Overview

During this introductory course, geared for students new to cybersecurity, students will be introduced to fundamental security topics. Students will critically examine concepts such as basic networking, system administration, team dynamics and system security as well as identifying and applying basic security hardening techniques. Students will gain practical experience through a virtualized lab environment where they will build and configure a small corporate network.

Faculty Instructors

Faculty Instructors are responsible for administering the course in accordance with the University at Buffalo policies and this syllabus. Faculty Instructors also determine final course grades consistent with the grading policy in this syllabus.

Name Email Chat Username
Dave Murray djmurray@buffalo.edu djmurray
Kevin Cleary kpcleary@buffalo.edu cleary.kevin.p

Student Instructors

Student Instructors are responsible for running the class. Most questions, unless believed to be sensitive, should be directed to a student instructor. Please consult Mattermost or UBLearns for Office Hour meeting information.

Name Email Chat Username Office Hours
Aibek Zhylkaidarov aibekzhy@buffalo.edu aibek Fridays, 6pm-7pm
Anthony Magrene ammagren@buffalo.edu magrene Saturdays, 11am-12pm
Michael Morgenthal mmorgent@buffalo.edu mmorgent Tuesdays, 10am-11am
Nick Richter nwrichte@buffalo.edu nickrichter Mondays, 12pm-1pm
Orly Stein orlystei@buffalo.edu orlystei Thursdays, 10am-11am
Phil Fox pcfox@buffalo.edu xphilfox Wednesdays, 5:30pm-6:30pm
Shreya Lakhkar shreyala@buffalo.edu shreya Thursdays, 2pm-3pm

Student Volunteers

Name Email Chat Username
Andrew Hu ahu5@buffalo.edu ahu5
Benjamin Bukai bjbukai@buffalo.edu bjbukai
Edward Lynch edwardly@buffalo.edu edwardly
Gursimran Singh gursimr2@buffalo.edu gursimr2
Ruben Ocana rubenoca@buffalo.edu ruben_ocana

Course Resources

Website ubnetdef.org/courses/syssec
Chat Channel chat.ubnetdef.org
Wiki wiki.ubnetdef.org
vCenter Server cdr-vcenter.cse.buffalo.edu
UB VPN buffalo.edu/ubit/service-guides/connecting/vpn/computer.html
You need this to be able to connect to vCenter while off campus or off network.

Student Learning Outcomes

Upon successful completion of this course a student will be able to… Assessment
Learn Basic Security Concepts and Topics Course
Defend a Machine from Real-time Attackers Course & Competitions
Work Effectively in a Team Project & Competitions
Identify Threats and Vulnerabilities of Systems Course
Effectively Communicate via Written Reports and Oral Presentations Project & Final Presentation

Course Requirements

Lectures

Attendance for all lectures is required. One absence or late arrival is permitted without penalty. Each additional absence may result in a letter grade reduction in the course. Students arriving late or unprepared may also receive an equal or lesser penalty at the discretion of the instructors. Absences due to illness will be excused if the instructor is notified in advance, and the illness is documented by a physician or healthcare professional. Please note that a live webcam is required if you are attending class online.

Competition Participation

All students are required to participate fully in at least two cyber-security competitions, including two UB Lockdown competitions. Various competitions will be announced throughout the academic semester.

Homework Assignments

Homework will be assigned each week, and will be based on the topics in the class schedule. Unless otherwise specified, they will be released and submitted at ublearns.buffalo.edu.

Class Schedule

This schedule is subject to change.

Week Topic Homework
Week 1 Welcome - 1000 mile overview, vSphere, Mattermost Virtualization TBA
Saturday, February 6th, 2021: High School Lockdown 5
Week 2 Networking
pfSense Runbook; Topology of pfSense with IPs, Gretzky and LAN + DMZ
TBA
Week 3 Firewalls (Part 1) TBA
Week 4 Windows TBA
Week 5 Linux TBA
Week 6 Linux Services TBA
Week 7 Advanced Networking
Guest Lecture: Kevin Cleary
TBA
Week 8 Firewalls (Part 2) TBA
Week 9 Risk Management TBA
Week 10 IR (Windows) TBA
Week 11 Penetration Testing TBA
Week 12 Linux Hardening Techniques TBA
Week 13 Digital Forensics TBA
Saturday, May 1st, 2021: Lockdown V10
Week 14 Packet Capture / TBD Final Project

Getting Assistance

The best way to request assistance is to ask on the Systems Security channel on UBNetDef’s chat server. The instructors and mentors constantly monitor the chat, so it’s likely you will receive a response within 24-hours, if not sooner. If you do not have access to the UBNetDef chat server, please contact an instructor.

Grading Policy

Grading Breakdown

Component Percentage of overall grade
Attendance 15%
Weekly Projects 50%
Final Project 15%
Lockdown 15%
Extra Competition 5%
Total 100%

Grading Scale

Letter grade Percentage
A ≥ 93%
A- ≥ 90%
B+ ≥ 87%
B ≥ 83%
B- ≥ 80%
C+ ≥ 77%
C ≥ 73%
C- ≥ 70%
D ≥ 65%
F <65%

Course Conduct

Academic Integrity

Students must conduct themselves in a manner that does not violate the University at Buffalo’s Academic Integrity Policy. Students found in violation of the Academic Integrity Policy will receive an F for the course.

Ethics Policy

As a student in cyber security, you are learning tools and given resources that are meant to help protect yourself and others. However, these tools and resources can also be used in malicious or illegal ways. It is imperative that while you are a representative of this class, and even well after, you perform any security education or training strictly inside our internal environment or a controlled and contained environment that you have prepared for yourself. Any activity outside of our internal environment is outside of our control and protection. If you are not sure what you’re doing, it is very easy to do something illegal without even knowing you are (even something as simple as port scanning outside our internal network). If you are unsure if something is allowed or not, contact one of the instructors or mentors. All network traffic inside our infrastructure will be monitored for malicious or suspicious activity and acted upon with severe consequences if such privileges are abused. You are being given an opportunity to learn, please do not waste it.

vCenter Usage

As a part of Systems Security, you are granted permissions to create Virtual Machines on the vCenter environment, for educational purposes. Any misuse of the environment will result in the immediate failure of the student.

Network Logging Disclaimer

All traffic that occurs within the vCenter environment is being logged for analysis purposes. Traffic captures (pcaps) may be shared with other individuals within UBNetDef for educational purposes only. We highly discourage logging into any personal or social networking websites on a Virtual Machine hosted in the vCenter environment.