Master's in Cybersecurity: Practical Network Defense

Questions and Answers

What is one of the skills that students will acquire after completing this course?

• Ability to develop network attacks
• Ability to implement network hardening
• Ability to prepare presentations related to specific scientific topics (correct)
• Ability to develop network traffic analysis software

What is a topic covered in this course?

• Database management
• Artificial intelligence
• Network monitoring (correct)
• Cloud computing

What is NOT a part of the assignments in this course?

• Writing a research paper (correct)
• Implementing a network defense system
• Developing a network policy
• Reporting on the implementation

What is the purpose of the assignments in this course?

To fulfill a pre-requisite for accessing the written exam (B)

What is a type of network defense topic covered in this course?

Perimeter networks (DMZs)/Proxy Servers (C)

What is the structure of the classes in this course?

Theoretical concepts presented mainly during classroom hours, practical activity during lab hours (B)

What is the main objective of the Hack the Box website?

To offer Capture the Flag (CTF) challenges and cybersecurity exercises (C)

What should you do if you can't understand some self-assessment questions?

Check your prerequisites (A)

How do you enroll in the Hack the Box team?

Register on the website and join the Telegram group (B)

What is the purpose of the self-assessment?

To evaluate your understanding of the course material (D)

Who can contribute to the suggested resources for the course?

Any student in the class (B)

What is the purpose of the 'Hack the Box' Telegram group?

To collaborate on CTF challenges (A)

What can you do if you understand the self-assessment questions but can't remember the answers?

Check your notes and textbook (C)

What is the feedback policy for the course?

Feedback is always welcome (B)

What is the primary focus of the Practical Network Defense course?

Practical application of computer network security concepts (B)

What is one of the main objectives of the course?

To apply a security policy (D)

What is one of the skills that students will develop in the course?

Selecting the appropriate firewall rules to protect a network (A)

What is the lecturer's primary area of research interest?

Computer network security (D)

What is the code to join the class in Google Classroom?

mumait2 (C)

What is the schedule for the course on Thursdays?

12-15, Tiburtina Labs (lab XV) (C)

What is the total number of CFUs for the course?

6 CFUs (B)

What is one of the abilities that students will develop in the course?

Making the most appropriate design choices to implement a 'defense in depth' strategy (D)

What is the framework used for experimenting computer networking in the lab activities?

Kathará (formerly known as netkit) (D)

What is required to be done before attending the lab activities?

Download the virtual machine (D)

What is the minimum number of mandatory assignments required to pass the exam?

3 (A)

What is the purpose of the assignments in the course?

To apply techniques and tools introduced during the classes (C)

What is the maximum increment to the final grade of the written exam that can be achieved through assignments?

+3 points (D)

What is the validity period of a written exam?

1 year (D)

What is the optional exam format for students with a written exam >= 27?

Oral exam (A)

What is the main textbook used in the course?

Introduction to Computer Networks and Cybersecurity (C)

What is the expected outcome of completing the course?

To fill the gap in knowledge and catch up (D)

What is the purpose of the self-assessment exercises?

To familiarize students with Linux CLI and tools (C)

What is the recommended approach to the course?

Don't get discouraged and try to fill the gap in knowledge (C)

What is the purpose of the bonus reference to http://overthewire.org/wargames/bandit/bandit0.html?

To help students learn Linux CLI and tools (D)

What is the recommended goal for students using the bonus reference?

To learn as much as possible from each level (B)

What is the significance of taking notes while using the bonus reference?

Taking notes helps students remember passwords and how they were obtained (A)

Study Notes

Course Introduction

• The course is Practical Network Defense, a part of the Master's degree in Cybersecurity at Sapienza Università di Roma, academic year 2023-24.
• The lecturer is Angelo Spognardi, an associate professor at the Department of Informatics (Dipartimento di Informatica).
• The lecturer's contact information: tel: 06 4925 5164, email: [email protected], and website: https://angelospognardi.site.uniroma1.it.

Practical Info

• Student hours are available on request by email, and meetings will be held in the lecturer's office (G29, v.le Regina Elena, 295, Edificio G).
• Research interests of the lecturer include computer network security, security in social networks, ML and AI in cybersecurity, privacy, applied cryptography, operating systems, and programming.

Course Website and Schedule

• The course website is https://sites.google.com/di.uniroma1.it/practical-network-defense.
• The course has 6 CFUs, and students are required to join the class in Google Classroom using the code "mumait2" and their @studenti.uniroma1.it account.
• The schedule includes Thursday classes from 12-15 pm at Tiburtina Labs (lab XV) and Friday classes from 11-13 am at Aula 3, v.le Castro Laurenziano 7a.

Objectives

• The course aims to teach students methods and tools for protecting computer networks.
• Students will learn to apply practical concepts, including protocols in networked computer systems, security mechanisms, and intrusion detection.
• By the end of the course, students will be able to monitor traffic, apply security policies, perform network scans, and select appropriate firewall rules and protection mechanisms.

Topics Covered

• Network monitoring and traffic analysis
• Network attacks (e.g., session hijacking, man-in-the-middle)
• Minimizing exposure (attack surface and vectors)
• Network hardening and policy development
• Defense in depth and perimeter networks (DMZs)/Proxy Servers
• Implementing firewalls and virtual private networks (VPNs)
• Implementing IDS/IPS and network access control

Class Structure and Assignments

• Theoretical concepts will be presented in classroom hours, with practical activities during lab hours.
• Some topics will have assignments with two parts: an implementing part in the virtual lab environment and a reporting part.
• Assignments are part of the exam and are a prerequisite for accessing the written exam.

Tools and Resources

• The course will use Kathará (formerly known as netkit), a container-based framework for experimenting with computer networking.
• A virtual machine will be provided for students, and access to the virtual infrastructure (ACME co.) will be granted.
• Recommended textbooks include "Introduction to Computer Networks and Cybersecurity" by Chwan-Hwa (John) Wu and J.David Irwin.

Exam and Assessment

• The exam consists of 3/4 mandatory assignments and a full written exam.
• Optional oral exams are available for students with a written exam score of 27 or higher.
• Assignments are evaluated as A, B, or C, and provide an increment to the final grade of the written exam (up to +3 points).

Feedback and Self-Assessment

• Feedback is always welcome, and students are encouraged to share suggestions and resources.
• Self-assessment questions are provided to help students identify areas where they need to improve.
• The self-assessment questions cover topics such as Linux, network security, and cryptography.

Bonus Reference

• A bonus reference is provided to help students get used to Linux CLI and tools: http://overthewire.org/wargames/bandit/bandit0.html.

Description

Course introduction to Practical Network Defense for Master's degree students in Cybersecurity (2023-2024) at Sapienza Università di Roma.