Topic Material covered in class Project/lab exercise ideas Learning outcomes
       
Topic 1
(Week 1)
We know what you did today morning and the past several years: Security and privacy on social network sites and smart phones (1) Privacy threats; data mining
(2) Security exploits: from eavesdropping
to tampering. 
(1) Students are provided with a toy social networking site called: insecurebook and are
asked to enumerate security threats to it.
Tools: A full fledged toy social networking site; (optional) smartphone or smartphone environment.
 
(.)  Enumerate at a high level
security threats to social networking sites
and smartphones.
(.) Describe privacy issues to security
Topic 2
(Week 1/2)
"Ethics is knowing the difference between what you have a right to do and what is right to do" - Wayne Dyer: Ethics and law Ethics; Cyber laws;  Case studies and quizzes.  (.) Describe the behavior of an ethical
cyber citizen
(.) Enumerate the laws that protect intellectual
property and guard against illegal hacking. 
Topic 3
(Week 3/4)
You are more important than you think you are: Motivation and actors of  a Cyber crime Cyber crime (Ted Talk) - motivations; who commits it and why?  (1) Case study on famous cyber criminals: Kevin Mitnick; Robert Morris; Anonymous.  (.) Explain why information is important
(.) Enumerate the motivations of various
cyber criminals
Topic 4
(Week 4/5/6)
"Begin at the beginning and go on till you reach the end. Then stop" - Alice and Wonderland.
Learning the basics of Linux. 
Linux tutorials on:
(1) Core programs
(2) LInux file structure
Linux core commands; file structure.  (.) Demonstrate the use of Linux command line to
accomplish basic tasks such as creating, removing and copying files,
traversing the file system
Topic 5
(Week 7/8))
"... if you know your enemies and know yourself, you will not be imperiled in a hundred battles"- Sun Tzu (Art of War): Anatomy of an attack Steps that an attacker takes to find you and attack your computing infrastructure: Reconnaissance; Exploit; Maintaining Access and Wiping tracks (.) WHOIS, Google Hacking, nmap, nessus
(.) Metasploit (basics)
(.) Netcat
(.) Log files in Linux
(.) Enumerate the steps that an attacker takes
when conducting a cyber attack.
(.) Explain how a combination of poor
design; implementation and configuration can
lead to an attack.
Topic 6
(Week 9)
"This life is full of care, There is no time to stand and stare" - William Wordsworth (modified): What does it mean to secure our computing infrastructure?
1. Goals of security: confidentiality
, integrity and availability
2. Sub-goals of security: authentication; non-repudiation; privacy. 
(1) Vulnerability assessment of insecurebook with respect to confidentiality, integrity, availability, authentication,
non-repudiation and privacy. 
(.) Enumerate the goals of security
Topic 7
(Week 10) 
Securing a network: What does it entail to secure computing infrastructure?  1. Different categories (physical, technological
and administrative) of vulnerabilities/threats and exploits.
2. Different categories of security mechanisms and examples: (1) Applied cryptography
(2) Application (software security)
(3) Hardening software installations
(4) Network security
(a) Case study on attacks that require all three security controls (physical, technological, administrative);
(b) Google it!: Search the web for different security mechanisms and classify them into each of the three categories 
(.) Enumerate an example for each category of security
mechanism. 
Topic 8
(Week 11/12/13)
All's fare in Love, War and Crypto - ERACE (Unknown): Applied cryptography Symmetric; Asymmetric and secure hashes (1) Designing a secret key cipher
(2) Using public key cryptography to secure messages and create digital signatures using GPG to post messages on insecurebook
(3) Exploring weaknesses in modes of cryptographic operations used by insecurebook to exchange data over the internet.
(4) Using secure hashes to protect downloads and messages from insecurebook.
(.) Explain the differences between secret key,
public key and secure hash mechanisms.
(.) Describe  a one-way function.
(.) Demonstrate the usage of basic boolean
operators: OR, AND, NOT and XOR
(.) Enumerate modes of application of cryptography.
(.) Demonstrate how to use secure hashes to
detect tampering of any internet downloads.
Topic 9
(Week 14/15/16)
Software (Web) security Security exploits on social networking sites:
XSS, XSRF, SQL Injection, Buffer overflows
Projects on google guyere.  (.) Enumerate web based attacks.
(.) Describe the memory model of an OS. 
Topic 10
(Week 17/18/19)
Networking and network security  (1) Introduction to networking
(2) Security issues at each network layer
(3) Securing networks using cryptography
Network scanning (nmap);  encrypting data in transit
 (secure the data on insecurebook); case studies using
wireshark traces. 
(.) Explain the need for a layered model of networks
(.) Enumerate common networking protocols: TCP, IP, DNS, HTTP, ARP, UDP
(.) Demonstrate the usage of network tools such as ping, traceroute, nmap, arp, ettercap and wireshark for troubleshooting and securing networks.
Topic 11
(Week 20)
You can run but you cannot hide: Digital Forensics - finding a
cyber criminal
Using Hexadecimal code;
Evidence collection;
preservation and analysis. 
Finding traces (using find); using ftk; Evidence collection using dd
and other tools. 
(.) Enumerate the steps in a digital forensics process
(.) Demonstrate the usage of programs such as find, dd, and rsync in digital forensics process.