Page cover

Tech Journal Landing Page!

This Gitbook is used for technical documentation of my course work as a Networking and Cybersecurity Major at Champlain College!

Disclaimer: Some material may be copied from my notes, textbooks, online sources, and Champlain College's materials. Copying from this or any of my wikis is discouraged due to your risk of committing plagiarism and copyright issues. (Do your own work!)

2024-2025 Tech Journal

SEC-350 Enterprise and Network Security Controls

Students will examine network-based threats whether originating from the Internet or the local LAN, and learn about ways to protect, detect, and defend the enterprise network from such attacks. The relationship between user network policy and securing the network will also be explored. Students will participate in hands-on experiments and demonstrate their understanding of subject matter via projects and presentations

  • Introduction to Information Security, Security Policies and Standards

  • Log Management and Analysis

  • Intrusion Detection Systems

  • Authenticating Users

  • Introduction to Network Firewalls and Packet Filtering

  • Firewall Configuration and Administration

  • Working with Proxy Servers and Application ­Level Firewalls

  • Encryption – The Foundation for the Virtual Private Network

NET-330 Network Design

This course examines the basic principles and methodologies used in the design of both local and wide area networks. Topics include network options analysis, component and protocol selection, performance considerations and RFP development.

  • The role of network devices, operating systems, and protocols in a working network

  • Factors affecting network performance evolution of networks

  • Cost benefit analysis of network changes

  • Network Security

  • LAN and WAN design

  • Wireless networking and emergent technologies

  • Tradeoffs in performance and cost

  • Ethics in sysadmin, network administration

  • Economics of corporate IT

  • Complexity of modern networks and impact of changes

  • How to design and develop a network that can accommodate growth and change

SEC-335 Ethical Hacking and Penetration Testing

This course will take students through the incident handling process. Today’s organizations require skilled first responders that are properly trained in the preparation, identification, containment, eradication, and being able to take the lessons learned from those steps to prevent or minimize the impact of a similar security incident.

  • Describe ways to incorporate security into the design of software systems and Web server and e-commerce applications.

  • Determine the security vulnerabilities of various software tools, various Web (and other) server applications software and design mechanisms to mitigate those vulnerabilities.

  • Articulate the findings of vulnerabilities in a system and how to fix the vulnerabilities.

  • Describe the process for maintaining secure software and Internet server systems.

  • Apply best information security practices for software systems to the specific needs of an organization.

  • Select the optimal tools for implementing software systems and server-based Internet applications given project constraints.

  • Document the impact and management of secure software and server systems, and the impact on the organization, for both professional peers and managers.

SEC-345 Information Assurance

Students will gain a global and comprehensive understanding of information assurance. We will discuss international information assurance issues, information assurance models, security architectures, risk assessment, incident response, government and business guidelines and criteria, compliance, audits, business continuity, and disaster recovery. We will examine the inter-relationships between these topics and the goal of achieving a balance between information assurance and systems performance.

  • Analyze the information assurance (IA) context

  • Demonstrate an understanding of threats, vulnerabilities and strategic countermeasures in a variety of contexts

  • Describe the system services and strategies that implement IA

  • Understand the life cycle for IA in an organizational context

  • Analyze and design IA policies and plans

  • Instantiate organizational goals through IA policy and plans

  • Actualize the information assurance life cycle through IA planning

  • Understand the human factors affecting the validity of IA policy and plans

  • Address legal and ethical issues related to IA

  • Apply the principles of management

  • Understand the role of risk management in IA decision making

  • Develop the ability and skills to maintain currency in IA

  • Appreciate the concepts of information privacy and accountability

  • Understand the relationship between people and IA practices and technology

2023-2024 Tech Journal

SEC-260 Web and Application Security

Upon completion of the course, students will be able to:

  • Describe the components of a web system and the interaction of those components

  • Construct simple applications as prototypes or samples of larger systems

  • Learn where the evidence of attacks can be collected

  • Analyze connectivity and performance issues in web systems, isolate issues to component level, and select appropriate measures for resolution

  • Describe and analyze security issues in web systems

  • Describe and analyze the networking and web protocols involved in web systems

  • Analyze and design web system configurations in relation to the network infrastructure

  • Describe and discuss the critical role that web systems play in an organization, both internally and externally

SYS-265 Sysadmin and Net Services II

This course focuses on the tasks and issues involved in the administration of distributed computing networks. Authentication, Authorization, and Accounting (AAA) systems are covered with emphasis on using cross-platform authentication. Network services including firewalls, DNS, mail, and web services are covered. Content includes Network File Services, Distributed administration, and network management tools. Topics will be covered from a practical, business oriented, cost/benefit perspective and best practice implementation techniques are described. Hands-on experience will include representative technology from each of these areas.

