Catalog Description
Prerequisite: Completion of IT 120 with grade of "C" or better
Hours: 72 (54 lecture, 18 laboratory)
Description: Firewalls are one of the primary tools used to prevent unauthorized access to corporate networks. Students will learn how to design and configure firewalls to allow access to key services while maintaining an organization's security, as well as how to implement firewall-to-firewall Virtual Private Networks (VPNs). (CSU)
Course Student Learning Outcomes
- CSLO #1: Describe the elements of computer-based data communication.
- CSLO #2: Define management's role in the development, maintenance, and enforcement of information security policy, standards, practices, procedures, and guidelines.
- CSLO #3: Discuss different firewall strategies.
- CSLO #4: Recommend best practices for effective configurations and maintenance of Virtual Private Networks (VPNs).
Effective Term
Fall 2023
Course Type
Credit - Degree-applicable
Contact Hours
72
Outside of Class Hours
90
Total Student Learning Hours
162
Course Objectives
Upon completion of this course, the student will be able to:
1. Analyze problems, recommend solutions, products, and technologies to meet business objectives.
2. Recommend best security practices to achieve stated business objectives based on risk assumptions.
3. Actively protect information technology assets and infrastructure from external and internal threats.
4. Monitor systems for anomalies, proper updating, and patching.
5. Evaluate and perform planning, testing, and implementation of software and hardware deployed.
6. Assist in incident responses for any breaches, intrusions, or theft.
7. Recommend best practices for effective configurations and maintenance of Virtual Private Networks (VPNs) and firewalls.
8. Explain how network defense tools (firewalls, IDS, etc.) are used to defend against attacks and mitigate vulnerabilities.
9. Implement Network Security Components (Data Loss Prevention, VPNs/firewalls).
General Education Information
- Approved College Associate Degree GE Applicability
- CSU GE Applicability (Recommended-requires CSU approval)
- Cal-GETC Applicability (Recommended - Requires External Approval)
- IGETC Applicability (Recommended-requires CSU/UC approval)
Articulation Information
- CSU Transferable
Methods of Evaluation
- Objective Examinations
- Example: Based upon course readings and class discussions relating firewall configurations, students would be required to take a quiz relating to chapter content, and to explain issues pertaining proper firewall configurations. Example: In your own words (no copy/paste allowed) identify firewall policies that must be in place for NAT to function. Instructor will grade based on level of understanding shown in the response.
- Problem Solving Examinations
- Example: Students will be provided with a virtualized environment with various operating systems, along with a firewall. Students would have to determine the right firewall to configure based on desired outcomes. Students would also have to analyze the output of various firewall logs utilizing techniques discussed. Pass/Fail grading.
- Projects
- Example: Given a specific scenario, students would be required to prepare a Firewall report detailing attacks being suppressed. Student performance would be based upon a rubric designed to incorporate both the requirements of a Firewall report, as identified course readings, and the clearness of plan response instructions.
- Skill Demonstrations
- Example: Students will be provided lab assignments based on the weekly topic and required to complete the tasks outlined. See the lab example in 14b for sample. Example. Students will configure firewall settings given a set of parameters, to include port forwarding and NAT configurations. Students will capture images to show the process and submit for grading. Grading will be based on a complete set of images with proper notations as described in the instructions. Pass/Fail grading.
Repeatable
No
Methods of Instruction
- Laboratory
- Lecture/Discussion
- Distance Learning
Lab:
- Instructor will guide students through hands-on lab exercise to configure firewall policies and network settings. Students will configure firewall policies discussed in class, and test networks for proper firewall configurations. (Objective 3)
Lecture:
- Students will read weekly assignments related to Firewall Security. The instructor will lead a review discussion on the topics covered. (Objective 7)
Distance Learning
- Students will be provided with a written scenario, outlining a company's firewall policies. Students will than configure and test firewalls to that policy. (Objective 2)
Typical Out of Class Assignments
Reading Assignments
1. Students will be assigned chapter reading assignments from the course textbook which will need to be completed before each class session. Example: Read the chapter about Advanced Routing Protocols. 2. Internet research and reading assignments will be required that build on concepts presented in class, and provide insight into current technology industry trends and innovations. Example: research to find additional information about utilizing firewalls in a business environment.
Writing, Problem Solving or Performance
1. Online NETLAB+ lab assignments will require students to perform technical tasks and provide written responses that demonstrate logical analysis and problem solving. Example: Students asked to complete NETLAB+ Lab 1 - Perform basic interface configuration on a Palo Alto Networks firewall. 2. Chapter review questions will be assigned to students and must be completed before the start of each class. Review questions will require written answers that demonstrate problem solving and an understanding of chapter concepts. Example: Answer questions at end of the chapter about why packet-filtering rules is important to a firewall.
Other (Term projects, research papers, portfolios, etc.)
Required Materials
- Palo Alto Networks Prisma Certified Cloud Security Engineer Study Guide
- Author: Palo Alto Networks
- Publisher: Palo Alto Networks
- Publication Date: 2021
- Text Edition: 1st
- Classic Textbook?: No
- OER Link:
- OER:
- Palo Alto Networks Certified Network Security Administrator Study Guide
- Author: Palo Alto Networks
- Publisher: Palo Alto Networks
- Publication Date: 2021
- Text Edition: 1st
- Classic Textbook?: No
- OER Link:
- OER: