Cybersecurity Learning Objectives and Prerequisite Knowledge

datascience
education
cybersecurity
algorithm
comp

#42

Thanks for sharing.

I think trying to participate in the Project Management course at USF is a waste of money, will drain my energy, passion, and possibly make me more stupid. The Data Networks, Systems, and Security class still doesn’t have any material on the second day of an 8 week semester. What a joke… It’s really a shame to consider how much time, energy, and excitement I put into applying for and starting this program, only to discover its complete shit. You would think this guy is teaching an elementary school class.

No more intellectual baggage for me.

I can only imagine how frustrating it is to work with other people like this…

EDIT: My bad though, I have too high of expectations and I am a wishful thinker. Listening to the second module on people-related mistakes. These videos are from 2013, lol. I suppose some old knowledge is still relevant. I was hoping for something newer and more cutting edge. I’m on the fence of dropping the classes before drop/add date to save myself from debt, but it could be advantageous to just go through the motions, get the degree, and I can always take free online classes with better quality afterwards. Or, I think if I repay my loan, I think I can get another loan so I can do another masters program at a better University or shoot for a PhD. It is kind of interesting that the federal loans give us more funds for food/housing than tuition. You already know what that entails… LOL… SMASH THOSE GAINS! hahaha


#43

No IP protection on this course, and still no course material, but I was able to start a discussion (Project Management success, hehe, thanks so much for the pub practice) and a lady got in touch with the professor via email. Apparently none of us are “registered”. We think they loaded the wrong shell for this “canvas”. Anyway, the university is working on the problem…

EEL 6935 - DATA NETWORKS, SYSTEMS, AND SECURITY
Summer 2018
Objectives
The objective of this course is to provide a technical and operational introduction to data/computer
communication networks. Students will acquire a basic understanding of networking components
and how they interact. This material will provide a basis for learning how to install, configure,
maintain, upgrade, and troubleshoot networks.
The course is comprised of a series of modules and will include assignments/projects, quizzes, and a
final exam. The course will start with an overview of database management and operating system
technologies (which play a vital role in network operation and security). Key concepts and
technologies in data networks will then be introduced, including layered architectures and
topologies. Subsequently, the main elements in information technology networking will be detailed,
including routers, switches, gateways, servers, workstations, and storage devices. Higher-level
protocols and monitoring tools for packet switching networks using these elements will then studied
(including data transport and address/naming). The course will then address applied topics in
network management and performance optimization, as well as troubleshooting and congestion
control. Finally, the study will conclude with a look at network security issues, including encryption,
authentication, firewalls and intrusion detection, security management tools, and threat scenarios.
Instructor
Prof. Nasir Ghani, Electrical Engineering, USF Tampa
Email: nghani@usf.edu
Teaching Assistant
Farooq Shaikh, Electrical Engineering, USF Tampa
Email: fshaikh@mail.usf.edu

