University of Houston
  College of Technology Image
We Are Technologists
 
Search the College of Technology web site
 
Search the College of Technology web site
 
Home > Departments > Information and Logistics Technology > Course Descriptions

Course Descriptions

ITEC 6323
4011 certified


 


ITEC 6323
Information Systems Security: Applied Cryptography and Intrusion Detection


Overview
This class examines applied cryptographic security services. It also examines enterprise related system threats and countermeasures. Specific cryptographic services include confidentiality, integrity, authentication and non repudiation. Specific mechanisms include encryption, hashes, message authentication codes, digital signatures and digital certificates Specific applications include: Public Key Infrastructure (PKI), secure protocols and virtual private networks (VPNs). Network counter-measures including intrusion detection are also examined.

Intrusion detection systems can detect and limit potential system compromises. Since these systems provide a historical record of network and system events, they can also provide assurance that an enterprise’s infrastructure has not been compromised.

Laboratory exercises provide an opportunity to apply class concepts. Laboratory activities include: encryption/decryption, file integrity testing, secure key exchange, as well as Public Key Infrastructure Issues. “Hands-on” system and network vulnerability scanning are also included as are lab activities relating to IPSec and SSL based Virtual Private Networks (VPNs).

 

Objectives
Upon successful completion of this course, you will be able to:

  • Identify and explain major cryptographic services and mechanisms.
  • Define relevant cryptographic terms including random number, private key, public key, algorithm, trusted third party and cryptanalysis.
  • Name, explain and utilize major algorithms including MD5, SHA1, DES, AES and RSA.
  • Compare and contrast symmetric and asymmetric cryptography and explain cryptographic services relevant to each.
  • Define key management and explain the key management problem.
  • Define and explain Public Key Infrastructure (PKI) principles and components.
  • Explain PKI management and policy.
  • Implement and utilize secure key exchange with certificates.
  • List and explain secure protocols including Secure Socket Layer (SSL) and IPSec.
  • Define and implement a VPN.
  • Define and explain Kerberos.
  • List and define major cryptographic vulnerabilities.
  • Define and explain major attacks on cryptography.
  • Articulate primary computer and network system threats.
  • Plan and execute an enterprise level vulnerability scan.
  • Define and demonstrate basic Intrusion Detection Systems concepts.
  • Explain Network security monitoring.
  • Analyze N-tier application vulnerabilities.