During this introductory course, geared for students new to cyber security, students will be introduced to fundamental security topics. Students will critically examine concepts such as basic networking, system administration, team dynamics and system security as well as identifying and applying basic security hardening techniques. Students will gain practical experience through a virtualized lab environment where they will be building a small corporate network. Students will also work as a team towards the completion of a semester long research project of their choosing.
Faculty Instructors are responsible for administering the course in accordance with the University at Buffalo policies and this syllabus. Faculty Instructors also determine final course grades consistent with the grading policy in this syllabus.
| Name | Slack Username | |
|---|---|---|
| Dave Murray | djmurray@buffalo.edu | djmurray |
| Kevin Cleary | kpcleary@buffalo.edu | cleary.kevin.p |
Student Instructors are responsible for running the class. Most questions, unless believed to be sensitive, should go to someone from this list.
| Name | Slack Username | |
|---|---|---|
| Benjamin Kasman | bjkasman@buffalo.edu | Bjkasman |
| Cameron Levine | crlevine@buffalo.edu | cameron |
| Jered Geist | jeredgei@buffalo.edu | jered |
| Nick Brase | nrbrase@buffalo.edu | nickbrase |
| Stefan Jagroop | stefanja@buffalo.edu | stefanja |
| Stephen James | sjames5@buffalo.edu | stephenorjames |
| Website | https://ubnetdef.org/courses/syssec |
| Slack Channel | https://ubnetdef.slack.com |
| Wiki | https://wiki.ubnetdef.org |
| vCenter Server | cdr-vcenter1.cse.buffalo.edu |
| vCenter Client | https://ubnetdef.org/vcenter |
| Upon successful completion of this course a student will be able to… | Assessment |
|---|---|
| Learn Basic Security Concepts and Topics | Course |
| Defend a Machine from Real-time Attackers | Course |
| Work effectively in a team | Project & Competitionss |
| Identify threats and vulnerabilities of systems | Course |
| Effectively communicate via written reports and presentation skills | Project and Final Presentation |
Attendance for all lectures is required. One absence or late arrival is permitted without penalty. Students arriving late or unprepared may also receive a penalty at the discretion of the instructor. Absences due to illness may be excused if the instructor is notified in advance, and the illness is documented by a physician or healthcare professional.
All students are required to participate fully in a Cyber Security competition, as well as the UB Lockdown competition. Various competitions will be announced throughout the academic semester.
This list of homework assignments is subject to change.
| Homework | Due Date |
| Setup your teams webserver & Complete Over the Wire Bandit | March 2, 2017 @ 6:00PM |
| 1. Create a security group in Active Directory and add your User to it
2. Create a group policy that sets the desktop background (hint: google) 3. Apply this setting to the security group you created 4. Send screenshots of applied background and set group policy to ubnetdef@buffalo.edu |
March 9, 2017 @ 6:00PM |
| Setup firewall rules as per Nicks lecture (see final slide of lecture for details) | March 16, 2017 @ 6:00PM |
| Setup the LAN portion of your network as described in the project network diagram found on slack. | April 6, 2017 @ 6:00PM |
| 1. Setup the DMZ portion of your network as described in the project network diagram found on slack. 2. Document this process in the format discussed in class on April 7, and submit your report to Ubnetdef@buffalo.edu |
April 13, 2017 @ 11:59PM |
The best way to request assistance is to ask on the #syssec channel on UBNetDef’s slack. The instructors and mentors are constantly on the slack, so it’s likely you will get a response within 24-hours, if not less. If you do not have access to the UBNetDef slack, please contact an instructor.
| Systems Security Grading Scale | |||||
| Active Class Participation & Attendance | 25% | ||||
| Competition Participation | 25% | ||||
| Class Project | 25% | ||||
| Final Presentation | 15% | ||||
| Peer Evaluations | 10% | ||||
| Total | 100% | ||||
Students must conduct their coursework in a manner that does not violate the University at Buffalo’s Academic Integrity Policy. Students found in violation of the Academic Integrity Policy will receive an F for the course.
As a student in cyber security, you are learning tools and given resources that are meant to help protect yourself and others. However, these tools and resources can also be used in malicious or illegal ways. It is imperative that while you are a representative of this class, and even well after, you perform any security education or training strictly inside our internal environment or a controlled and contained environment that you have prepared for yourself. Any activity outside of our internal environment is outside of our control and protection. If you are not sure what you’re doing, it is very easy to do something illegal without even knowing you are (even something as simple as port scanning outside our internal network). If you are unsure if something is allowed or not, contact one of the instructors or mentors. All network traffic inside our infrastructure will be monitored for malicious or suspicious activity and acted upon with severe consequences if such privileges are abused. You are being given an opportunity to learn, please do not waste it.
As a part of Systems Security, you are granted permissions to create Virtual Machines on the vCenter environment, for educational purposes. Any misuse of the environment will result in the immediate failure of the student.
All traffic that occurs within the vCenter environment is being logged for analysis purposes. Traffic captures (pcaps) may be shared with other individuals within UBNetDef for educational purposes only. We highly discourage logging into any personal or social networking websites on a Virtual Machine hosted in the vCenter environment.