module specification

Students will learn the importance of network security, the range of threats to network infrastructure both from inside and outside, how these threats work, what vulnerabilities exist  in the protocols  the threats exploit and mitigations to those attacks. The students will learn that the networks and protocols we rely on, have no inherent security built in  and that the multilayer multi-protocol nature of computer networking requires a multi technology multilayer security response.
They will learn prevention methods to both known and unknown attacks and the features of next generation firewalls including user identification, data/url filtering and denial of service prevention. The mitigations will be implemented and tested using Palo alto next generation firewalls.
This module leverages the basic network understanding the student has gained at level 4 from CCNA 1 and 2. This module complements but also contrasts CCNA security at level 6 by providing an alternative approach to firewall security compared to CISCO ASAs both in terms of technology, configuration, operation and design philosophy. This module is an essential part of the infrastructure security aspect of the degree and can lead to the professional qualification of Palo Alto Networks Certified Cybersecurity Associate (PCCSA)

Both CT4004 and CT4005 completed

Explains the nature and scope of today’s cybersecurity challenges. This module explores the cybersecurity landscape, cyberthreats, malware and spamming, and Wi-Fi and advanced threats. LO1, LO3

The syllabus covers the Palo alto PCCSA professional curriculum and includes practical labs on:
Initial palo alto firewall configuration
understanding and implementing Security policies
Identifying data content and selectively blocking or allowing
Selectively blocking or allowing URLs
inspection and Decryption of data streams
User identification and attribution
Collecting and collating threat metrics
Monitoring and reporting
High availability and reliability LO 2, LO 4, LO 5

The theoretical classes include chapters on

Attack types, vulnerabilities and persistent threats
Zero trust security
Cloud and virtualised environments and their vulnerabilities
Network security technologies
End point security
Behavioural analytics, threat intelligence and threat indicator sharing
These chapters provide context and include modern concepts such as cloud and zero trust models.

Reflective learning LO6

Module is delivered once a weekly and includes traditional lectures augmented with Laboratory work.  All the teaching material for the lectures and labs are available online in Weblearn (VLE) and in pdf format allowing students to read ahead and practice labs at home.  The students will be encouraged to help each other and learn from their mistakes, developing problem solving skills and the ability to implement a specification, test and verify the implementation meets the specification and troubleshoot and problem solve any deviations from the specification.

LO 1 configure modern next generation firewalls to mitigate a range of attacks and attack vectors based upon a specification or scenario.
LO 2 understand and appreciate the vulnerabilities in the TCP/IP protocol suite,
LO 3 understand and implement mitigations to attacks against the TCP /IP suite
LO 4 understand and appreciate the lack of security in cheap consumer grade networking devices such as internet enabled lightbulbs and consumer routers.
LO 5 understand the importance of legal compliance, logging, identifying and analysing network traffic and endpoint behaviours demonstrating responsibility and professional commitment;
LO6 keep record/log of the technical findings, interactions with colleagues/tutors, show reflection for and improvement and communicate effectively.

Chapter tests (LO2, LO4 to LO6)
Students’ theoretical grasp is assessed through end of chapter, closed-book, on-line Multiple-Choice Multiple-Answers type tests which are formative in nature and are mainly for self-evaluation and spot-feedback. The first formative diagnostic test will be conducted by week 4. The purpose of this formative diagnostic test is check students’ understanding of initial basic concepts and to provide an early feedback mechanism for maximising student’s engagement with the module.

Unseen Theory Examination (LO2, LO4-6) is an end of year summative assessment to check the theoretical knowledge of the core topics covered through formal lectures/tutorials.

Unseen Practical Examination (LO1, LO3 to LO6)
Students’ practical and hands-on skills are assessed through a formal 2-hours unseen practical examination. Students are expected to keep a laboratory logbook, which will be an integral part of this assessment component.

The marks with constructive feedback will be returned to students inline with University’s guidelines on assessments and feedback.

Core Text:
• Charles J. Brooks et al (2018), Cybersecurity Essentials, Sybex, ISBN-13: 978-1119362395
• Palo Alto Networks (2018), Palo alto Networks Firewall 8.2 Essentials: configuration and Management Lab Guide
• Palo Alto Networks (2018), Cybersecurity Survival Guide: Principles and Best Practices (3rd ed)

Other Texts:
• Palo Alto Networks, PAN-OS 8.2 Administrator’s Guide
• Joe Antony Sebastin John Francis (2018), Let's Learn Palo Alto NGFW: A Case Study of Checkpoint, Juniper, Cisco, Hacking and Knowing Thyself, ISBN-13: 978-0989867528
Website:
• University Library website: https://student.londonmet.ac.uk/library/
• Subject guides and research support: https://student.londonmet.ac.uk/library/subject
• Palo Alto: https://www.paloaltonetworks.com/

Electronic Databases:
• IEEE Xplore / IET Digital Library (IEL):
https://ieeexplore.ieee.org/Xplore/home.jsp
• Wiley Online Library:
https://0-www-onlinelibrary-wiley-com.emu.londonmet.ac.uk/

Social Media Sources
YouTube: https://www.youtube.com/

Other
Lynda: http://www.lynda.com/