Module Details
| Module Code: |
SECU |
|
Module Title:
|
Enterprise Network Security
|
|
Title:
|
Enterprise Network Security
|
| Module Level:: |
8 |
| Module Coordinator: |
Nigel Whyte
|
| Module Author:: |
Keara Barrett
|
| Module Description: |
To provide the learners with the knowledge and skills to design, configure, maintain and troubleshoot a secure network.
|
| Learning Outcomes |
| On successful completion of this module the learner will be able to: |
| # |
Learning Outcome Description |
| LO1 |
Appraise threats and vulnerabilities to network and information security. |
| LO2 |
Evaluate wired and wireless LAN vulnerabilities and justify mitigation techniques to reduce the attack surface. |
| LO3 |
Plan, install, troubleshoot and monitor security infrastructure and peripheral equipment |
| Dependencies |
Module Recommendations
This is prior learning (or a practical skill) that is recommended before enrolment in this module.
|
| 8917 |
NETW |
Networking III |
Co-requisite Modules
|
| No Co-requisite modules listed |
Additional Requisite Information
|
|
No Co Requisites listed
|
| Indicative Content |
|
Wired and Wireless LAN Security:
Endpoint vulnerabilities and protective measures, Layer 2 vulnerabilities and security measures, Switch security features (e.g. Port Stealing, Switch flooding, storm control), rogue Access Points and devices, man-in-the-middle attacks
|
|
Authentication, Authorisation and Accounting (AAA):
Local and server based authentication, server based authorisation and accounting (e.g. RADIUS and TACACS+). Network Access Control (NAC), IEEE 802.1X
|
|
Firewalls:
Review ACLs, Configure firewalls, Implement and evaluate stateless, stateful, circuit-level, application and next gen firewalls (zone-based policy firewalls, IP tables), Context-based Access Control (CBAC), DMZ
|
|
IDS & IPS
IDS v IPS, Types of IPSs (e.g. Pattern-based detection, Anomaly-based detection, Policy-based detection, Honey pot-based detection), IPS Evasion Techniques (e.g. Evader: Encryption and Tunnelling, Timing Attacks, Resource Exhaustion, Traffic Fragmentation, Protocol-level Misinterpretation), Anti-evasion countermeasures
|
|
Log File and Traffic Analysis:
Read, translate and analyse logs generated for event; Traffic monitoring and analysis, Tools (e.g. Kibana, Sguil & Wireshark)
|
|
Module Content & Assessment
|
| Assessment Breakdown | % |
|---|
| Continuous Assessment | 50.00% |
| Project | 40.00% |
| Practical | 10.00% |
AssessmentsFull Time
| No End of Module Formal Examination |
| Reassessment Requirement |
Repeat examination
Reassessment of this module will consist of a repeat examination. It is possible that there will also be a requirement to be reassessed in a coursework element.
|
SETU Carlow Campus reserves the right to alter the nature and timings of assessment
Module Workload
| Workload: Full Time |
| Workload Type |
Workload Category |
Contact Type |
Workload Description |
Frequency |
Average Weekly Learner Workload |
Hours |
| Lecture |
|
Contact |
No Description |
12 Weeks per Stage |
2.00 |
24 |
| Laboratory |
|
Contact |
No Description |
12 Weeks per Stage |
2.00 |
24 |
| Estimated Learner Hours |
|
Non Contact |
No Description |
15 Weeks per Stage |
5.13 |
77 |
| Total Weekly Contact Hours |
4.00 |
|
Module Resources
|
| Supplementary Book Resources |
|---|
-
Marco Alamanni. (2015), Kali Linux Wireless Penetration Testing Essentials: Plan and execute penetration tests on wireless networks with the Kali Linux distribution, Packt Publishing, [ISBN: 1785280856].
-
J. Michael Stewart,Denise Kinsey. (2020), Network Security, Firewalls, and VPNs, 6th Edition. Pearson, Jones & Bartlett Learning, p.500, [ISBN: 1284183653].
-
Vivek Ramachandran. (2015), The Network Security Test Lab: A Step-by-Step Guide, 1st Edition. Wiley, [ISBN: 978-1118987].
| | This module does not have any article/paper resources |
|---|
| This module does not have any other resources |
|---|
|
