Nov 15, 2024  
2024 - 2025 Catalog 
    
2024 - 2025 Catalog
Add to Portfolio (opens a new window)

CST 269 - Network Security

Credits: 3
Instructional Contact Hours: 3

Provides an introduction to the core security concepts and skills needed for the installation, troubleshooting, and monitoring of network devices to maintain the integrity, confidentiality, and availability of enterprise data. 

Prerequisite(s): CST 161  and CST 164 .
Corequisite(s): None
Lecture Hours: 15 Lab Hours: 30
Meets MTA Requirement: None
Pass/NoCredit: Yes

Outcomes and Objectives
  1. Describe the security threats facing modern network infrastructures.
    1. Describe network threats.
    2. Explain threat actor tools.
    3. Classify malware.
    4. Describe common network attacks.
  2. Secure Cisco devices.
    1. Secure the edge router.
    2. Configure secure administrative access.
    3. Configure enhanced security.
    4. Configure SSH.
  3. Secure the network infrastructure.
    1. Explain defending the network.
    2. Discuss network security policies.
    3. Categorize security tools platforms and services.
    4. Discuss mitigation of common network attacks.
    5. Explain Cisco network foundation protection network.
    6. Explain assigning administrative roles.
  4. Implement AAA on Cisco routers using a local router database and external AAA servers. 
    1. Explain AAA Characteristics.
    2. Configure local AAA authentication.
    3. Configure server-based authentication.
    4. Configure server-based authorization and accounting.
    5. Describe endpoint security – 802.1X authentication.
  5. Mitigate threats to Cisco routers and networks using access control lists (ACLs).
    1. Discuss introduction to ACLs
    2. Explain wildcard masking.
    3. Configure ACLs.
    4. Explain modification of ACLs.
    5. Implement ACLs.
    6. Mitigate attacks with ACLs.
    7. Describe IPv6 ACLs.
  6. Implement secure network design, management, and reporting.
    1. Secure Cisco IOS image and configuration files.
    2. Discuss locking down a router using AutoSecure.
    3. Explain routing protocol authentication
    4. Discuss secure management and reporting.
    5. Explain network security using Syslog.
    6. Discuss NTP configuration.
    7. Discuss SNMP configuration.
  7. Implement the Cisco IOS firewall feature set.
    1. Explain firewall technologies.
    2. Describe zone-based firewalls.
    3. Discuss IPS technologies.
    4. Discuss IPS operation and implementation.
  8. Explain the mitigation of common Layer 2 attacks.
    1. Explain and mitigate MAC table attacks.
    2. Mitigate VLAN and DHCP attacks.
    3. Mitigate ARP and ARP spoofing attacks.
    4. Describe and mitigate spanning tree protocol attacks.
  9. Apply VPN Types.
    1. Discuss VPN overview.
    2. Explain VPN technologies.
    3. Explain IPsec overview.
    4. Explain IPsec protocols.
    5. Describe internet key exchange.
    6. Implement a remote access VPN.
  10. Implement a site-to-site VPN.
    1. Configure a site-to-site IPsec VPN.
    2. Explain ISAKMP policy.
    3. Explain IPsec policy.
    4. Describe crypto map.
    5. Discuss IPsec VPN.
  11. Explain securing communications through cryptography.
    1. Explain cryptographic services.
    2. Define basic integrity and authenticity.
    3. Describe public key cryptography.
    4. Discuss introduction to the ASA.
    5. Configuration of the ASA firewall.
  12. Describe network security testing.
    1. Compare network security testing techniques.
    2. Assess network security testing tools.



Add to Portfolio (opens a new window)