USC Data Science 529 (DSci 526): Secure Systems Administration - Spring 2021
Lecture Wednesday - 2PM to 5:20PM PM, Online
Clifford Neuman
Announcements
The first lecture for DSci526 this semester will be on Wednesday January 20th, 2021.
Please log in to D2L, within the distrance education network platform, for the Zoom link to the live lecture.
Schedule
- Wednesday January 20, 2021 - First Lecture - Introduction to Secure System Administration
- Wednesday January 27, 2021 - Second Lecture - Generation of Security Requirements, Introduction to Virtualization
- Wednesday February 3, 2021 - Third Lecture - NIST Best Pratices - Linux System Administration
- Wednesday February 10, 2021 - Fourth Lecture - Composition of systems and protection domains
- Wednesday February 17, 2021 - ALTERNATE LECTURE TIME - Fifth Lecture - Configuration Management - System Updates - Solar Winds
- Wednesday February 24, 2021 - Sixth Lecture - Pen Testing and Red Teaming -
- Wednesday March 3, 2021 - Seventh Lecture - Virtualization and Cloud Security
- Wednesday March 10, 2021 - Mid-term Exam Noon-1:40PM, Followed by Eighth Lecture 4PM to 5:20 PM - Incident Response Planning
- Wednesday March 17, 2021 - Ninth Lecture - Network Administration
- Wednesday March 24, 2021 - Tenth Lecture - Network Monitoring and Attack Forensics
- Wednesday March 31, 2021 - Eleventh Lecture - Security Incident Event Management
- Wednesday April 7, 2021 - No Lecture - Wellness Day
- Wednesday April 14, 2021 - Twelveth Lecture - Accreditation and acceptance testing
- Wednesday April 21, 2021 - ALTERNATE LECTURE TIME - Thirteenth Lecture - Case Studies
- Wednesday April 28, 2021 - Final Lecture - Final Project Briefs by Both Groups - Conclusion - Review for Final Exam
- Final Exam - Monday May 10th, 2PM-4PM
Course Description
The system security administrator is the focal point for planning security in the installation and the "front line" when defending systems from cyber attack. Typically systems come with security features turned off to facilitate initial operation and must be tailored to the security needs of the organization. The only thing between a new system and a cyber attacker is the knowledge of the system administrator. The system administrator not only assures that user IDs and an initial password are set robustly, but also configures firewalls, intrusion detection systems, etc. and facilitates the development and enforcement of effective security policy for the organization.
The system security administrator plays an integral role in the system security design, testing, certification, accreditation, and operation of complex cyber systems, as well as operationally defending the system against real-time attacks.
The course provides students with hands on experience in the field of security administration. The student will learn how a security professional fulfills various Information Assurance requirements using the Linux operating system (the same principles apply to other operating systems). Students will be presented throughout the semester with a series of hypothetical systems representative of typical services and organizational models. Working in groups, students will design their information architecture for the systems in such organizations, paying careful attention to the required and prohibited information flows. Students will individually submit their plans for the placement of data and defense technologies.
In teams, students will deploy systems to manage access to data according to their plans and deploy defensive technologies. The teams will then participate in a capture the flag competition where they seek to defend their systems, while compromising the security of the systems deployed by other teams. This process will be repeated four times during the semester, each focused on a different scenarios representing different classes of systems.
Lecture topics include an examination of server, workstation and network vulnerabilities; procedures and tools for security assessment; development of security policies, procedures and standards; firewalls, logging and audit tools, hardening scripts as well as other tools and techniques used to implement secure computing environments.
This course is intended for graduate students with the following qualification: typically coming out of computer science, mathematics, computer engineering, informatics, and/or
Information security undergraduate program. Also, it is highly recommended that students have successfully completed coursework involving policy and network security.
Students in this class will learn primarily from hands on activities, augmented by lecture and weekly assigned readings. There will be a mid-term and final exam, and four case study group hands on exercises.
Course Objectives
This course is designed to transfer both knowledge and applicable
skills in utilizing technology, methods and policy to solve the
information security challenges. In doing so, many of the objectives
will require a “hands-on” approach to learning. After completing this
course, students will be able to:
- Analyze the needs of an organization and create an appropriate security policy and concomitant documentation
- Develop security requirements
- Evaluate exposure to risk in a computing environment
- Determine tools and techniques necessary to meet requirements
- Lead efforts to implement the necessary steps to meet security requirements
- Demonstrate the ability to recognize characteristics of various computer attacks to include:
- Malicious code
- Network attacks
- Develop responses to computer attacks
- Demonstrate the ability to interpret log files
- To demonstrate fluency in the use of the following security tools:
- Firewall
- Intrusion detection system
- Host-based
- Network-based
- Logfile watcher
- Create a firewall based upon a security policy.
- Use tools to conduct a vulnerability analysis of a live network
- Nmap
- Nessus
- Others as necessary
- Interpret the results of the vulnerability analysis, including defining recommendations for the network owner
Instructors and Assistants
Clifford Neuman
- Office: Information Sciences Institute - 310-448-8736
- Office hours: Monday 1PM to 2:30PM - or by appointment
- Email: bcn@isi.edu
TA/Producer T.B.D.
- Office: T.B.D.
- Office hours: T.B.D.
or by appointment
- Email: T.B.D.
Academic Integrity
As an instructor I take academic integrity seriously. Cases of
academic misconduct will result in the assignment of a failing grade
for the class and referal of the matter to the student conduct office.
In each of the past several years I have turned in multiple students
for cheating and assigned failing grades. Information on what
constitutes academic dishonesty can be found on the Viterbi Website
and at the USC Libraries.
Assignments
- Assignment S1 - Network Architecture and System Configuration for First Scenario
- Assignment S2 - Network Architecture and System Configuration for Second Scenario
- Presentation - Each students will present 30 minute survey presentation of administration tools in a specific category
- Group Assignment G1 - Deployment of Technology for First Scenario
- Group Assignment G2 - Deployment of Technology for Second Scenario
Course Grade Components
A letter grade will be assigned for each assignment, project, or exam.
The individual assignment, project, and exam scores are based on
student performance relative to other students in the class. The
final course grade will be determined by weighted calculation from the
component grades, and may be adjusted upward if the students
participation is exemplary. The components of the final course grade
are:
- 10% - Two Homework Assignments
- 10% - Class Presentation on Administration Tools
- 30% - Two Group Exercises
- 10% each Group Performance
- 5% each Individual Performance (presenting progress, etc)
- 20% - Mid-term exam
- 25% - Final Exam
- 5% - Class Participation
Lecture Slides
Course Materials - Readings - Suplemental list of useful references
Exams from Prior Years
Return of Course Assignments
Returned paperwork, unclaimed by a student, will be discarded one year
following the end of the semester. It is the students responsibility
to collect all graded assignments if they wish to retain such material
for their records or any other purpose.