Computer Security and Information Warfare

Frederick M. Avolio

As our dependancy on computers and networks grows, so do our vulnerabilities to attacks on what has become a critical infrastructure. The network administrator and information security administrator for an enterprise of any size, must be aware of the threats, vulnerabilities, risks, and countermeasures. This course will discuss information warfare in the Internet age, covering attack methods as well as defenses.

This course combines lecture and discussion.

You Will Learn:

• Our vulnerabilities
• Attack methods and mechanisms
  • The tools and technology
  • How and why they work
• Where to look for bad guys
• Defense methods and mechanisms
  • The tools and technology
  • How and why they work
• What to consider deploying
• When to deploy

You will leave with:

• Information about common attacks and countermeasures
• White papers on security technologies and types of products
• Contact information for keeping up with security advisories and vendor patches
• Pointers to free and commercial solutions to security including hacker resources
• Directory of security sites, servers, and mailing lists
• A checklist for assessment

Course Outline

• Introduction to Information Warfare
• The attack
  • Snooping, Stealing, and Spying
  • Lies and Other Scams
  • Insiders
  • Through the "perimeter"
  • Eavesdropping
  • Impersonation
  • Hacker technology
• The defense
  • Crytography
  • Authentication
  • Access Control
  • Intrusion Detection
  • Monitoring
  • "Bottom up" security
  • Security Management
• A Security Checklist -- what, when, where, how (we now know why)