Please Read the Instructions Carefully in the body of this post and in the Project 1.docx file attached below.Topic 1- C-I-A Triad Discussion-1 400 words: APA Format, need References, two replies to p
School of Computer & Information Sciences SYLLABUS | ||
Course Name: | ISOL 534 – Application Security | |
Professor: | Dr. Carrie Butler | |
Contact Information: | Office Hours: By appointment E-mail: [email protected] | |
Online Support (IT) and I-Learn Policy: | All members of the University of the Cumberlands’ community who use the University’s computing, information or communication resources must act responsibly. http://www.ucumberlands.edu/it/downloads/terms.pdf | |
Course Website: | Access to the course website is required via the iLearn portal on the University of the Cumberlands website: http://www.ucumberlands.edu/ilearn/ | |
Course Description: | This course covers techniques and strategies for securing computers running Microsoft Windows operating systems, and their applications. Focusing on Windows Server 2012 and newer versions, and Windows 10 for clients, the course introduces the Windows operating system platforms and major areas of security vulnerabilities. Students will learn how to assess Windows computers for security vulnerabilities and how to make them more secure. | |
Alignment Matrix | Course Objectives
| |
Prerequisites: | Major Instructional Areas
| |
Books and Resources: |
Other articles and readings may be assigned by course professor. | |
Course Expectations | ||
Course Activities and Experiences: | Students are expected to: • Review any assigned reading material and prepare responses to homework assigned. • Actively participate in activities, assignments, and discussions. • Evaluate and react to each other’s work in a supportive, constructive manner. • Complete specific assignments and exams when specified and in a professional manner. • Utilize learned technologies for class assignments. • Connect content knowledge from core courses to practical training placement and activities. | |
Academic Integrity: | At a Christian liberal arts university committed to the pursuit of truth and understanding, any act of academic dishonesty is especially distressing and cannot be tolerated. In general, academic dishonesty involves the abuse and misuse of information or people to gain an undeserved academic advantage or evaluation. The common forms of academic dishonesty include:
Plagiarism includes copying and pasting material from the internet into assignments without properly citing the source of the material. Episodes of academic dishonesty are reported to the Vice President for Academic Affairs. The potential penalty for academic dishonesty includes a failing grade on a particular assignment, a failing grade for the entire course, or charges against the student with the appropriate disciplinary body. | |
Attendance Policy: | When any student has exceeded 20% of the time prescribed for any class, that student will be automatically dropped from that particular class with the grade of “F.” This grade is placed on the official transcript of the student and is treated as a failing grade in calculating the grade point average. The definition of a class absence is a student’s failure to attend class for any reason. Instructors may count three times tardy or leaving early to be equal to one class absence. There are no excused absences, regardless of the reason for the class having been missed. However, faculty will make reasonable provisions to allow students to make up work if the absence is due to a university-sponsored function or a medical or family emergency that is documented in a timely manner. Allowance for students to make up work for other reasons is at each instructor’s discretion. A class absence does not excuse the student from being responsible for course work missed; the student is responsible for contacting the faculty member in order to make up class assignments. The Vice President for Academic Affairs is the authorized agent to consider any exceptions to the above regulations. (Undergraduate Catalog) | |
Disability Accommodations: | University of the Cumberlands accepts students with certified disabilities and provides reasonable accommodations for their certified needs in the classroom, in housing, in food service or in other areas. For accommodations to be awarded, a student must submit a completed Accommodations Application form and provide documentation of the disability to the Disability Services Coordinator (Mr. Jacob Ratliff, Boswell Campus Center, Student Services Office Suite, [email protected]). When all paperwork is on file, a meeting between the student and the Coordinator will be arranged to discuss possible accommodations before accommodations are formally approved. Students must then meet with the Coordinator at the beginning of each semester before any academic accommodations can be certified for that term. Certifications for other accommodations are normally reviewed annually. | |
Student Responsibilities: |
| |
Deadlines and Dues Dates: | Recognizing that a large part of professional life is meeting deadlines, it is necessary to develop time management and organizational skills. Failure to meet the course deadlines may result in penalties. Keep in mind that all deadlines are set using Eastern Standard Time (EST). Late assignments will NOT be accepted. | |
Writing Expectations: | Learning outcomes for candidates’ writing competencies include clarity of thought, discernment in planning and organization, and integration of evidence and criteria.
