Send More Info
Apply Now
Classroom Login
Call Now
Call Now 855-300-1469

MGT 5156 Host Based Security


Course Description

Explores security-related aspects of host-based computer security. Covers the elements of systems that make them secure or vulnerable, defense architectures, forensics, reverse engineering, metrics, virtualization, and other topics. Conveys key concepts through hands-on examples.

Course Description

After completing this course, students should be able to:

  • Describe how host and application security relates more generally to computer security
  • Apply security concepts to the challenge of providing host and application security
  • Describe the host environment and the way applications interact with the underlying host architecture
  • Apply basic security concepts to the operating system in order to evaluate the functions provided by the OS from a security perspective
  • Explain malware, its implications, and remediation strategies
  • Analyze the threat of malicious code in different contexts, and apply this evaluation to the selection of remediation strategies
  • Assess how the Web works from a client perspective, and apply this knowledge to web-based security threats for the client
  • Describe common vulnerability types, and apply knowledge of the underlying architecture to analyze the dependencies that exist between vulnerability, OS, and architecture
  • Explain some of the implications of the cloud and host virtualization
  • Apply concepts learned to shape and evaluate security policies in a corporate environment

Week 1


Module: Introduction & Overview
Lecture: Introduction & Overview

Outcomes

After completing this module, students should be able to:

  • Describe the goals and scope of this class
  • Identify basic terms associated with host based security
Module: What is Security?
Lecture: What is Security?

Outcomes

After completing this module, students should be able to:

  • Recognize security in the context of the host/application
  • Explain the differences between confidentiality and integrity
  • Deduce the impact of malice when analyzing a system
  • Describe systems from the perspective of an attacker

Week 2


Module: How the Host Boots
Lecture: The Host: Boot Sequence
Lecture: The Host, Part 2

Outcomes

After completing this module, students should be able to:

  • Describe the way modern computers boot
  • Analyze the ways in which the boot sequence can be leveraged by an attacker
  • Explain the role of trusted components in the boot sequence

Week 3


Module: How the OS Works
Lecture: Operating System Security, Part 1
Lecture: Operating System Security, Part 2

Outcomes

After completing this module, students should be able to:

  • Describe common approaches for protecting memory and other resources
  • Describe the common access control approaches in detail
  • Explain why modern operating systems are designed the way they are

Week 4


Module: Vulnerabilities
Lecture: Vulnerabilities: How Things Go Wrong, Part 1
Lecture: Vulnerabilities: How Things Go Wrong, Part 2

Outcomes

 After completing this module, students should be able to:

  • List the different types of vulnerability that applications have
  • Describe how a buffer overrun can be exploited
  • Describe how return-oriented programming works
  • Exploit different vulnerabilities

Week 5


Module: Malware History
Lecture: Malware History

Outcomes

 After completing this module, students should be able to:

  • Place current events in malware in their historical perspective
  • Describe the evolution of malware from the very beginning of the problem
Module: Computer Viruses
Lecture: Computer Viruses: The Art of the Attacker

Outcomes

 After completing this module, students should be able to:

  • Describe how boot viruses work
  • Describe how parasitic file viruses work
  • Describe how stealth works for malware
  • Describe how polymorphism and metamorphism work

Week 6


Module: Virus Defense
Lecture: Virus Defense

Outcomes

 After completing this module, students should be able to:

  • Contrast benefits and disadvantages of different protection schemes
  • Explain how scanners work
  • Explain how stealth and polymorphism impact the defender
  • Describe heuristics, checksumming, and generic detection
Module: Case Study: Web Security, Part 1
Lecture: Case Study: Web Security, Part 1

Outcomes

 After completing this module, students should be able to:

  • Explain, from a client perspective, how the Web works, with particular emphasis on state
  • Exploit simple XSS vulnerabilities
  • Analyze an application and determine how it poses risk to the client
  • Enumerate and explain the different primary sources of vulnerability

Week 7


Module: Case Study: Web Security, Part 2
Lecture: Case Study: Web Security, Part 2

Outcomes

After completing this module, students should be able to:

  • Explain, from a client perspective, how the Web works, with particular emphasis on state
  • Exploit simple XSS vulnerabilities
  • Analyze an application and determine how it poses risk to the client
  • Enumerate and explain the different primary sources of vulnerability
Module: Virtualization
Lecture: Virtualization

Outcomes

After completing this module, students should be able to:

  • Describe how OS virtualization works
  • Describe issues that impact the development of economic models for security and explain how corporate culture can affect economic decision making

Week 8


Module: Management of the Host
Lecture: Management, Part 1
Lecture: Management, Part 2

Outcomes

  • Apply lessons learned to the problem of security for hosts within the enterprise
  • Describe different levels of risk

The course description, objectives and learning outcomes are subject to change without notice based on enhancements made to the course. November 2013