Course Code: ISSC344 Course ID: 4399 Credit Hours: 3 Level: Undergraduate
This course is an introductory study of the principles, practices, procedures, and methodologies to provide security on Linux systems. It assesses the security risks, threats and vulnerabilities related to individual and enterprise Linux environments. Course topics include: user privileges and permissions, file systems volumes and encryption and kernel security risk mitigation. Requires CITRIX CLIENT SOFTWARE INSTALLATION FOR ONLINE VIRTUAL LABS accessibility.
|Registration Dates||Course Dates||Session||Weeks|
|08/31/20 - 01/29/21||02/01/21 - 03/28/21||Winter 2021 Session I||8 Week session|
|11/30/20 - 04/30/21||05/03/21 - 06/27/21||Spring 2021 Session I||8 Week session|
The successful student will fulfill the following learning objectives:
CO-1: Analyze the Basic Components of Linux Security
CO-2: Examine Networked File systems and Remote Access
CO-3: Apply security to Networks, Firewalls, and Applications
CO-4: Identify the components in a layered Linux Security Strategy
CO-5: Develop Best Practices for Emerging Technologies
CO-6: Create Testing and Reporting plans
The course has a strong laboratory component. Students must complete a set of interactive lab activities using the online TargetRedHat01 VM environment. The grading will be based on four graded assignments, eight weekly discussion Forum, four interactive laboratory assignments, a project paper in four parts, and one open-book quiz.
- There will be four assignments (5% each) counting a total of 20% of the final grade. The assignments will follow each of the major milestones of the course. These assignments are drawn from Lesson Reviews in the textbook. They are selected to provide the student with information to understand the concepts discussed. Assignments should be prepared in Microsoft Word and uploaded into the student folder by the due date.
- There will be eight weekly discussion Forum you will need to respond to. Answers should be 3-4 paragraphs with a topic sentence that restates the question and supporting sentences using the terms, concepts, and theories from the required readings. Each answer should be a minimum of 250 - 400 words (about 6 to 8 good sentences). You may attack, support or supplement other students’ answers using the terms, concepts and theories from the required readings. All responses should be a courteous paragraph that contains a topic sentence with good supporting sentences. You may respond multiple times with a continuous discussion with points and counter points. The key requirement is to express your idea and then support your position using the terms, concepts and theories from the required readings to demonstrate to me that you understand the material. The Forum postings will count as 24% (3% for each discussion posting) of the final grade.
- There will be four interactive laboratory assignments throughout the course (28%). These labs are important activities, and are contained in the lab manual accompanying the textbook. Students follow the lab procedures described in the Lab manual. The lab manual is available in electronic form for students to download.
- There will be a term paper in four parts (topic, outline, presentation, and paper) which counts as 20% of the final grade.
- There will be a one hour long and non-proctored quiz in Week 8 which counts as 8% of the final grade. It will be a combination of multiple-choice and true-false and will be open book and open notes.
All assignments, interactive labs, Forum question responses, and the quiz are due by 11:55 PM Eastern Time on Sunday of the week assigned.
Project Paper (Topic, Outline, PowerPoint Presentation, and Paper) Topics:
Week 1: Topic selection due
Week 3: Outline due
Week 6: PowerPoint Presentation due
Week 7: Paper due
The paper may be of type:
- Traditional narrative (on a subject related to open-source (Linux) security)
- Case study (analysis, design, or implementation of a security aspect of Linux)
A list of suggested topics will be provided to the students via class announcement (in Week 1)
Project Paper Topic (Due at end of Week 1)
Instructions: Only the topic is due at the end of Week 1. Submit a topic related to data and image file forensic investigation to the Project Paper Topic area in this format:
Name: (enter your name)
Topic: (enter your proposed related topic)
Submission Instructions: You are required to write a 10-page research paper on a topic of your choosing, related to the course concepts. Your topic must be submitted for approval by the end of Week 1. Please submit the topic via Sakai in the assignment section and not email.
Project Paper Outline (Due at end of Week 3)
Instructions: You must submit an outline for my review by the end of Week 3. It must include a detailed outline of topics and subtopics, as well as an annotated bibliography for 5-7 peer-reviewed source references.
Submit your completed outline to the Project Paper Outline Assignment area by 11:55 PM ET Sunday of Week 3.
Submission Instructions: You are required to write a 10-page research paper on a topic of your choosing, related to the course concepts. The annotated bibliography must include at least three of the references you will use in your paper, written in APA style, with each one followed by a brief description of the reference. This assignment is only the Outline portion of the Project.
