CIS 193A, UNIX/Linux Host Security

Spring 2012

CIS193 Home

Calendar

Outline

Course Syllabus

Course & Title
CIS 193A UNIX/Linux Host Security

Department
Computer Information Systems

Meeting Times
Tue 5:30 - 9:35, Section 75614

Location
Room 2501

Instructor
Jim Griffin

Description

Students will learn about the issues and resources available to secure UNIX/Linux Systems. Operating system security mechanisms as well as open source auditing, attack, and defense tools will be covered. Topics include password cracking, authentication and access controls, file encryption, firewalls, intrusion detection, logging, and process accounting.

Units
2

Prerequisites
CIS 90, CIS 191

Recommended Preparation
CIS 175

Course Policy

This is an 8-week course covering the securing of a Linux host system, whether it be a server or a workstation. It develops the principles of Information Assurance and focuses on the threats, vulnerabilities and safeguards that can be applied to any host computer in a networked environment. The outcomes of this course are the following skills:

Be able to assess the inherent vulnerabilities of a system and suggest a variety of safeguards that can be applied to reduce the associated risks.
Use system logs and auditing techniques to validate the integrity of a host system and to identify compromises in its security.
Implement safeguards to prevent, detect, avert and recover from damages due to breaches in security.

This is a "hands-on" course designed to give you skills in configuring and operating a wide range of security software both at the operating system level as well as the application level. The more time you can spend with the software, the better you will develop those skills, which are in high demand by todays IT employers. To work effectively in the classroom, you will need to practice the various skills we learn in the virtual lab environment, which is accessible from the CTC as well as online via the cislab.cabrillo.edu Remote desktop Server. You are expected to put in a minimum of 4 hours per week on the lab assignments.
Please note that room 2501 is shared with other instructors teaching a variety of classes. To accommodate such a variety, we will be using virtual Linux machines in this class running in the VMware vCenter environment. Each of you will be responsible for your own virtual systems, and will have access to them both in and out of class.
The class time of 4 hours will be utilized with the first two hours being an overview of the objectives of the day, an introduction to the concepts involved, and inclass exercises done on the virtual machines. The last two hours will be recorded and will include demonstration of the inclass activities as well as an introduction to the lab of the week. These recordiing will be available through CCC Confer beginning the following Wednesday morning.
Most of the course materials (including this syllabus) are located on my website. You are responsible for reviewing these documents as necessary throughout the semester.

Textbook Information

There is no one good textbook that covers all the different aspects of computer security, although some try. I'm recommending any of the following texts, but you can get by with the UNIX and Linux System Administration Handbook that was used in CIS 191 and CIS 192A along with the World Wide Web references included in the calendar.

Practical Unix & Internet Security, 3rd edition, by Simson Garfinkel et. al.
It is published by O'Reilly and has an ISBN number of 0-596-00323-4.

Hacking Linux Exposed, 2nd edition by Brian Hatch and James Lee
It is published by McGraw Hill and has an ISBN number of 9-780-07222564-8.

Grading Policy

Grades will be based on a combination of factors including lab exercises, participation in class and/or the Forum, and the final exam. Your grade will be evaluated based upon your ability to demonstrate the skills taught in the course and outlined in the Student Learner Outcomes mentioned above..
Labs
There will be six assigned labs which must be done during time arranged by the student in the CTC or online using the CIS Virtual Lab. These labs will demonstrate your your ability to apply the concepts and principles covered in class to specific scenarios.
Final
The final exam will focus on aspects of host security. It will test your knowledge of what comprises a system audit, and your ability to properly apply safeguards to a Linux system.
Journal/Log
You will keep a journal/log of the work you do in class. The journal aspect of this document will contain notes that you take in class as well as from the reading assignments. The log will be a record of all the changes you make to the computer system to which you will be assigned. This log will document the successful completion of the inclass exercises that we do.
The Pass / No Pass Option
By default you will get a letter grade (A, B, C, D, or F) for this class. However, you may choose to take the class for Pass / No Pass instead. If you take this class with the Pass / No Pass option, to receive a Pass you must complete this class with an average of 70% or more. A No Pass grade is not included on transcripts and is not factored into determining a student's GPA. However, it does count as a failed attempt at the class, which the State is now tracking for repeatability restrictions.
Attendance
This course requires active participation each day of class so it is important for you to attend every class session, arrive on time, and come prepared. Your participation not only enhances your own learning, it benefits other students in the class, especially when the class is doing group work. Your level of participation is reflected in your grade and since you can’t participate if you are not in class, absences will also be reflected in your grade.
Missing Classes
From page 28 of the Cabrillo Catalog:
Absence from class in excess of two weeks will constitute reason for an instructor to withdraw a student from a full-term course. It is the student's responsibility to officially withdraw from classes.
Make a commitment to yourself to attend every class. The worst thing about missing a class is falling behind because you missed a week's worth of material. Missing class is not an acceptable excuse for missing any lecture material or assignments given during that time. Any work missed, must be made up on your time and within one week from the day that you missed. If you know you will be missing more than one class, I suggest you take the course for Credit/NoCredit. If you miss more than two classes, I will drop you from the course enrollment unless prior arrangements have been made and agreed to.

Help

We all have different study habits. Let me know if there is something I can do regarding the organization of this course that would help you learn the material better.
Please don't hesitate to see me if you need some help, have some questions, or just want to talk. You can speak with me after class or during my office hours. If you can't come during my scheduled hours I am happy to try to arrange another time for us to meet. You can call me at any time, my number is 477-3539. If I am not in, please leave a message letting me know what are the best times to call you back.
I encourage students with disabilities, including "invisible" disabilities such as chronic diseases, learning, and psychological disabilities, to explain their needs and appropriate accommodations to me as soon as possible after class or during my office hours. As required by the Americans with Disabilities Act (ADA), accommodations are provided to insure equal opportunity for students with verified disabilities. If you need assistance with an accommodation, please contact Disabled Student services, Room 810, 479-6379, or Learning Skills Program Room 1073, 479-6220 To best help you, please bring a verification of your disability from the Learning Skills or DSP&S offices and a counselor or specialist's recommendations for accommodating your needs.

Other Places for Help

The Writing Center
A student who needs assistance in solving specific writing problems may drop in to receive individual help. Students should bring the paper or assignment with them. Interested persons may receive more information at the center, building 1000 (enter on opposite side of library), or by calling 479-6319.
Tutorial Center
The Tutorial Program offers individual and group assistance to students served by EOPS, Disabled Students Program and Services (DSPS), Migrant Education Teacher Preparation Program (METPP) or who are enrolled in certain vocational majors and have academic disadvantages. Interested persons may receive more information at the center, building 1000 (enter on opposite side of library), or by calling 479-6470 or 479-6126.
Disabled Students Program and Services
The Disabled Students Program and Services (DSPS) offers a variety of services to enable students with disabilities to function independently in the educational environment. The objective of DSPS services is integrate students with disabilities into general campus programs and activities. Interested persons may receive more information at the center, room 800, or by calling 479-6379 or 479-6370.
Learning Skills Program
The Learning Skills Program is designed to serve students with specific learning disabilities. After an initial interview, individual diagnostic testing is conducted to determine if the student is considered appropriate for this program. Interested persons may receive more information by calling 479-6220 or 479-6224.
Counseling
Counselors are committed to providing students with up-to-date information and informed advice regarding their educational and career goals. For more information or to set up an appointment, call 479-6274.