Accounting (AAA):
Local and server based authentication, server based authorisation and accounting (e.g. RADIUS and TACACS+). Network Access Control (NAC), IEEE 802.1X
|
Firewalls:
Review ACLs, Configure firewalls, Implement and evaluate stateless, stateful, circuit-level, application and next gen firewalls (zone-based policy firewalls, IP tables), Context-based Access Control (CBAC), DMZ
|
IDS & IPS
IDS v IPS, Types of IPSs (e.g. Pattern-based detection, Anomaly-based detection, Policy-based detection, Honey pot-based detection), IPS Evasion Techniques (e.g. Evader: Encryption and Tunnelling, Timing Attacks, Resource Exhaustion, Traffic Fragmentation, Protocol-level Misinterpretation), Anti-evasion countermeasures
|
Log File and Traffic Analysis:
Read, translate and analyse logs generated for event; Traffic monitoring and analysis, Tools (e.g. Kibana, Sguil & Wireshark)
|
Assessment Breakdown | % |
Continuous Assessment | 50.00% |
Project | 40.00% |
Practical | 10.00% |
Continuous Assessment |
Assessment Type |
Assessment Description |
Outcome addressed |
% of total |
Assessment Date |
Examination |
. |
1,2,3 |
20.00 |
Week 6 |
Examination |
. |
1,2,3 |
30.00 |
Week 9 |
Project |
Assessment Type |
Assessment Description |
Outcome addressed |
% of total |
Assessment Date |
Project |
. |
1,2,3 |
40.00 |
Week 12 |
Practical |
Assessment Type |
Assessment Description |
Outcome addressed |
% of total |
Assessment Date |
Practical/Skills Evaluation |
Weekly practical/laboratory work is designed to allow students to demonstrate the achievement of all the learning outcomes. |
1,2,3 |
10.00 |
n/a |
No End of Module Formal Examination |
SETU Carlow Campus reserves the right to alter the nature and timings of assessment
Module Workload
Workload: Full Time |
Workload Type |
Frequency |
Average Weekly Learner Workload |
Lecture |
12 Weeks per Stage |
2.00 |
Laboratory |
12 Weeks per Stage |
2.00 |
Estimated Learner Hours |
15 Weeks per Stage |
5.13 |
Total Hours |
125.00 |
Module Delivered In
|