Computer & Network Security
|Credits:||10 (or 5 ECTS credits)|
Overall aims and purpose
To give an understanding of the issues surrounding security in computing, networks and the interconnected world and experience in how to defend their systems against attacks. To expose students to common themes and activities required to secure programs, machines and networks. To give practical experience of the processes and mindset that attackers will use to defeat system security. To present the concept of layered/blended responses.
To differentiate between white and black hat hackers and understand the aims of them.
Definitions and usage of Authentication, Authorisation and Accounting; the weaknesses of various schemes and issues surrounding the storage of data.
Overview of ways in which attacks can be made against networks / computer systems. Methods hackers use to attempt a break in. Wireless networks and their problems
The layered protection model (Onion Response) and methods that allow networks to be protected
Understanding of how encryption works, the two major ‘forms’ of encryption, the provision of confidentiality and integrity guarantees.
Data protection, access to sensitive data and understanding the tactics of social engineers
Learning outcomes mapped to assessment criteria
Understand the background to hacking and cracking and the popular terms used
|Can explain the terms black hat and white hat hackers||Can also explain the difference between cracking and hacking||Can explain in detail the culture and motivations of the aforementioned people|
Explain the ‘3 As’ and their appropriate applications within a business and technical context.
|Can understand the terms social engineering and data protection and what issues arise form both||Explain policies involved in ensuring data is handled correctly||Can give clear examples of all points and explain their desired outcomes|
Explain networks/computer systems vulnerabilities
|Can demonstrate an understanding of how both work and implement in basic terms||Can show the ability to select methods based on the advantages they offer||Can develop an efficient program / algorithm.|
Understand layered Network protections, the rationale for using them and the popular terms used
|Can explain the possible vulnerabilities networks or systems can have||Be able to describe several tools used for discovering problems||Explain how using these tools could help the administrator secure their system|
Explain the basic principles of encryption, confidentiality and integrity.
|Can explain the terms firewalls and IDS and how they differ||Able to display a deeper knowledge of the two’s functionality and abilities||Can give examples of how both would work together in a network|
Understand Computer Ethics & Social Engineering
|Can explain filesystem storage and how files are deleted||Able to highlight how data can be rescued once deleted||Explain ideas on how data can be permanently destroyed|
Authentication Laboratory Exercises
E-mail Encryption & Logs Laboratory.
Web Application Exploits Laboratory.
Secure Network Design Laboratory.
Teaching and Learning Strategy
24 hours over 12 weeks including lab preparation
24 hours over 12 weeks
- Literacy - Proficiency in reading and writing through a variety of media
- Numeracy - Proficiency in using numbers at appropriate levels of accuracy
- Computer Literacy - Proficiency in using a varied range of computer software
- Information retrieval - Able to access different and multiple sources of information
- Critical analysis & Problem Solving - Able to deconstruct and analyse problems or complex situations. To find solutions to problems through analyses and exploration of all possibilities using appropriate methods, rescources and creativity.
- Presentation - Able to clearly present information and explanations to an audience. Through the written or oral mode of communication accurately and concisely.
- Teamwork - Able to constructively cooperate with others on a common task, and/or be part of a day-to-day working team
- Argument - Able to put forward, debate and justify an opinion or a course of action, with an individual or in a wider group setting
Subject specific skills
- Knowledge and understanding of facts, concepts, principles & theories
- Use of such knowledge in modelling and design
- Problem solving strategies
- Analyse if/how a system meets current and future requirements
- Deploy theory in design, implementation and evaluation of systems
- Recognise legal, social, ethical & professional issues
- Knowledge of information security issues
- Specify, design or construct computer-based systems
- Deploy tools effectively
- Methods, techniques and tools for information modelling, management and security
- Knowledge of systems architecture
- Defining problems, managing design process and evaluating outcomes
- System Design
- Knowledge and/or understanding of appropriate scientific and engineering principles
- Knowledge and understanding of mathematical principles
- Specify, deploy, verify and maintain computer-based systems
- Principles of appropriate supporting engineering and scientific disciplines
Pre- and Co-requisite Modules
Courses including this module
Compulsory in courses:
- NG10: BA Business and Computer Information Systems year 3 (BA/BCIS)
- I110: BSc Computer Information Systems year 3 (BSC/CIS)
- IN00: BSc Computer Information Systems for Business year 3 (BSC/CISB)
- G400: BSC Computer Science year 3 (BSC/CS)
- GN41: BSC Computer Science for Business year 3 (BSC/CSFB)
- I102: BSc Computer Science (with International Experience) year 4 (BSC/CSIE)