COS 232: Computer & Network Security I

A study of the fundamentals of operating system, network, and application security. Major areas of exploration include: fundamental security design principles, application vulnerability analysis, network penetration testing, basic cryptography, and defensive programming techniques.

Cybersecurity Knowledge Areas

  • Cryptography
  • Cyber Defense
  • Cyber Threats
  • Defensive Programming
  • Foundational Concepts in Security
  • Fundamental Security Design Principles
  • Information Assurance Fundamentals
  • Introduction to Cryptography
  • Network Security
  • Principles of Secure Design
  • Threats and Attacks
  • Web Security

Coverage

CAE 2014 Topics

  • Cyber Defense (tier 1)
    • Network mapping (enumeration and identification of network components)
  • Cyber Threats (tier 1)
    • Adversaries and targets
  • Fundamental Security Design Principles (tier 1)
    • Separation (of domains)
  • Information Assurance Fundamentals (tier 1)
    • Threats and Adversaries
  • Introduction to Cryptography (tier 1)
    • Symmetric Cryptography (DES, Twofish)

CAE 2014 Outcomes

  • Cyber Defense (tier 1)
    • Describe potential system attacks and the actors that might perform them
  • Cyber Threats (tier 1)
    • Students will be able to identify the bad actors in cyberspace and compare and contrast their resources, capabilities/techniques, motivations, aversion to risk
  • Fundamental Security Design Principles (tier 1)
    • List the first principles of security
  • Information Assurance Fundamentals (tier 1)
    • List the fundamental concepts of the Information Assurance / Cyber Defense discipline
  • Introduction to Cryptography (tier 1)
    • Identify the elements of a cryptographic system

ACM 2013 Outcomes

  • Principles of Secure Design (tier 1)
    • Describe the principle of least privilege and isolation as applied to system design
  • Foundational Concepts in Security (tier 1)
    • Describe the concepts of risk, threats, vulnerabilities and attack vectors (including the fact that there is no such thing as perfect security)
  • Defensive Programming (tier 1)
    • Explain why input validation and data sanitization is necessary in the face of adversarial control of the input channel.
  • Threats and Attacks (tier 2)
    • Describe likely attacker types against a particular system
  • Principles of Secure Design (tier 2)
    • Describe the concept of mediation and the principle of complete mediation
  • Network Security (tier 2)
    • Describe the different categories of network threats and attacks
  • Cryptography (tier 2)
    • Describe the purpose of cryptography and list ways it is used in data communications
  • Web Security (tier 3)
    • Describe the browser security model including same-origin policy and threat models

236 W. Reade Ave., Upland, IN 46989 · 765-998-5162 · cseinfo@cse.taylor.edu
Copyright © 2016 Taylor University Computer Science and Engineering