Module Database Search
| MODULE DESCRIPTOR | |||
|---|---|---|---|
| Module Title | |||
| Cisco CCNA Security | |||
| Reference | CMM615 | Version | 2 |
| Created | September 2017 | SCQF Level | SCQF 11 |
| Approved | May 2016 | SCQF Points | 15 |
| Amended | September 2017 | ECTS Points | 7.5 |
| Aims of Module | |||
|---|---|---|---|
| To introduce students to core computer network security technologies, the installation, troubleshooting and monitoring of network devices. To enable students develop the skills necessary to maintain the confidentiality, integrity and availability of data and devices. To enable students develop competency in the technologies that Cisco uses in its security architecture. | |||
| Learning Outcomes for Module | |
|---|---|
| On completion of this module, students are expected to be able to: | |
| 1 | Understand the principles and theory of Secure Network Design. |
| 2 | Analyse the technologies that can be used to protect and secure network devices and LANs against modern security threats.. |
| 3 | Evaluate the technologies that can be used to securely interconnect network systems |
| 4 | Understand the principles and theory of cryptography and methodologies to protect networks from remote attacks. |
| 5 | Utilise appropriate methodologies to build a secure network topology incorporating remote access, authentication and protection to mitigate network attacks. |
| Indicative Module Content |
|---|
| Managing a Secure Network - Principles of Secure Network Design - Security Policy implementation Modern Security Threats - Fundamental principles of securing a network - Attack methodologies and mitigation - Characteristics of Viruses, Worms, Trojan Horses Securing Network Devices - Secure administrative access to devices - Secure management, monitoring and resiliency (syslog, SNMP, NTP) - Security audit tool and auto secure mechanisms Securing Local Area Networks - Endpoint vulnerabilities and protective measures - Layer 2 vulnerabilities (MAC spoofing and overflow attacks, VLAN storms and STP attacks) - BPDU Guard and VLAN Trunk security Cryptography for data confidentiality and - Cryptographic hashes for data integrity and authentication (MD5 and SHA-1) - Cryptographic algorithms for data confidentiality (DES, 3DES, AES) - Public Key Cryptography (PKI) Authentication, Authorisation and Accounting - Local AAA authentication - Server based AAA authentication using TACACS+ and RADIUS protocols Firewall Technologies - Standard and Extended Access Control Lists (ACLs) - Dynamic and reflexive ACLs - Zone-Base Policy Firewalls to mitigate network attacks Intrusion Detection and Prevention Systems - Functions and operations of Intrusion Detection Systems - Functions and operations of Intrusion Prevention Systems (IPS) - IPS signatures and alarms Virtual Private Networks - Remote access and site-to-site VPNs - VPN GRE Tunnels - IPSec VPNS (AH, ESP) |
| Module Delivery |
|---|
| Key concepts are introduced and illustrated through lectures and directed reading. The understanding of students is tested and further enhanced through lab sessions. |
| Indicative Student Workload | Full Time | Part Time |
|---|---|---|
| Contact Hours | 44 | 44 |
| Non-Contact Hours | 106 | 106 |
| Placement/Work-Based Learning Experience [Notional] Hours | N/A | N/A |
| TOTAL | 150 | 150 |
| Actual Placement hours for professional, statutory or regulatory body |
| ASSESSMENT PLAN | |||||
|---|---|---|---|---|---|
| If a major/minor model is used and box is ticked, % weightings below are indicative only. | |||||
| Component 1 | |||||
| Type: | Practical Exam | Weighting: | 50% | Outcomes Assessed: | 1, 2, 3, 4 |
| Description: | Computer-based assessment. | ||||
| Component 2 | |||||
| Type: | Practical Exam | Weighting: | 50% | Outcomes Assessed: | 5 |
| Description: | Hands-on lab exercises. | ||||
| MODULE PERFORMANCE DESCRIPTOR | ||||||||
|---|---|---|---|---|---|---|---|---|
| Explanatory Text | ||||||||
| The calculation of the overall grade for this module is based on equal weighting of C1 and C2 components. | ||||||||
| Practical Exam: | ||||||||
| Practical Exam: | A | B | C | D | E | F | NS | |
| A | A | A | B | B | C | E | ||
| B | A | B | B | C | C | E | ||
| C | B | B | C | C | D | E | ||
| D | B | C | C | D | D | E | ||
| E | C | C | D | D | E | E | ||
| F | E | E | E | E | E | F | ||
| NS | Non-submission of work by published deadline or non-attendance for examination | |||||||
| Module Requirements | |
|---|---|
| Prerequisites for Module | CMM613 or equivalent. |
| Corequisites for module | None. |
| Precluded Modules | None. |
| INDICATIVE BIBLIOGRAPHY | |
|---|---|
| 1 | BARKER and MORRIS, 2012. CCNA Security Official Exam Certification Guide (Exam 640-554), Cisco Press |
| 2 | KIZZA, 2015. Guide to Computer Network Security (Computer Communications and Networks). Springer. |
| 3 | STALLINGS, 2013. Network Security Essentials: Applications and Standards, Stallings. Pearson. |