Prerequisites
This course is open to students in all majors/disciplines. Basic familiarity with computers and
networking applications is expected.
Office Hours
Whenever generally available or by appointment
Main Course Text
 A. Tanenbaum, D. Wetherall, Computer Networks: 5th Edition, Prentice Hall Publishers, New
York, NY, 2010 (ISBN: 0132126958, 978-0132126953).
 J. Kurose, K. Ross, Computer Networking: A Top-Down Approach (6th Edition), Pearson
Publishers, Boston, MA, 2013 (ISBN: 0132856204, 978-0132856201). Can also use 7th Edition.
Additional Reference Texts
 W. Stallings, Operating Systems: Internals and Design Principles (8th Edition), Prentice Hall
Publishers, 2014 (ISBN: 0133805913, 978-0133805918)
 A. Silberschatz, P. Galvin, G. Gagne, Operating System Concepts (9th Edition), Wiley
Publishers, New York, NY, 2013 (ISBN: 0470128720, 978-0470128725)
 R. Elmasri, S. Navathe, Fundamentals of Database Systems (6
th Edition), Addison-Wesley
Publishers, Boston, MA, 2011 (ISBN: 0136086209, 978-0136086208).
Course Outline
Databases and Database Management Systems
 Basic database concepts, including indexing, inference, aggregation, poly-instantiation
 Structure and operation of relational data and NoSQL models
 Object-based and object-oriented languages
 Access matrix and access modes database security models
 Database security and management vulnerabilities (from passwords, user privileges and
escalations, SQL injections, buffer overflows, DoS, unencrypted data, etc)
 Properties and use of hash functions, encryption principles for database management
 Access control methods (discretionary, mandatory, and role-based) including DAC, MAC,
RBAC, Clark-Wilson
 Distributed multi-tiered applications for data/information flow management.
 Inference and aggregation attacks
Operating Systems Concepts
 Program execution via processes and threads (process control blocks, thread control blocks)
 Memory management schemes (real, virtual). Concepts in file system interfaces (access,
sharing, protection, directories, and file system mounting) and implementation (structure,
directories, allocation, free space management, performance and recovery)
 Access control models and mechanisms, including access control lists
 Security breaches (confidentiality, integrity, or availability) and denial of service. Program
and system threats (Trojan horses, backdoors, logic bombs, overflows, viruses, worms)
 Virtual machines and managers (hypervisors) to support multiple guest operating systems
 Resource access control for programs/processes/users. Privileged and non-privileged states
for kernels and applications.
 Operating system protection/security measures (encryption, authentication, key distribution)
 Security design principles and their application (including domain separation, process
isolation, resource encapsulation, least privilege)
Networking Overview, Media, and Architectures
 Concepts, technologies, and components in communications and data networks, including
hardware and software (protocol) systems.
 Network types (WAN, LAN, SAN, WLAN, etc) and OSI reference model
 Internet and network media overview. Network architectures for client needs, role of
topologies (bus, ring, star, tree, mesh)
IT System Components, Network Devices and Services
 Key information technology system elements (workstations, servers, and peripherals),
network storage device functions
 Networking devices and roles, including routers, switches, gateways, guards, CDS, VPNs,
and firewalls
 Intrusion detection (IDS) and intrusion prevention systems (IPSs) for network defense
 Mobile devices and their roles in building network services
Network Technology and Protocols
 Networks infrastructure planning and operation
 Network protocol and roles (IPv4/v6, DNS, HTTP, SSL, TLS), network addressing
(including sub-netting and translation)
 Packet-switched data networks and role of Internet transport protocols suite (TCP, UDP)
 Network and packet trace analysis methodologies
Network Management
 Network monitoring and mapping tools, network monitoring to identify performance and
connectivity issues
 Network performance optimization and troubleshooting strategies. System documentation
for configuration management
 Network evolution and change management, including BYOD and MDM
 Remote and distributed network management concepts, use of distribution servers
 Congestion control methods (reactive and proactive), resource efficiency and fairness
 Network routing design (including link-state and distance vector protocols)
Overview of Network Security Issues
 Security vulnerabilities and objectives (authorizations, perimeters, risk assessment,
accountability, incident response)
 Network security systems and building blocks (encryption, authentication, intrusion
detection, security management tools, and firewalls, IPSec)
 Wireless LAN security issues, such as WEP key security, sniffing, denial of service (DoS),
bluesnarfing and bluejacking, evil twin, and war driving
Grading Schemes
Quizzes: 70%
Projects: 30%
Quizzes and Final Exam
Students will be required to complete a series of quizzes after completing each module. All quizzes
will be conducted in an on-line manner and will be of fixed time duration. Only one attempt will be
allowed for each.
Homework/Projects
Some project assignments will also be given and are intended to help students develop their
knowledge and practical skills. These projects will be given at least one week in advance of their
due date. Late submissions will only be accepted under exceptional circumstances (please do your
best to notify the instructor beforehand if you cannot submit on time).
Reading
The lectures and slides are intended to explain and supplement the textbook. In order to properly
learn the material and get the most out of the course, students are required to read the suggested
materials regularly and preferably before viewing the lectures.
Special Circumstances
Students should notify the instructor as early as possible regarding any special conditions or
circumstances which may affect their performance (e.g., medical emergencies, family
circumstances, etc). In addition, in case of a wider emergency, the university may choose to
maintain delivery of instruction and course materials via other methods such as Canvas, Elluminate,
Skype, email messaging, or an alternate schedule. Therefore students are expected to monitor
Canvas for any course-specific communication, as well as the main USF, College, and department
websites, emails, and MoBull messages for important general information.
Academic Integrity and Ethics
Students are expected to be fully aware of the University’s policies on student conduct and academic
integrity (please refer to Undergraduate Catalog for complete details). It is unethical to copy or
modify someone else’s work and represent it as your own. Plagiarism, cheating, and other forms of
academic dishonesty are not allowed and will not be tolerated. This includes copying
homework/project/exam information and also providing homework/project/exam information for
copying. All open source software used for project development purposes must be appropriately
cited/acknowledged. Violation of this policy will result in the assignment of a failing grade.


