CISS 349 is a study of the tasks, tools and techniques involved in the configuration and administration of heterogeneous networks of Windows and UNIX/Linux computers, with particular emphasis on system hardening, protection against attack, system monitoring and recovery.
Instructor: |
Prof. Amelia Garripoli Room OCP 110 Email: Amelia.Garripoli@wwu.edu Phone (360) 774-0740 |
Class times: |
T 9-11:50 |
Office Hours: |
after class, as needed |
Suggested Textbooks: |
Nemeth, E., Snyder, G., Hein, T., Whaley, B., “UNIX and Linux System Administration Handbook”, 5th Edition, Prentice Hall. Basta, A., Zgola, M. “Database Security”, Cengage Learning. 2012. |
Assessment: |
Examinations and practical assignments |
On completion of this course, students will demonstrate:
Assessment
The assessment process for the course consists of a midterm exam, a final exam, and up to 10 practical assignments.
The contribution of each assessment item to the final grade is as shown below:
|
Midterm Exam |
20% |
|
Final Exam |
20% |
|
Assignments |
60% |
There will be up to 10 hands-on assignments. The table below describes the topics for each of the individual assignments. They are equally weighted and comprise 60% of the course grade.
Assignment 1 |
Bash Script |
|
Assignment 2 |
Process Script |
|
Assignment 3 |
Database Design |
|
Assignment 4 |
Query Exercise |
|
Assignment 5 |
Cron Job for table maintenance (may remove) |
|
Assignment 6 |
Privilege Exercise (may remove) |
|
Assignment 7 |
PowerShell Program |
|
|
Assignment 8 |
Windows Services Policy |
|
Assignment 9 |
Network Exercise (may remove) |
|
Assignment 10 |
DB Vulnerability/Hardening Exercise |
Examinations
The midterm examination will be held during regular class time on Tuesday, May 14th, 2019.
The final examination will be held on as per the published exam schedule. Tuesday, June 11 9:00 - 11:00 AM
Failure to attend the mid-term examination will result in a score of 0. Failure to attend the final examination, in accordance with University policy, will result in an F grade for the course.
Grading Policy
Grades will be assigned on the total of the assessment items according to the following scheme:
Percentage Grade
90-100 A
80-89 B
70-79 C
60-69 D
<60 F
The use of ‘+’ or ‘-‘ discriminators is completely at the discretion of the instructor.
Work must be submitted on-time. Late work will have 10% deducted per 24 hour period, or portion of a 24 hour period it is late. For example, if an assignment is due at 12:00, an assignment submitted at 12:05 will have 10% of the score deducted from the grade for the assignment.
If there is a need for a special accommodation for the late submission of an assignment, the student may make a request, in advance, to the instructor. The instructor may, at his discretion, choose to allow a late submission, or alter the due date of the assignment.
Attendance Policy
Attendance at lectures is not compulsory. However, students are responsible for ensuring that they keep up with course material and that they keep informed on class information, as presented in class or advised via the course web site.
Participation Policy
All students are expected to have completed any assigned readings prior to coming to class, and to participate fully in any activities and discussions in the classroom.
Academic Dishonesty
Academic dishonesty is defined in the University Catalog as misrepresentation by deception or by other fraudulent means which compromises an instructor's ability to fairly evaluate a student's work or achievement. It is the instructor's responsibility to confront a student and to take appropriate action if academic dishonesty, in the instructor's judgment, has occurred. As a community, Western is committed to integrity in all aspects of academic and campus life. An excellent resource for guiding students is the Faculty Senate’s Integrity website. (See Integrity.) This site is a clearinghouse of resources about integrity. Besides covering more common problems related to academic integrity, such as plagiarism and cheating on exams, it also addresses ambiguous areas, such as collaborative work, the use of language translators, and submitting the same paper in different classes. Please refer to the University Catalog for further information.
Any student who violates the University policy on academic dishonesty will receive an F for the course.
Syllabus Changes
This syllabus is subject to change. Changes, if any, will be announced in class. Students will be held responsible for all changes.
Detailed schedule
The distribution of topics over time is given in the table below.
# |
Day/Date |
Topic |
Sub-topic(s)/Readings |
Assignments |
1 |
Tues |
Shell Scripts, Bash
|
4th Ed. Nemeth et al. Ch 1, 2 pp. 29–54, 73-74 5th Ed. . Nemeth et al. Ch 1, 7 pp. 189–213, 73-74 |
|
2 |
Thu |
Access Control, Booting |
4th Ed. Nemeth et al. Ch 3, 4 5th Ed. Nemeth et al. Ch 2, 3, ? |
Bash Script |
3 |
Tues |
Intro to Databases, Tables & Relations |
Basta & Zgola, pp 43-56. |
|
4 |
Thu |
Designing Tables |
Basta & Zgola, Ch 3. |
Database Design |
5 |
Tues |
Process Management
|
4th Ed. Nemeth et al. Ch 5, Ch 22 p. 902 5th Ed. Nemeth et al. Ch 4 pp.90-108, Ch 27 p. 987-988 |
|
6 |
Thu |
Files
|
4th Ed. Nemeth et al. Ch 6 5th Ed. Nemeth et al. Ch 5
|
Process Script |
9 |
Tue |
Storage, |
4th Ed. Nemeth et al. Ch 8; Ch 7 & Ch 22 pp 906-912, 921-923 5th Ed. Nemeth et al. Ch 20; Ch 8 & Ch 27 pp. 992-996 |
|
10 |
Thu |
Users & Authentication, |
4th Ed. Nemeth et al. Ch 7 & Ch 22 pp 906-912, 921-923; Ch 9-11 5th Ed. Nemeth et al. Ch 8 & Ch 27 pp. 992-996; Ch 4 pp. 109-119, Ch 10
|
Cron Job for Table maint. |
13 |
Tue |
Queries |
|
|
14 |
Thu |
SQL for structure |
TBD |
Query Exercise |
15 |
Tue |
Software & Maint
|
4th Ed. Nemeth et al. Ch 12, Ch 22 p. 901 5th Ed. Nemeth et al. Ch 6, Ch 27 p. 987 |
|
16 |
Thu |
Midterm Exam |
|
|
22 |
Tue |
Windows - Users & Authentication |
TBD |
|
24 |
Thu |
Windows - Applications PPPR |
TBD
Basta & Zgola, Ch 6 |
Privilege Exercise |
25 |
Tue |
Windows - Powershell |
TBD |
|
26 |
Thu |
Windows - Powershell II |
TBD |
PowerShell Program |
27 |
Tue |
Windows Services SQL Injection |
TBD Basta & Zgola, Ch 7 |
|
28 |
Thu |
Management Policies Network Config |
Nemeth 4th ed. Ch 32 4th Ed. Nemeth et al. Ch 14 pp. 466-483. |
Windows Services Policy Network Exercise |
29 |
Tue |
DB Exploitation & Defense Database Security Auditing & Testing |
Basta & Zgola, Ch 7 & 8 Basta & Zgola, Ch 9 & 10 |
|
30 |
Thu |
DNS Green IT
|
4th Ed. Nemeth et al. Ch 17 4th Ed. Nemeth et al. Ch 27-28
|
DB Vulnerability Exercise |
38 |
Tue 11 Jun |
|
|
Final |
Adjustments to this schedule may be made based on the class needs.