Project Paper PowerPoint Presentation (Due at end of Week 6)
Instructions: A PowerPoint presentation with a minimum of 10 slides outlining the following:
At a minimum include the following:
- Detailed description of the area researched
- Technology involved in the area
- Future trends in the area
- Example companies involved in the area
- Regulatory issues surrounding the area
- Global implications for the area
- References (minimum of 4)
Submission Instructions: You are required to write a 10-page research paper on a topic of your choosing, related to the course concepts. The presentation highlights major areas of the paper. Typically the presentation would be a presentation of what you plan to include in the paper project to ‘sell’ the idea to the executive team or the funding team that would make a final decision whether or not to continue with the project. Submit by 11:55 PM ET Sunday of Week 6.
Project Paper (Due at end of Week 7)
Instructions: You are required to write a 10-page research paper on a topic of your choosing, related to the course concepts. Your final draft is due at the end of Week 7.
Submission Instructions: Be sure your paper meets the following requirements:
You will be required to write one research paper this semester. The specifications are as follows:
- 10 pages (double-spaced), excluding the title page, the abstract page (if included), and the references pages.
- Choose any topic related to the course and write about the latest developments and issues.
- Use at least five references outside of your textbook (you may use your textbook too, but are not required to).
- In addition to the required number of pages for the assignment, you must also include a reference page (bibliography), written in APA style, and a title page. Be sure to give all of your papers a descriptive title.
- You must get your topic approved by the end of Week 1.
- You must provide a 1-page outline of your paper by the end of Week 3. Your outline must include citations to three references (other than your textbook) and a brief summary of at least three references that you will use in your paper.
- At Week 6 you will be working on a PowerPoint presentation highlighting the key points of the paper you are working on.
- Use APA Style formatting in Arial 11 or 12-point font or Times New Roman styles.
- Page margins Top, Bottom, Left Side and Right Side = 1 inch, with reasonable accommodation being made for special situations
- Your paper must be in your own words, representing original work. Paraphrases of others’ work must include attributions to the authors. Limit quotations to an average of no more than 15% of the paper, and use quotations sparingly!
Save the file using the following file naming convention: ISSC344_ProjectPaper_First_Last.doc(x) (where first and last are your first and last names resp.) and submit the file in this assignment area.
This assignment has the embedded TurnItIn feature turned on. When you submit the paper, an originality report will be generated. The report must comply with the acceptable originality criteria displayed in the announcements on Academic Honesty in Week 1 of the course.
Originality report requirements:
- The originality report must be less than 15% match
- No single source shall be above 2%
- Limit the quotations to no more than 20% of your paper
If you don't follow these three requirement instructions you will get a 0 for your project paper assignment. I will give you the chance to rework your papers until an acceptable level of match index is achieved. However at the end of the week if the originality report matches more than 40% you may be subject to academic plagiarism reporting. If the level is 60% or above academic reporting is more than likely to automatically happen.
|Week 1 Forum||3.00 %|
|Week 2 Forum||3.00 %|
|Week 3 Forum||3.00 %|
|Week 4 Forum||3.00 %|
|Week 5 Forum||3.00 %|
|Week 6 Forum||3.00 %|
|Week 7 Forum||3.00 %|
|Week 8 Forum||3.00 %|
|Week 1 Assignment||5.00 %|
|Week 3 Assignment||5.00 %|
|Week 5 Assignment||5.00 %|
|Week 7 Assignment||5.00 %|
|Week 2 Interactive Lab||7.00 %|
|Week 4 Interactive Lab||7.00 %|
|Week 6 Interactive Lab||7.00 %|
|Week 8 Interactive Lab||7.00 %|
|Week 4 Quiz||8.00 %|
|Project Paper||20.00 %|
|Week 1 Project Paper Topic||1.00 %|
|Week 3 Project Paper Outline||3.00 %|
|Week 6 Project Paper Presentation||6.00 %|
|Week 7 Project Paper||10.00 %|
Terpstra, J. et al. (2004). Hardening Linux. New York, New York: McGraw-Hill/Osborne
Siddiqui, S. (2002). Linux Security. Premier Press
Kabir, M.J. (2002). Red Hat Linux Security and Optimization. John Wiley & Sons