#44


#45

EEL6935.300U18 Data Networks Syst & Security

About Module 1
Databases and Database Management Systems
Module Introduction
This module provides a concise overview of modern database technologies. The key concepts and terminologies are first introduced, followed by a look at security concerns and access control methods.

Learning Outcomes
At the end of this module you should know:

Understand and explain basic database concepts, including indexing, inference, aggregation, and poly-instantiation.
Outline the structure and operation of the relational data and NoSQL models.
Describe the properties of constraints and triggers in SQL.
Distinguish between object based and object oriented languages.
Contrast the structures, objects and subjects of the Access Matrix and Access Modes database security models.
Explain common database security and management vulnerabilities such as those in passwords, user privileges and escalations, SQL injections, buffer overflows, broken configuration, failure to apply patches, DoS, storage/ transmission of unencrypted data.
Identify the general properties of hash functions.
Describe the basic principles of encryption and how they are applied in database management.
Compare commonly used discretionary, mandatory, and role-based access controls (e.g., DAC, MAC, RBAC, Clark-Wilson).
Describe the uses of distributed multi-tiered application in managing data/information flow between system components.
Identify how inference and aggregation attacks operate for collecting sensitive information.


#46

M1 Readings
About Module 1icon-readings-cnt5004-cnt6215.pngREAD
Optional reading from reference texts:
Review following on-line sources:

Part 1: Key Database Concepts

Data Architecture Overview and Design

http://en.wikipedia.org/wiki/Database_design (Links to an external site.)Links to an external site.

Centralized Database (Features, Advantages, Disadvantages)

http://en.wikipedia.org/wiki/Centralized_database (Links to an external site.)Links to an external site.

DBMS Data Schemes

http://www.tutorialspoint.com/dbms/dbms_data_schemas.htm (Links to an external site.)Links to an external site.

Database Indexing

http://en.wikipedia.org/wiki/Database_index (Links to an external site.)Links to an external site.

Database Hashing

http://www.tutorialspoint.com/dbms/dbms_hashing.htm (Links to an external site.)Links to an external site.

Part 2: Relational and Object-Based Databases

Relational Data Model

http://en.wikipedia.org/wiki/Relational_model (Links to an external site.)Links to an external site.

Relational Algebra and operators

http://www.tutorialspoint.com/dbms/relational_algebra.htm (Links to an external site.)Links to an external site.

Entity-Relationship (ER) Model’s

http://www.tutorialspoint.com/dbms/er_model_basic_concepts.htm (Links to an external site.)Links to an external site.

Object-Relational Databases

http://en.wikipedia.org/wiki/Object-relational_database (Links to an external site.)Links to an external site.

Object-Relational Model (optional)

http://www.learn.geekinterview.com/it/data-modeling/object-relational-model.html (Links to an external site.)Links to an external site.

Part 3: SQL and NoSQL Models

SQL Components

http://www.sqa.org.uk/e-learning/SoftDevRDS04CD/page_02.htm (Links to an external site.)Links to an external site.

Data Definition and Creation Operators

http://www.tutorialspoint.com/sql/sql-drop-database.htm (Links to an external site.)Links to an external site.

Data Manipulation Statements and Syntax

http://dev.mysql.com/doc/refman/5.0/en/sql-syntax-data-manipulation.html (Links to an external site.)Links to an external site.

SQL Join Operators

http://en.wikipedia.org/wiki/Join_(SQL) (Links to an external site.)Links to an external site.

SQL Constraints

http://www.tutorialspoint.com/sql/sql-constraints.htm (Links to an external site.)Links to an external site.

Not Only SQL (No-SQL) Model

http://en.wikipedia.org/wiki/NoSQL (Links to an external site.)Links to an external site.

http://www.couchbase.com/nosql-resources/what-is-no-sql (Links to an external site.)Links to an external site.

XML Language

http://en.wikipedia.org/wiki/XML (Links to an external site.)Links to an external site.

Part 4: Database Security Concerns

Polyinstantiation

http://en.wikipedia.org/wiki/Polyinstantiation (Links to an external site.)Links to an external site.

Database Security

https://en.wikipedia.org/wiki/Database_security (Links to an external site.)Links to an external site.

Access Control Matrix

http://en.wikipedia.org/wiki/Access_Control_Matrix (Links to an external site.)Links to an external site.

M1 Videos