CPT 225 - Network Perimeter Security
This course focuses on the design and implementation of network perimeter security. Topics include: threat vectors, encapsulation at OSI layers 2, 3, 4, and 5, packet decoding, static filters, stateful filters, stateful inspection, intrusion detection and prevention, Network Address Translation (NAT), Access Control Lists (ACLs), Virtual Private Networks (VPNs), proxies, border routers, firewall rule bases, web application and database firewalls, securing the OS and services, firewall assessment, vulnerability assessment, baseline audits, forensics, logging, encryption, authentication, VPNs, wireless, network access control, and security tools. Three class hours, two laboratory hours.
Prerequisite: CPT 120
Course Learning Outcomes
1. Describe how stateful firewalls, proxy firewalls, security policies, and routers are used to implement network security.
2. Configure Virtual Private Networks.
3. Describe how intrusion detection can be used for network defense.
4. Configure network components to implement host hardening and host defense.
5. Describe how intrusion prevention systems can be used for network defense.
6. Implement and appraise various security perimeter designs.
7. Employ subnets and security zones to secure a network.
8. Implement wireless network security.
9. Analyze network security logs.
10. Explain the importance of defense in depth for network security.
Course Offered Fall and Spring