Об этом курсе: In this MOOC, we will learn the basic cyber security concepts, how to identify vulnerabilities/threat in a network system. We will apply CIA basic security services in the triage of recent cyberattack incidents, such as OPM data breach. We will learn the risk management framework for analyzing the risks in a network system, and apply the basic security design principles to protect the data and secure computer systems. We will examine the trustworthiness of programs and data installed in our systems and show the proper way to verify their integrity and authenticity. We will apply principle of least privileges for controlling the shared access given to different groups of users and system processes. On Amazon Cloud instances, we will use GnuPG software to generate public/private key pair for signing/verifying documents and open source software, and for encrypting documents. We will learn how to publish software, the related signature and release key on web server and publish public key to PGP key server for others to retrieve. We will learn Public Key Infrastructure (PKI) and Linux utility to serve as a CA for an organization, learn how to sign certificate request for clients or servers in secure email and web applications.

Автор: University of Colorado System

Преподаватели: Edward Chow, Professor
Computer Science

Основные сведения	Курс 1 из 4 — Fundamentals of Computer Network Security Specialization
Уровень	Учащийся среднего уровня
Язык	English
Как пройти курс	Чтобы пройти курс, выполните все оцениваемые задания.
Оценки пользователей	3.7 звезды Средняя оценка пользователей: 3.7Посмотрите, что пишут учащиеся

Программа курса

НЕДЕЛЯ 1

Cybersecurity Concepts and Security Principles

In this module, we will introduce the basic cyber security concepts, enable you to identity root causes of vulnerabilities in a network system and distinguish them from the threats from both inside and outside. We will analyze the enabling factors of recent cyber attack incidences and discuss the basic security services for their defense and triage. We will introduce the risk management framework for analyzing the risks in a network system, and apply the basic security design principles to protect the data and secure the computer systems. Trust is critical and in the center of any secure systems. We will examine the source and authenticity of the programs and data installed in systems we used daily and show the proper way to check their integrity, and verify their authenticity.

6 видео, 5 материала для самостоятельного изучения

Видео: Lesson 1. Vulnerabilities and Threats
Reading: Cybersecurity Concepts
Discussion Prompt: Vulnerability and Threat
Видео: Method, Opportunity, and Motive
Reading: M.O.M.
Видео: Confidentiality, Integrity, and Availability
Reading: C.I.A.
LTI Item: Receive AWS Educate Credit for Your Exercises
Видео: Risk, Risk Assessment and Method of Defense
Reading: NIST RMF
Видео: Security Principles: Defense in Depth, Defense with Diversity, Cyber Resilience
Reading: Defense in Depth
Discussion Prompt: Security Principles: Defense in Depth, Defense with Diversity, Cyber Resilience

Оцениваемый: Project 1.a Create AWS Account and AWS EC2 Instance

Оцениваемый: Exam 1.1. Assess Cybersecurity Concepts and Security Principles Learned

НЕДЕЛЯ 2

Protect Data Access and Verify Source of Trust

In this module we apply principle of least privileges for controlling the proper access given to users and system process. We will demonstrate such an access control by using an example of project document access control using the Unix file access mechanism. We use OPM data breach example to show the impact and the need for principle of adequate data protection. Trust is critical and in the center of any secure systems. We will examine the source and authenticity of the programs and data installed in systems we used daily and show the proper way to check their integrity, and verify their authenticity.

3 видео, 3 материала для самостоятельного изучения

Reading: Apply Principle of Least Privileges for Access Control
Видео: Principle of Adequate Data Protection
Reading: Inside the Cyberattack that Shocked the US Government", by Brendan Koerner on OPM breach
Видео: In Software We Trust. Really?
Reading: also good to add some additional reading beyond the slides

Оцениваемый: Project 1b. Create Shared Project Policy and Implement with Access Control

Оцениваемый: Exam 1.2. Assess How to Protect Data Access and Verify Source of Trust

НЕДЕЛЯ 3

Using GPG to Sign/Verify Software

In this module, we introduce GPG software tool for generating public key private key pair for signing/verifying the documents and to encrypt documents, and publish our public key on our web server and PGP key server for others to retrieve. We will use GnuPG software tool to verify the common opensource software packages such as apache and putty. We will also learn how to sign software and the proper way to list the software package, their pgp signature, and our signing public key on a web site.

3 видео, 3 материала для самостоятельного изучения

Reading: The GNU Privacy Handbook
Видео: Verify Software Integrity and Authenticity
Reading: Making and verifying signatures
Видео: Web of Trust
Reading: How to send/receive encrypted email with GnuPG

Оцениваемый: Project 1c. Use gpg to sign and verify open source software.

Оцениваемый: Exam 1.3. Assess the skill of using gpg to sign and verify software.

НЕДЕЛЯ 4

Be a CA, Setup Secure Server and Client Certificate

In this module, we will learn the Public Key Infrastructure (PKI), how CA operates, and the certificates signing and verification process. We will utilize the utility command in a Linux system to serve as a CA for an organization, learn how to sign certificate request for clients or servers both secure email or secure web access purpose. We will earn how to generate server certificate requests as a webmaster, send them to CA for signing and install the signed certificates in Apache web server for secure web access. We will also set up apache web server for requiring clients to present their client certificates for mutual authentication. We will also guide you to set client certificate on browser for mutual authentication and on a mail client for signing and encrypting emails.

6 видео, 5 материала для самостоятельного изучения

Reading: Verisign
Видео: What are in a Certificate?
Reading: Secure Web Access
Видео: Being Your Own CA
Видео: Server Certificate and Installation
Reading: Server Certificates
Видео: Setup Client Certificate
Reading: Client Certificates
Видео: Client Server Mutual Authentication
Reading: Example of Mutual Authentication

Оцениваемый: Project 1d. Create, Sign and Install Web Server Certificate

Оцениваемый: Exam 1.4. Assess PKI Concepts and Certificates Creation/Signing with PKI

Часто задаваемые вопросы

Когда я получу доступ к лекциям и заданиям?

Что делать, если мне потребуется больше времени на прохождение курса?

Что я получу, оплатив этот курс?

Могу я пройти этот курс бесплатно?

Какие правила возврата средств?

Можно ли получить финансовую помощь?

Как это работает

Coursework

Each course is like an interactive textbook, featuring pre-recorded videos, quizzes and projects.

Help from Your Peers

Connect with thousands of other learners and debate ideas, discuss course material, and get help mastering concepts.

Certificates

Earn official recognition for your work, and share your success with friends, colleagues, and employers.

Авторы

University of Colorado System

The University of Colorado is a recognized leader in higher education on the national and global stage. We collaborate to meet the diverse needs of our students and communities. We promote innovation, encourage discovery and support the extension of knowledge in ways unique to the state of Colorado and beyond.

Стоимость

	Приобрести курс
Получить доступ к материалам курса	Доступен
Получить доступ к оцениваемым материалам курса	Доступен
Получить итоговую оценку	Доступен
Получите сертификат о прохождении курса, ссылкой на который можно делиться с другими людьми	Доступен

Рейтинги и отзывы

Оценка 3.7 из 5 по 33 отзывам

This is well organised course its a great assets to my profile.

This course is awesome

The course is excellent in terms of syllabus and objectives. IN my view, it would be even better if there were more explanations about the practical exercises