| |
Participation Policy: | Study after study has linked successful academic performance with good class participation. Those who assume positions of responsibility must “show up” in order to be effective. Therefore, students are expected to actively participate in intelligent discussion of assigned topics in all areas (Discussion Board Activities, Synchronous Sessions, Forums, Shared Papers, etc.) to help process course material and/or to demonstrate understanding of course content. Point adjustments will be taken for non-participation. | |
Academic Appeals: | Both undergraduate and graduate students have the right to challenge a grade. If discussions with the course instructor and department chair do not lead to a satisfactory conclusion, students may file a formal written appeal with the Vice President for Academic Affairs, who will forward the appeal to the chair of the Academic Appeals Committee. This formal written appeal must be filed by the end of the 4th week of classes in the next regular term following the term in which the course in question was taken. The Academic Appeals Committee then gathers information from the student, the instructor, and any other relevant parties. The Committee will deliver its recommendation on the complaint to the Vice President for Academic Affairs. After reviewing this recommendation and concurring or amending it, the Vice President for Academic Affairs will inform the student and instructor of the disposition of the complaint no later than the last day of classes of the term in which the complaint was filed. Records of all actions regarding academic grade appeals, including their final disposition, are maintained by the Vice President for Academic Affairs and the Academic Appeals Committee. (Undergraduate Catalog/Graduate Catalog) | |
Links to Support: | Orientation to I-Learn: Student training course on I-Learn, https://ucumberlands.blackboard.com/webapps/portal/frameset.jsp Book Store: http://cumber.bncollege.com/webapp/wcs/stores/servlet/BNCBHomePage?storeId=50059&catalogId=10001&langId=-1 Library: http://www.ucumberlands.edu/library/ | |
Course Assignments and Evaluation | ||
Evaluation Method: | Graded work will receive a numeric score reflecting the quality of performance. Relative weights assigned to graded work are as follows: | |
Course Evaluation | A student will be evaluated/weighted on the following basis:
| |
Grading Scale: | Graded work will receive a numeric score reflecting the quality of performance as given above in evaluation methods. The overall course grade will be determined according to the following scale: A= 90 – 100 (90% - 100%) B= 80 – 89 (80% - 89%) C = 70 – 79 (70% - 79%) F < 69 (Below 69%) |
Syllabus Disclaimer:
This syllabus is intended as a set of guidelines for this course and the professor reserves the right to make modifications in content, schedule, and requirements as necessary to promote the best education possible within conditions affecting this course. Any changes to the syllabus will be discussed with the students.
Learning Materials and References
Solomon, Michael. Security Strategies in Windows Platforms and Applications, Third Edition. Burlington, MA: Jones & Bartlett, 2021
Virtual Security Cloud Labs*
Student Lab Manual (available within the virtual lab environment)*
* These resources are available if your educational institution purchased the Jones & Bartlett Learning lab manuals along with the courseware.
Recommended ResourcesThe following series of tables provide sources of supplementary information to augment your learning in digital forensics. You may consult as many resources as you wish.
Web References: Links to web references in this document and related materials are subject to change without prior notice. These links were last verified on September 25, 2019. |
Title | Author(s) | Year | ISBN |
Getting Started with Windows Server Security | Santhosh Sivarajan | 2015 | 978-1784398729 |
Group Policy: Fundamentals, Security, and the Managed Desktop | Jeremy Moskowitz | 2015 | 978-1119035589 |
Mastering Windows Server 2016 | Svidergol, et al. | 2018 | 978-1119404972 |
Windows 10 for Enterprise Administrators: Modern Administrators' guide based on Redstone 3 version | Stokes, Singer, and Diver | 2017 | 978-1786462824 |
Windows Security Monitoring: Scenarios and Patterns | Andrei Miroshnikov | 2018 | 978-1119390640 |
Organization/Certification(s) | URL |
CompTIA A+, Network+, Security+, more | https://www.comptia.org/certifications |
(ISC)2 SSCP, CISSP, more | https://www.isc2.org/ |
Microsoft MCSA: Windows Server, MCSE: Productivity, Microsoft 365 Certified: Security Administrator Associate, more | https://www.microsoft.com/en-us/learning/certification-overview.aspx |
Title | URL |
Admin Magazine | http://www.admin-magazine.com/tags/view/Windows |
Windows Certified Professional Magazine | https://mcpmag.com/Home.aspx |
Windows IT Pro | https://www.itprotoday.com/ |
Organization | URL |
Microsoft Security | https://www.microsoft.com/security/blog/ |
SANS Internet Storm Center | http://isc.sans.edu/index.html |
Security Intelligence | https://securityintelligence.com |
Windows Community | https://community.windows.com/en-us/ |
Use the following keywords to search for additional online resources that may be used for supporting your work on the course assignments:
Access control
Active Directory
Backup
Baseline
Encryption
Group Policy
Group Policy Object
Incident handling
Malware
Microsoft Windows administration
Microsoft Windows applications
Microsoft Windows security
Profile
Restore
Software Development Security Life Cycle (SDLC)
Threats
Vulnerabilities
Vulnerability scanning
Course Plan
Suggested Learning ApproachIn this course, you will be studying individually and within a group of your peers. As you work on the course deliverables, you are encouraged to share ideas with your peers and instructor, work collaboratively on projects and team assignments, raise critical questions, and provide constructive feedback.
