module specification

Students will learn the importance of network security, the range of threats to network infrastructure both from inside and outside, how these threats work, what vulnerabilities exist in the protocols the threats exploit and mitigations to those attacks. The students will learn that the networks and protocols we rely on, have no inherent security built in and that the multilayer multi-protocol nature of computer networking requires a multi technology multilayer security response.

They will learn prevention methods to both known and unknown attacks and the features of next generation firewalls including user identification, data/url filtering and denial of service prevention. The mitigations will be implemented and tested using Palo alto next generation firewalls.

This module leverages the basic network understanding the student has gained at level 4 from CCNA 1 and 2. This module complements but also contrasts CCNA security at level 6 by providing an alternative approach to firewall security compared to CISCO ASAs both in terms of technology, configuration, operation and design philosophy. This module is an essential part of the infrastructure security aspect of the degree and can lead to the professional qualification of Palo Alto Networks Certified Network Cybersecurity Administrator (PCNSA).

Both CT4004 and CT4005 completed

Explains the nature and scope of today’s cybersecurity challenges. This module explores the cybersecurity landscape, cyberthreats, malware and spamming, and Wi-Fi and advanced threats.

The syllabus covers the Palo alto PCNSA professional curriculum and includes practical labs on:

• Initial Palo Alto firewall configuration
• understanding and implementing Security policies
• Identifying data content and selectively blocking or allowing
• Selectively blocking or allowing URLs
• inspection and Decryption of data streams
• User identification and attribution
• Collecting and collating threat metrics
• Monitoring and reporting
• High availability and reliability

The theoretical classes include chapters on

• Attack types, vulnerabilities and persistent threats
• Zero trust security
• Cloud and virtualised environments and their vulnerabilities
• Network security technologies
• End point security

Behavioural analytics, threat intelligence and threat indicator sharing

These chapters provide context and include modern concepts such as cloud and zero trust models.

Reflective learning

Module is delivered once a week and includes traditional lectures augmented with Laboratory work.  All the teaching material for the lectures and labs are available online in Weblearn (VLE) and in pdf format allowing students to read ahead and practice labs at home.  The students will be encouraged to help each other and learn from their mistakes, developing problem solving skills and the ability to implement a specification, test and verify the implementation meets the specification and troubleshoot and problem solve any deviations from the specification.

LO 1 configure modern next generation firewalls to mitigate a range of attacks and attack vectors based upon a specification or scenario.

LO 2 understand and appreciate the vulnerabilities in the TCP/IP protocol suite,

LO 3 understand and implement mitigations to attacks against the TCP /IP suite

LO 4 understand and appreciate the lack of security in cheap consumer grade networking devices such as internet enabled lightbulbs and consumer routers.

LO 5 understand the importance of legal compliance, logging, identifying and analysing network traffic and endpoint behaviours demonstrating responsibility and professional commitment.

Chapter tests (LO2, LO4, LO5)

Students’ theoretical grasp is assessed through end of chapter, closed-book, on-line Multiple-Choice Multiple-Answers type tests which are formative in nature and are mainly for self-evaluation and spot-feedback. The first formative diagnostic test will be conducted by week 4. The purpose of this formative diagnostic test is check students’ understanding of initial basic concepts and to provide an early feedback mechanism for maximising student’s engagement with the module.

Unseen Theory Examination (LO2, LO4, LO5) is an end of year summative assessment to check the theoretical knowledge of the core topics covered through formal lectures/tutorials.

Unseen Practical Examination (LO1, LO3 to LO5)

Students’ practical and hands-on skills are assessed through a formal 2-hours unseen practical examination. Students are expected to keep a laboratory logbook, which will be an integral part of this assessment component.

The marks with constructive feedback will be returned to students in line with University’s guidelines on assessments and feedback.

https://rl.talis.com/3/londonmet/lists/ADB667A7-0A55-8498-A5AE-7E2B740DD02C.html?login=1

Core Text:

Charles J. Brooks et al (2018), Cybersecurity Essentials, Sybex, ISBN-13: 978-1119362395

Palo Alto Networks (2018), Palo alto Networks Firewall 8.2 Essentials: configuration and Management Lab Guide

Palo Alto Networks (2018), Cybersecurity Survival Guide: Principles and Best Practices (3rd ed)

Other Texts:

Palo Alto Networks, PAN-OS 8.2 Administrator’s Guide

Joe Antony Sebastin John Francis (2018), Let's Learn Palo Alto NGFW: A Case Study of Checkpoint, Juniper, Cisco, Hacking and Knowing Thyself, ISBN-13: 978-0989867528

Website:

University Library website: https://student.londonmet.ac.uk/library/

Subject guides and research support: https://student.londonmet.ac.uk/library/subject

Palo Alto: https://www.paloaltonetworks.com/

Electronic Databases:

IEEE Xplore / IET Digital Library (IEL):

https://ieeexplore.ieee.org/Xplore/home.jsp

Wiley Online Library:

https://0-www-onlinelibrary-wiley-com.emu.londonmet.ac.uk/

Social Media Sources

YouTube: https://www.youtube.com/

Other

Lynda: http://www.lynda.com/