Instructor
|
Prof. Dr. Kashif Javed
PhD
University of Engineering and Technology (UET), Lahore, Pakistan
|
|
Introduction to the Course
Definition Of Computer Security
Impact Of A Security Breach
Challenges Of Network Security
The OSI Security Architecture
Security Attacks
Security Services: Authentication, Access Control
Security Services: Data Confidentiality, Data Integrity, Nonrepudiation
Security Mechanisms
A Model For Network Security
Basics Of Symmetric Encryption
Cryptanalysis
Fiestel Cipher Structure
Data Encryption Standard (DES)
Triple DES
Advanced Encryption Standard (AES)
The Use of Random Numbers
Pseudorandom Numbers
Stream Cipher Structure
The RC4 Algorithm
Electronic Codebook and Cipher Block Chaining Modes
Cipher Feedback Mode
Counter Mode
Message Authentication with and without Encryption
One-way Hash Function
Hash Function Requirements
Simple Hash Functions
The Secure Hash Function (SHA)
HMAC and its Design Objectives
HMAC Algorithm
Cipher-Based Message Authentication Code
Counter with Cipher Block Chaining-Message Authentication Code
Public-Key Encryption Structure
Applications and Requirements for Public-Key Cryptosystems
The RSA Public- Key Encryption Algorithm
Diffie-Hellman Algorithm
Key Exchange and Man-in-the-Middle Attack
Digital Signature Standard (DSS)
Elliptic-Curve Cryptography (ECC)
Digital Signatures
Symmetric Key Distribution Using Symmetric Encryption
What is Kerberos?
A Simple Authentication Dialogue
A More Secure Authentication Dialogue
The Version 4 Authentication Dialogue
Rationale For The Elements Of The Kerberos Version 4
Kerberos Realms And Multiple Kerberi
Differences Between Kerberos Versions 4 And 5
The Version 5 Authentication Dialogue
Public-Key Certificates
Public-Key Distribution of Secret Keys
Certificates of X.509 Certificates
Obtaining And Revoking A User’s Certificate
X.509 Version 3
Elements of Public Key Infrastructure X.509 (PKIX)
PKIX Management Functions and Protocols
Identity Management Architecture
Federated Identity Operation
Federated Identity Scenarios
Elements of Network Access Control
Network Access Enforcement Methods
Introduction to Extensible Authentication Protocol (EAP)
EAP Protocol Exchanges
Introduction to IEEE 802.1X Port- Based Network Access Control
Working of IEEE 802.1X Port-Based Network Access Control
Cloud Computing and its Elements
Cloud Computing Reference Architecture
Cloud Security Risks And Countermeasures
Data Protection In The Cloud
Cloud Security As A Service
Web Security Considerations
Secure Sockets Layer (SSL) Architecture
SSL Record Protocol
Change Cipher Spec Protocol: An SSL specific Protocol
Phase 1 of SSL Handshake Protocol
Phase 2 of SSL Handshake Protocol
Phases 3 and 4 of SSL Handshake Protocol
TLS Authentication Code and Pseudorandom Function
Alert Codes and Cipher suites Supported by TLS
HTTPS
Introduction to Secure Shell (SSH)
SSH Transport Layer Protocol
SSH User Authentication Protocol
SSH Connection Protocol
SSH Tunneling
Introduction to Wireless Security
Wireless Network Threats and Security Measures
Basics of Mobile Device Security
Mobile Device Security Strategy
Introduction to IEEE 802.11 Wireless LAN
IEEE 802 Protocol Architecture
IEEE 802.11 Services
Introduction to IEEE 802.11i WLAN Security
IEEE 802.11i Phases of Operation
Discovery Phase of IEEE 802.11i
Authentication Phase of IEEE 802.11i
Key Management Phase of IEEE 802.11i
Protected Data Transfer Phase of IEEE 802.11i
The IEEE 802.11i Pseudorandom Function
Introduction to Pretty Good Privacy (PGP)
PGP Authentication Service
PGP Confidentiality Service
PGP Compression and E-Mail Compatibility
PGP Cryptographic Keys
PGP Key Rings
Approaches to Public Key Management
PGP Trust Model
Multipurpose Internet Mail Extension (MIME)
MIME Content Types
MIME Transfer Encodings
S/MIME Functionality
S/MIME Messages
S/MIME Certificate Processing
Internet Mail Architecture
E-mail Threats
DomainKeys Identified Mail Strategy
Introduction to IPsec
Applications and Benefits of IPsec
IPSec Security Association Database
IPSec Security Policy Database
IP Traffic Processing
ESP and its Packet Format
Encryption & Authentication Algorithms
Transport and Tunnel ESP Modes
Combining Security Associations
Internet Key Exchange (IKE)
IKEv2 Exchanges
IKE Header and Payload Formats
Types Of Malicious Software
Nature of Viruses
Virus Structure
Viruses Classification
Antivirus Approaches
Digital Immune System
Behavior-Blocking Software
Introduction to Worms
Worm Propagation Model
Proactive Worm Containment
Network-Based Worm Defense
Distributed Denial of Service Attacks
Types of Flooding-Based DDoS Attacks
Recent Forms of Malware Attacks
Intruders
Intrusion Techniques
Basics of Intrusion Detection
Statistical Anomaly Detection
Rule-Based Intrusion Detection
Distributed Intrusion Detection
Honeypots
Password Protection
Password Selection Strategies
Basics of Firewalls
Packet Filtering Firewall
Weaknesses of Packet Filter Firewalls
Stateful Inspection Firewalls
Application and Circuit-Level Gateways
Firewall Basing
Demilitarized Zone (DMZ) Networks
VPNs and Distributed Firewalls
Host-Based and Personal Firewalls
Configure Routers for Syslog, NTP, SSH
Configure AAA Authentication on Routers
Configure IP ACLs to Mitigate Attacks
Configure Context-Based Access Control
Configure a Zone-Based Policy Firewall
Configure IOS Intrusion Prevention System
Configuring Layer 2 Security
Configuring Layer 2 VLAN Security
Configure & Verify a Site-to-Site IPsec VPN
Configure a Network for Secure Operation-1
Configure a Network for Secure Operation-2
|