Portland Community College | Portland, Oregon

Upon successful completion of this course the student should be able to:

• Design, Install, and Administer a secure LAN consisting of the client and server computers.
• Install and administer common Internet applications and various security tools.
• Sit for the CompTIA Security+ certification exam (not administered by PCC).

 This course is presented by means of:

• on-campus lectures or on-line lessons
• group discussions
• individual lab assignments
• group lab assignments.

Students will be required to use essential tools to complete the lab assignments.

Through exams and lab assignments students will be assessed to determine whether they are able to:

• Differentiate and explain common access control models.
• Differentiate and explain common methods of authentication.
• Identify non-essential services and protocols and know what actions to take to reduce the risks of those services and protocols.
• Identify common attacks and specify the appropriate actions to take to mitigate vulnerability and risk.
• Identify various types of malicious code and specify the appropriate actions to take to mitigate vulnerability and risk.
• Reduce the risks of social engineering.
• Explain and apply auditing, logging and system scanning.
• Implement common types of remote access technologies.
• Configure and administer email security.
• Explain and apply basic Internet security.
• Configure and administer directory security.
• Explain and manage file transfer protocols.
• Administer basic security as applied to wireless technologies.
• Explain and manage security concerns and concepts of Infrastructure Security types of devices.
• Explain and secure various types of media.
• Explain and apply the concepts behind various security topologies.
• Differentiate common types of intrusion detection, be able to explain the concepts of each type, and manage the implementation and configuration of each kind of intrusion detection system.
• Explain and apply concepts of security baselines.
• Install, configure and administer the implementation and configuration of intrusion detection.
• Identify and explain different kinds of cryptographic algorithms.
• Explain how cryptography addresses security concept.
• Explain concepts of PKI (Public Key Infrastructure).
• Identify and be able to differentiate different cryptographic standards and protocols
• Explain concepts of Key Management and Certificate Lifecycles
• Explain and apply the concepts of physical security.
• Develop, explain and implement a disaster recovery plan.
• Develop, explain and implement a business continuity plan.
• Explain and apply the concepts and uses of various types of policies and procedures.
• Explain the concepts of privilege management.
• Explain and apply the concepts of various topics of forensics.
• Explain and apply concepts of risk identification.
• Explain the security relevance of the education and training of end users, executives and human resources.
• Explain and apply documentation concepts related to security.

•  Security practices.
• Security policies.
• Legal and ethical considerations of information systems security.
• Security topologies.
• Certificates and certificate authorities.
• Symmetric and asymmetric encryption.
• Key management.
• Authorization and authentication.
• Secure communications.
• Virtual private networks.
• Analysis and management practices.
• Patch management.