CSS 348: Security Strategies in Linux OS /Applications

Course Description

This course will focus on the securing of Linux platforms and applications. Areas of study include identifying and examining methods of securing Linux platforms and applications and implementing those methods. (3 credits)

Prerequisites

  • ENG 101: English Composition 1
  • ENG 102: English Composition 2
  • ITE 145: Fundamentals of Information Systems Security OR CSS 101 Cybersecurity Fundamentals
  • ITE 220: Networking and Data Communcation (Recommended)

Student Learning Outcomes (SLOs)

Students who successfully complete this course will be able to:

  1. Identify threats to the Linux operating system and other open source applications.
  2. Describe components of Linux security.
  3. Lock down the Linux boot process.
  4. Explain user account management and the principle of least privilege to protect and secure the system and its data.
  5. Examine the flexibility of various options with file permissions and filesystem settings and how granular control isolates data access.
  6. Describe vulnerabilities in Linux services and the appropriate steps to mitigate the risks.
  7. Assess how firewall, Transmission Control Protocol (TCP) Wrappers, and SELinux complement one another to secure network applications.
  8. Describe Linux file-sharing and remote access solutions.
  9. Describe how to secure Web services, applications, and access.
  10. Assess the architecture of the Linux kernel and techniques used to enact a more secure kernel.
  11. Evaluate the importance of maintaining a software management plan.
  12. Establish a system baseline to detect anomalies.
  13. Test and gather security reports.
  14. Analyze best practices to respond and recover from a security breach (incident).
  15. Describe best practices for keeping Linux up to date and future changes to Linux security.

Course Activities and Grading

AssignmentsWeight

Discussions (Weeks 1-3, 5 & 7)

15%

Lab Assignments

20%

Project

40%

Final Exam (Week 8)

25%

Total

100%

Required Textbooks

Available through Charter Oak State College's Book Bundle

  • Jang, Michael. Security Strategies in Linux Platforms and Applications - with Access Code. 2nd ed. Sudbury, MA: Jones & Bartlett, 2017. ISBN-10: 1-284-15964-7 or ISBN-13: 978-1-284-15964-6
    • Note: This is a bundle which includes the textbook and the Access Code required for this course. We discourage students from purchasing “used” materials from other sources due to access codes not working properly.

Course Schedule

Week

SLOs

Readings and Exercises

Assignments

1

1,2,3

Topics: Linux Security Basics, Core Components, and Distributions

  • Readings:
    • Chapter 1, “Security Threats to Linux”
    • Chapter 2, “Basic Components of Linux Security”
    • Chapter 3, "Starting Off: Getting Up and Running"
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Week 1 Labs
    • Install a Core Linux Operating System on a Server
    • Configure Basic Security Controls on a CentOS Linux Server
  • Submit Project: Part 1 Task 1: Identify Linux Security Threats
  • Submit Project: Part 1 Task 2: Evaluate Virtualization Options

2

4,5,6

Topics: User Permissions, Filesystems, and Encryption

  • Readings:
    • Chapter 4, “User Privileges and Permissions”
    • Chapter 5, “Filesystems, Volumes, and Encryption"
    • Chapter 6, “Every Service Is a Potential Risk”
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Week 2 Labs
    • Hardening Security with User Account Management and Security Controls
    • Hardening Security for Linux Services and Applications
    • Applying Hardened Linux File System Security Controls
  • Submit Project: Part 1 Task 3: Recommend Open Source Server Solutions
  • Submit Project Part 1 Task 4: Manage User Account Access
  • Submit Project: Part 1: Executive Summary

3

7,8

Topic: Securing Services

  • Readings:
    • Chapter 7, “Networks, Firewalls, and More”
    • Chapter 8, “Networked Filesystems and Remote Access”
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Week 3 Labs
    • Hardening Security by Controlling Access
  • Submit Project: Part 2 Task 1: Secure File Storage Server
  • Submit Project: Part 2 Task 2: Provide Layered Security
  • Submit Project: Part 2 Task 3: Harden a Bastion Host

4

9,10

Topics: Networks, Firewalls, and Remote Access

  • Readings:
    • Chapter 9, “Networked Application Security”
    • Chapter 10, “Kernel Security Risk Mitigation”
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Week 4 Lab
    • Hardening Security for the Linux Kernel
  • Submit Project: Part 2 Task 4: Secure File Sharing
  • Submit Project Part 2 Task 5: Secure Web and Database Servers
  • Submit Project Part 2: Executive Summary

5

11

Topics: Application and Kernel Security

  • Readings:
    • Chapter 11, Managing Security Alerts and Updates
  • Read assigned chapter
  • Review the Lecture material
  • Submit Week 5 Lab
    • Applying Best Practices for Secure Software Management
  • Submit Project: Part 3 Task 1: Use a Kernel
  • Submit Project: Part 3 Task 2: Recommend a Software Management Plan

6

12,13

Topics: Managing Security Alerts and Updates

  • Readings:
    • Chapter 12, “Building and Maintaining a Security Baseline”
    • Chapter 13, “Testing and Reporting”
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Week 6 Lab
    • Applying Best Practices for Security Logging and Monitoring
  • Submit Project: Part 3 Task 3: Monitor Logs and Baseline
  • Submit Project: Part 3: Executive Summary

7

14,15

Topics: Security Baselines, Logging, Testing, and Reporting

  • Readings:
    • Chapter 14, “Detecting and Responding to Security Breaches”
    • Chapter 15, “Best Practices and Emerging Technologies”
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Week 7 Lab
    • Defining Linux OS and Application Backup and Recovery Procedures
  • Submit Project: Part 4 Task 1: Design a Backup Plan
  • Submit Project: Part 4: Executive Summary of the Project

8

1-15

Topics: Detecting and Responding to Security Breaches

  • Readings:
    • Review all material from previous weeks of the course.
  • Participate in Discussions
  • Complete Final Exam
  • Complete the Course Evaluation

COSC Accessibility Statement

Charter Oak State College encourages students with disabilities, including non-visible disabilities such as chronic diseases, learning disabilities, head injury, attention deficit/hyperactive disorder, or psychiatric disabilities, to discuss appropriate accommodations with the Office of Accessibility Services at OAS@charteroak.edu.

COSC Policies, Course Policies, Academic Support Services and Resources

Students are responsible for knowing all Charter Oak State College (COSC) institutional policies, course-specific policies, procedures, and available academic support services and resources. Please see COSC Policies for COSC institutional policies, and see also specific policies related to this course. See COSC Resources for information regarding available academic support services and resources.