Topic Coverage

  • Network Management

  • DHCP Services

  • DNS Administration

  • Containerization

  • Remote Management

  • Enterprise Storage

  • Centralized Authentication

  • LAN System Administration

  • Advanced Troubleshooting

  • Advanced Virtualization

  • Firewall Administration

  • Web based Services

  • Automation and Provisioning

SYS-255 Sysadmin and Net Services I

Students learn how to deploy, administer, and troubleshoot common operating systems environments. They gain experience in systems administration functions and issues as well as common network services. Students develop a conceptual understanding of each operating system function and network service and learn how to plan, implement, and administer each. Topics include user access and privileges, DHCP, DNS, remote access, file services, update and patch management, security and remote management.

Topic Coverage

  • Virtualization for Systems Administrators

  • Software installation and management

  • System and Service management

  • Account management

  • User and file permissions

  • Overview of common Local Area Networking Environments

  • Static and Dynamic Addressing

  • Implementing and Managing DHCP

  • Implementing and Managing DNS

  • Windows Active Directory Services

  • Configure systems to communicate within a Local Area Network

  • Implement remote management protocols such as SSH and RDP

  • Maintaining and troubleshooting Networked Systems Infrastructure

  • Security planning and administration

  • Implement Web Servers and common web applications.Web Services such as HTTP

SEC-300 Elastic Stack for Security Operations

The ELK Stack, which includes Elasticsearch, Logstash and Kibana, is an open-source data intelligence solution. The ELK Stack has become many organizations' tool of choice for log aggregation and monitoring in their security operations center (SOC). In this course, students will design, build, configure, and manage their own ELK Stack to model designs used in SOC implementations. In addition, students will explore how ELK can be used for threat hunting and incident response.

NET-215 Network Protocols

This course is a thorough review of the foundational protocols used on the Internet and modern enterprise networks. With a focus on protocols aligned with the Transmission Control Protocol/Internet Protocol (TCP/IP) and OSI models, students will explore the development and structure of protocols, their role in data communications, and integration within network-based applications. Students will engage in hands-on activities aimed at protocol analysis, network troubleshooting, and protocol-related security concerns.

Upon completion of this course, students will be able to:

  • Compare and contrast protocol suites including the TCP/IP and OSI models.

  • Describe the relationship between physical, network, transport, and higher-layer protocols.

  • Analyze and understand protocol operations and conversations between peer layers.

  • Articulate and construct an IPv4-based subnet addressing plan, with a particular understanding of private vs. public addressing and subnet masks.

  • Describe the basic operation of IPv6 and integration considerations for existing networks.

  • Describe the importance and basic operation of critical network service protocols such as ARP, DNS, DHCP, and ICMP.

  • Specify the common security vulnerabilities associated with common protocols and ways to mitigate those vulnerabilities.

  • Describe the importance and basic operation of critical application protocols such as HTTP.

  • Identify the protocols associated with IPsec, VPNs, VOIP, media streaming and their role in network operations.

  • Analyze communication on IP-based networks using a packet sniffer and associated tools to support network troubleshooting, performance monitoring, and security operations.

2022-2023 Tech Journal

SYS-140 System Fundamentals

SEC-110 Cybersecurity Fundamentals

SEC-250 Computer and Network Security

This course provides an introduction to computer and data network security. Students will examine the rationale and necessity for securing computer systems and data networks, as well as methodologies for implementing security, security policies, best current practices, testing security, and incident response.

Upon completion of this course the student will be able to:

  • Understand the basics of hardening servers, hosts and networks

  • Comprehend various system, network and data threats and risks

  • Understand common vulnerabilities, attack patterns and defenses

  • Explore cryptography and Public Key Infrastructure fundamentals

  • Demonstrate how to detect and reduce threats in Web security

  • Evaluate access control frameworks

  • Perform a vulnerability assessment

  • Explore technical and process compensating controls

NET-150 Networking Fundamentals

This course introduces the student to the concepts and terminology of data communications. The course highlights the history and evolution of voice and data communications technologies. Specific emphasis is placed on the role of standards organizations in this evolution. The course examines such topics as telephony and subsystems, analog and digital signaling, network protocols and topologies, the OSI model, the TCP/IP protocol suite, high-speed LAN/WAN topologies, remote access, bridging and routing, network troubleshooting, network design considerations, the evolution and future of Ethernet, emerging technologies for both business and residential use, and information security considerations.

The primary purpose of this course is to facilitate students' understanding of the basic concepts, vocabulary, theories, and processes relevant to business data communications. The course will use discussion in and out of class, activities, written assignments, and tests to facilitate and measure the development of knowledge on the topic. Readings will be assigned, and those topics may not be fully covered in class. Tests will cover both the reading and the class materials.

Last updated