Portland Community College | Portland, Oregon

Course Number:
CIS 284
Course Title:
Network Security
Credit Hours:
Lecture Hours:
Lecture/Lab Hours:
Lab Hours:
Special Fee:

Course Description

Continues exploring the role of network administrator. Focuses on the knowledge and skills necessary to maintain system security and to install, configure and maintain a local area network with common internet applications. Emphasizes the use of Open Source software and CompTIA's Security+ content. Prerequisites: CIS 240M or CIS 279L or instructor permission. Audit available.

Intended Outcomes for the course

Upon successful completion of this course the student should be able to:

  • Design, Install, and Administer a secure LAN consisting of the client and server computers.
  • Install and administer common Internet applications and various security tools.
  • Sit for the CompTIA Security+ certification exam (not administered by PCC).

Course Activities and Design

 This course is presented by means of:

  • on-campus lectures or on-line lessons
  • group discussions
  • individual lab assignments
  • group lab assignments.

Students will be required to use essential tools to complete the lab assignments.

Outcome Assessment Strategies

Through exams and lab assignments students will be assessed to determine whether they are able to:

  • Differentiate and explain common access control models.
  • Differentiate and explain common methods of authentication.
  • Identify non-essential services and protocols and know what actions to take to reduce the risks of those services and protocols.
  • Identify common attacks and specify the appropriate actions to take to mitigate vulnerability and risk.
  • Identify various types of malicious code and specify the appropriate actions to take to mitigate vulnerability and risk.
  • Reduce the risks of social engineering.
  • Explain and apply auditing, logging and system scanning.
  • Implement common types of remote access technologies.
  • Configure and administer email security.
  • Explain and apply basic Internet security.
  • Configure and administer directory security.
  • Explain and manage file transfer protocols.
  • Administer basic security as applied to wireless technologies.
  • Explain and manage security concerns and concepts of Infrastructure Security types of devices.
  • Explain and secure various types of media.
  • Explain and apply the concepts behind various security topologies.
  • Differentiate common types of intrusion detection, be able to explain the concepts of each type, and manage the implementation and configuration of each kind of intrusion detection system.
  • Explain and apply concepts of security baselines.
  • Install, configure and administer the implementation and configuration of intrusion detection.
  • Identify and explain different kinds of cryptographic algorithms.
  • Explain how cryptography addresses security concept.
  • Explain concepts of PKI (Public Key Infrastructure).
  • Identify and be able to differentiate different cryptographic standards and protocols
  • Explain concepts of Key Management and Certificate Lifecycles
  • Explain and apply the concepts of physical security.
  • Develop, explain and implement a disaster recovery plan.
  • Develop, explain and implement a business continuity plan.
  • Explain and apply the concepts and uses of various types of policies and procedures.
  • Explain the concepts of privilege management.
  • Explain and apply the concepts of various topics of forensics.
  • Explain and apply concepts of risk identification.
  • Explain the security relevance of the education and training of end users, executives and human resources.
  • Explain and apply documentation concepts related to security.

Course Content (Themes, Concepts, Issues and Skills)

  •  Security practices.
  • Security policies.
  • Legal and ethical considerations of information systems security.
  • Security topologies.
  • Certificates and certificate authorities.
  • Symmetric and asymmetric encryption.
  • Key management.
  • Authorization and authentication.
  • Secure communications.
  • Virtual private networks.
  • Analysis and management practices.
  • Patch management.