Use the following advice to receive maximum learning benefits from your participation in this course:
DO | DON’T | |
|
|
Course textbook: Security Strategies in Windows Platforms and Applications, Third Edition (Solomon, 2021)
Grading Category | Activity Title | Grade Allocation (% of all graded work) | Lesson Due |
Lesson 1: Microsoft Windows and the Threat Landscape | |||
Required Readings | Chapter 1: Microsoft Windows and the Threat Landscape Chapter 2: Security in the Microsoft Windows Operating System | ||
Discussion | C-I-A Triad | 1% | |
Discussion | Multilayered Defense | 1% | |
Lab | Implementing Access Controls with Windows Active Directory | 2% | |
Project | Project Part 1: Active Directory Recommendations | 4% | |
Lesson 2: Access Controls in Microsoft Windows, and Encryption Tools and Technologies | |||
Required Readings | Chapter 3: Access Controls in Microsoft Windows Chapter 4: Microsoft Windows Encryption Tools and Technologies | ||
Discussion | Access Controls | 1% | |
Discussion | Encryption | 1% | |
Lab | Using Access Control Lists to Modify File System Permissions on Windows Systems | 2% | |
Lab | Configuring Microsoft Encrypting File System and BitLocker Drive Encryption | 2% | |
Project | Project Part 2: Access Controls Procedure Guide | 4% | |
Lesson 3: Microsoft Windows Malware Protection and Group Policy Control | |||
Required Readings | Chapter 5: Protecting Microsoft Windows against Malware Chapter 6: Group Policy Control in Microsoft Windows | ||
Discussion | Fileless Malware | 1% | |
Discussion | Security Policy Conformance | 1% | |
Lab | Identifying and Removing Malware from Windows Systems | 2% | |
Lab | Managing Group Policy within the Microsoft Windows Environment | 2% | |
Project | Project Part 3: Malware Protection Procedure Guide | 4% | |
Project | Project Part 4: Group Policy Objects Recommendations | 4% | |
Lesson 4: Microsoft Windows Auditing and Backup and Recovery Tools | |||
Required Readings | Chapter 7: Microsoft Windows Security Profile and Audit Tools Chapter 8: Microsoft Windows Backup and Recovery Tools | ||
Discussion | Log File Auditing | 1% | |
Discussion | Backup Strategies | 1% | |
Lab | Auditing Windows Systems for Security Compliance | 2% | |
Project | Project Part 5: Security Audit Procedure Guide | 4% | |
Project | Project Part 6: System Restoration Procedure Guide | 4% | |
Lesson 5: Microsoft Windows Network Security and Administration | |||
Required Readings | Chapter 9: Microsoft Windows Network Security Chapter 10: Microsoft Windows Security Administration | ||
Discussion | Firewall Selection | 1% | |
Discussion | Security Compliance Goals | 1% | |
Lab | Creating a Scheduled Backup and Replicating System Folders* | 2% | |
Project | Project Part 7: Network Security Controls Recommendations | 4% | |
Lesson 6: Hardening the Microsoft Windows Operating System | |||
Required Readings | Chapter 11: Hardening the Microsoft Windows Operating System | ||
Discussion | Security Awareness | 1% | |
Lab | Hardening Windows Systems for Security Compliance | 2% | |
Project | Project Part 8: Windows Hardening Recommendations | 4% | |
Required Practical Connection Assignment | Writing Assignment | 5% | |
Lesson 7: Microsoft Windows Application Security and Incident Handling | |||
Required Readings | Chapter 12: Microsoft Application Security Chapter 13: Microsoft Windows Incident Handling and Management | ||
Discussion | Cloud Application Security | 1% | |
Discussion | Incident Response Communication | 1% | |
Lab | Securing Internet Client and Server Applications on Windows Systems | 2% | |
Project | Project Part 9: Secure Windows Applications Policy | 4% | |
Project | Project Part 10: Evidence Collection Policy | 4% | |
Lesson 8: Microsoft Windows Security Life Cycle and Best Practices | |||
Required Readings | Chapter 14: Microsoft Windows and the Security Life Cycle Chapter 15: Best Practices for Microsoft Windows and Application Security | ||
Discussion | Security in SDLC versus Agile | 1% | |
Discussion | Emerging Threats | 1% | |
Lab | Investigating Security Incidents within the Microsoft Windows Environment* | 2% | |
Course Review and Final Examination | |||
Exam | Final Examination | 20% | End of course |