Module Details
Module Code: |
SECU |
Module Title:
|
Enterprise Network Security
|
Title:
|
Enterprise Network Security
|
Module Level:: |
8 |
Module Coordinator: |
Nigel Whyte
|
Module Author:: |
Keara Barrett
|
Module Description: |
To provide the learners with the knowledge and skills to design, configure, maintain and troubleshoot a secure network.
|
Learning Outcomes |
On successful completion of this module the learner will be able to: |
# |
Learning Outcome Description |
LO1 |
Appraise threats and vulnerabilities to network and information security. |
LO2 |
Evaluate wired and wireless LAN vulnerabilities and justify mitigation techniques to reduce the attack surface. |
LO3 |
Plan, install, troubleshoot and monitor security infrastructure and peripheral equipment |
Dependencies |
Module Recommendations
This is prior learning (or a practical skill) that is recommended before enrolment in this module.
|
8917 |
NETW |
Networking III |
Co-requisite Modules
|
No Co-requisite modules listed |
Additional Requisite Information
|
No Co Requisites listed
|
Indicative Content |
Wired and Wireless LAN Security:
Endpoint vulnerabilities and protective measures, Layer 2 vulnerabilities and security measures, Switch security features (e.g. Port Stealing, Switch flooding, storm control), rogue Access Points and devices, man-in-the-middle attacks
|
Authentication, Authorisation and Accounting (AAA):
Local and server based authentication, server based authorisation and accounting (e.g. RADIUS and TACACS+). Network Access Control (NAC), IEEE 802.1X
|
Firewalls:
Review ACLs, Configure firewalls, Implement and evaluate stateless, stateful, circuit-level, application and next gen firewalls (zone-based policy firewalls, IP tables), Context-based Access Control (CBAC), DMZ
|
IDS & IPS
IDS v IPS, Types of IPSs (e.g. Pattern-based detection, Anomaly-based detection, Policy-based detection, Honey pot-based detection), IPS Evasion Techniques (e.g. Evader: Encryption and Tunnelling, Timing Attacks, Resource Exhaustion, Traffic Fragmentation, Protocol-level Misinterpretation), Anti-evasion countermeasures
|
Log File and Traffic Analysis:
Read, translate and analyse logs generated for event; Traffic monitoring and analysis, Tools (e.g. Kibana, Sguil & Wireshark)
|
Module Content & Assessment
|
Assessment Breakdown | % |
Continuous Assessment | 50.00% |
Project | 40.00% |
Practical | 10.00% |
AssessmentsFull Time
No End of Module Formal Examination |
Reassessment Requirement |
Repeat examination
Reassessment of this module will consist of a repeat examination. It is possible that there will also be a requirement to be reassessed in a coursework element.
|
SETU Carlow Campus reserves the right to alter the nature and timings of assessment
Module Workload
Workload: Full Time |
Workload Type |
Workload Category |
Contact Type |
Workload Description |
Frequency |
Average Weekly Learner Workload |
Hours |
Lecture |
|
Contact |
No Description |
12 Weeks per Stage |
2.00 |
24 |
Laboratory |
|
Contact |
No Description |
12 Weeks per Stage |
2.00 |
24 |
Estimated Learner Hours |
|
Non Contact |
No Description |
15 Weeks per Stage |
5.13 |
77 |
Total Weekly Contact Hours |
4.00 |
Module Resources
|
Supplementary Book Resources |
---|
-
Marco Alamanni. (2015), Kali Linux Wireless Penetration Testing Essentials: Plan and execute penetration tests on wireless networks with the Kali Linux distribution, Packt Publishing, [ISBN: 1785280856].
-
J. Michael Stewart,Denise Kinsey. (2020), Network Security, Firewalls, and VPNs, 6th Edition. Pearson, Jones & Bartlett Learning, p.500, [ISBN: 1284183653].
-
Vivek Ramachandran. (2015), The Network Security Test Lab: A Step-by-Step Guide, 1st Edition. Wiley, [ISBN: 978-1118987].
| This module does not have any article/paper resources |
---|
This module does not have any other resources |
---|
|