Network Security (Distance Learning)

Please note

This document only provides information for the academic year selected and does not form part of the student contract

School:

School of Computing and Engineering

Credit Rating:

Level (including FHEQ):

M (FHEQ Level 7)

Graded or Non Graded:

Graded

Version Valid From:

2023-09-01

Module Leader:

Rupak Kharel

Version Number

2023.04

Learning Methods

Guided Independent Study

Synopsis

Upon completion of this module, you will acquire a thorough understanding of the security attacks that may threaten wired and wireless networked systems and how these attacks are possible, usually by exploiting vulnerabilities in the design, implementation, or operation of network protocols. You will explore several key network security techniques, such as IP security and network authentication protocols, and gain an understanding of how these techniques protect networks. You will also learn how to identify security vulnerabilities in enterprise networks and propose sophisticated secure designs to face such threats.

Learning Strategy

The University’s Virtual Learning Environment will be used to support distance learners throughout their learning experience, providing key ideas and themes through lecture content, and a variety of asynchronous activities. Substantive issues will be presented through case studies and research papers. Wherever possible, issues will be related to the students’… For more content click the Read More button below.

Outline Syllabus

Introduction to network security: security services and network protocols vulnerabilities Authentication: basic and network authentication protocols, Needham–Schroeder, Kerberos, Secure Shell (SSH) Access Control: network access control mechanisms, access control lists. Transport layer security (TLS, aka SSL): SSL record protocol, SSL handshake IPsec and virtual private network (VPN): transport and tunnel… For more content click the Read More button below.

Introduction to network security: security services and network protocols vulnerabilities
Authentication: basic and network authentication protocols, Needham–Schroeder, Kerberos, Secure Shell (SSH)
Access Control: network access control mechanisms, access control lists.
Transport layer security (TLS, aka SSL): SSL record protocol, SSL handshake
IPsec and virtual private network (VPN): transport and tunnel mode, encapsulating security payload (ESP), network address translation (NAT)
Firewalls: packet filtering firewall, stateful inspection firewall, application-level gateway, demilitarised zone (DMZ).
Intrusion detection systems (IDS): signature-based IDS, anomaly detection-based IDS
Wireless networks security: IEEE 802.11 security weaknesses, Wi-Fi protected access (WPA 2 and WPA3)

Learning Outcomes

On successful completion of this module students will

Formulate a systematic understanding of knowledge, and critical awareness of current network security challenges and how they are mitigated by security protocols.

Demonstrate originality in the application of practical knowledge and critical evaluation of a given scenario.

Explain and critically analyse a variety of security attacks and propose appropriate security mechanisms to detect and prevent such attacks.

Satisfactorily resolve complex issues and make sound judgment such as assessing vulnerable enterprise network to determine security implications, including mitigation actions.

Communicate conclusions and work to specialist and non-specialist audiences.

Demonstrate self-direction and originality in tackling and solving problems, including autonomously planning and implementing tasks at a professional level.

Formative Assessment

Assessment 1: Focused classwork observations

Description:Students will undertake a series of formative exercises through the University’s Virtual Learning Environment. These exercises will complement the theoretical concepts studied in the lecture sessions. Feedback and guidance will be provided for these tasks. Feedback will be offered on summative assessment tasks prior to submission during scheduled practical labs.

Individual or Group:Individual

Summative Assessment

Assessment 1: Written Assignment

Description:The students will be given a scenario of a multi-site enterprise network design that includes several vulnerabilities. The students, working individually, should produce a risk assessment by identifying the potential security vulnerabilities and the attacks that may exploit them. They should also propose a secure network design to protect the enterprise network against the identified threats.

Assessment Weight:100

Assessment Length:3000 Words (Word Count)

Module Learning Outcomes:MLO1, MLO2, MLO3, MLO4, MLO5, MLO6

Individual or Group:Individual

Final Assessment Component:Yes

Marked Anonymously:No

Eligible for Tutor Reassessment:Yes

Assessment Criteria

Clearly explain and justify the identified security vulnerabilities.Correctly map each identified vulnerability to a distinct security attack that may exploit it, and accurately describe the attack.Demonstrate and critically justify the selection of appropriate security countermeasures to mitigate the above attacks.

Course and Module Catalogue