88325 - Computer and Network Security Lab T

Academic Year 2020/2021

  • Docente: Marco Prandini
  • Credits: 6
  • SSD: ING-INF/05
  • Language: Italian
  • Teaching Mode: Traditional lectures
  • Campus: Bologna
  • Corso: First cycle degree programme (L) in Computer Engineering (cod. 9254)

    Also valid for First cycle degree programme (L) in Computer Engineering (cod. 9254)

Learning outcomes

Discussing the threats and vulnerabilities that could lead to compromising system and information security, and the corresponding mitigation actions.At the end of the course, the student has acquired • knowledge of offensive security as a method to understand the effectiveness of various attack vectors, • the ability to hone defensive security skills to counter them.

Course contents

The course's goal is to provide an overview of the topics which are relevant to secure computing systems, with a practical approach.

Entry requirements: IN ORDER TO EFFECTIVELY FOLLOW THE COURSE, A GOOD GRASP OF COMPUTER NETWORKS AND OPERATING SYSTEMS IS ESSENTIAL. BASIC PROFICIENCY WITH LINUX COMMAND LINE IS NEEDED.

Foundations

  • Security properties of information and systems
  • Definitions: threat, vulnerability, exploit, risk
  • Attack methods and impact
  • Hints: formal models for development, security frameworks, certifications

Information security

  • Cryptography essentials
  • Data at rest: anonymization and encryption
  • Data in transit: secure communication protocols and VPNs

Blue teaming

  • Physical security
  • Basic operating system hardening
  • Authentication systems
  • Access control models and their implementation
  • Network-based attack prevention: firewalls
  • Attack detection: IDS, IPS, SIEM
  • Incident response and recovery

Red Teaming

  • Vulnerability origins and identification
  • The cybersecurity kil chain
  • Enumeration, scanning and brute forcing
  • Vulnerability exploitation

Readings/Bibliography

The course is rather wide. Slides and links provided on IOL should be a solid launchpad to gather study resources online. Useful books, which delve much deeper on the treated subjects are:

  • "Security in Computing" by Shari Lawrence Pfleeger, Charles P. Pfleeger, Jonathan Margulies - Pearson (2015)
  • "Cybersecurity – Attack and Defense Strategies - Second Edition" by Yuri Diogenes, Erdal Ozkaya - Packt Publishing (2019)

Older but quite effective to tackle Red Teaming:

  • "Hacking Exposed 7" by Stuart McClure, Joel Scambray, George Kurtz - McGraw-Hill (2012)

For students in need of an introduction (or simply wishing to have a reference handy) about Linux as a security operations platform:

  • "Linux Essentials for Cybersecurity", by Denise Kinsey, William Rothwell - Pearson IT Certification (2018)
  • "Cybersecurity Ops with bash", by Paul Troncone, Carl Albing - O'Reilly Media (2019)

Teaching methods

The course is worth 6 CFU/ECTS corresponding to 60 hours of classroom or lab activity.

Theoretical subjects will be treated during lectures.

Lab activities will encompass both guided exercises to get acquainted with the tools, and challenges that students will be asked to solve, typically working in groups.

For this reason, regular attendance is of utmost importance.

Assessment methods

  • The exam is composed of two parts: a verification of knowledge of theoretical themes, and a practical test.
  • The final grade will be computed as a combination of the marks achieved in the two parts, expressed on the usual scale (18-30+honors).
  • Knowledge of theoretical themes will be ascertained through a short test just before the practical section of the exam. No study materials shall be used during this part of the exam. The result will be immediately available, and a passing grade is required to proceed to the practical part of the exam.
  • The practical test is designed around the subjects proposed during the lab sessions of the course. It could require candidates to complete assignments on their own, as well as to engage in a challenge involving other candidates.
  • During the test, candidates are allowed to use teaching materials, notes, and software components prepared by themselves.
  • Date and time of exams are published on AlmaEsami. Subscription is mandatory.
  • Students are kindly asked to act in a civil manner, avoiding to fill the lists up if they are unlikely to show up, and especially not subscribing to more than one list.

Teaching tools

Classroom lectures will be presented with the aid of slideshows in electronic format.

Lab activities, always under the assistance of the instructors, are a key component of the course, and cover almost all subjects of the syllabus.

A virtualized architecture will enable students to work on the proposed exercises as machine administrators on Linux systems. Students will be able to replicate the same architecture used in the lab, to work at home in an identical setting.

Office hours

See the website of Marco Prandini

SDGs

Industry, innovation and infrastructure

This teaching activity contributes to the achievement of the Sustainable Development Goals of the UN 2030 Agenda.