Krishnamurthy, M. (2008). How to Cheat at Securing Linux. Singress Publishing
Barret, D., Byrnes, R., Silverman, R. (2003). Linux Security Cookbook. O'Reilly
Schryen, G. (2011). Is Open Source Security a Myth? Communications of the ACM, 54, 5, 130-140
Turnbull, J. (2005). Hardening Linux. New York, NY:Springer-Verlag
Odhner, N. (2005). Security in Open Source Environments. Retrieved from http://www.faulkner.com.ezproxy2.apus.edu/products/securitymgt/
Green, A. (2003). Linux Security. Retrieved from: http://www.faulkner.com.ezproxy2.apus.edu/products/securitymgt/
Mearian, L. (2002). Wall St. leans toward Linux. Computerworld. Retrieved from http://www.computerworld.com/s/article/75271/Wall_St._leans_toward_Linux
Wyk, K. V. (2007). Linux vs. Windows: which is most secure? Retrieved from http://www.esecurityplanet.com/views/article.php/3665801/Linux-vs-Windows-Which-is-Most-Secure.htm
Haas, J. (2011) Linux, the ultimate UNIX. Retrieved from http://linux.about.com/cs/linux101/a/linux_2.htm
Noyes, K. (2010). Why Linux is more secure than Windows. Retrieved from http://www.pcworld.com/businesscenter/article/202452/why_linux_is_more_secure_than_windows.html
LinuxQuestions.org (2010). Sample squid proxy log files. Retrieved from: http://www.linuxquestions.org/questions/linux-server-73/sample-squid-proxy-log-files-837345
Fenzi, K., Wreski, D. (2004). Linux Security HOWTO. Retrieved from: http://www.tldp.org/HOWTO/Security-HOWTO/
Gite, V. (2009). 20 Linux Server Hardening Security Tips. Retrieved from: http://www.cyberciti.biz/tips/linux-security.html
LinuxLinks (2012). 80 of the Best Linux Security Applications. Retrieved from: http://www.linuxlinks.com/article/20080429140249467/Security.html
Chavakin, A. (n.d.). FTP Attack Case Study Part I: The Analysis. Retrieved from http://www.linuxsecurity.com/content/view/117644/49/
Chavakin, A. (n.d.). FTP Attack Case Study Part II: the Lessons. Retrieved from: http://www.linuxsecurity.com/content/view/117696/
Fox, M., Giordano, J., Stotler, L.,Thomas, A. (n.d.). SELinux and grsecurity: A Case Study Comparing Linux Security Kernel Enhancements. Retrieved from: http://www.cs.virginia.edu/~jcg8f/GrsecuritySELinuxCaseStudy.pdf
Cruz, V. (2005). Linux and Security at Salem Hospital: A Case Study. Retrieved from: http://www.linuxjournal.com/article/8014
Harris, S. (2012). Telecommunications and Networking Security. In All-In-One CISSP Exam Guide 6e. Emeryville, California: McGraw-Hill/Osborne.
- Microsoft Office (MS Word, MS Excel, MS PowerPoint)
- Adobe Acrobat Reader (Click here for free download)
- TargetRedHat01 VM and the vWorkstation Virtual environment
Baclit, R., Sicam C., Membrey P., Newbigin, J. (2009). Foundation of CentOs Linux:Enterprise Linux on the Cheap. Apress
Petersen, R. (2008). Linux: The Complete Reference. 6th edition, McGraw-Hill/Osborne
Greiner, L. (2011). Linux-Based Application Development. Retrieved from http://www.faulkner.com.ezproxy1.apus.edu/products/faccts/
Rash, M. (2007). Linux firewalls: attack detection and response with iptables, psad, and fwsnort. [electronic resource], San Francisco: No Starch Press. Available at: http://library.books24x7.com.ezproxy1.apus.edu/toc.asp?bookid=23672
Koconis, D. (2003). Securing Linux: a survival guide for Linux security. Bethesda, MD: SANS Press. Available at http://library.books24x7.com.ezproxy1.apus.edu/toc.asp?bookid=8451
Mookhey, K.K., Burghate, N. (2005). Linux: Security, audit and control features. Rolling Meadows, Ill.: Information Systems Audit and Control Association. Available at: http://library.books24x7.com.ezproxy1.apus.edu/toc.asp?bookid=30839
Sutherland, E. (2012). Protecting NASA from hackers is not rocket science, say analysts. Technewsworld. Retrieved from http://www.technewsworld.com/story/Protecting-NASA-From-Hackers-Is-Not-Rocket-Science-Say-Analysts-74569.html
Harris, S. (2012). Telecommunications and Networking Security. In All-In-One CISSP Exam Guide 6e. Emeryville, California: McGraw-Hill/Osborne.
|Book Title:||ISSC344 virtual lab manual provided inside the classroom|
|Publication Info:||CLASS-Jones & Bartlett|
|Electronic Unit Cost:||$55.00|
|Book Title:||Requires CITRIX CLIENT SOFTWARE INSTALLATION FOR ONLINE VIRTUAL LABS accessibility - instructions provided inside the classroom.|
|Author:||No Author Specified|
|Book Title:||Security Strategies In Linux Platforms And Applications, 2nd ed. - e-book available in the APUS Online Library|
|Publication Info:||Jones & Bartlett - Lib|
|Author:||Jang, Michael / Messier, Ric|
Not current for future courses.