Skip to main content

CSS 347: Security Strategies in Windows Platforms and Applications

Course Description

This course discusses security implementations for various Windows platforms and applications. Areas of study involve identifying and examining security risks, security solutions and tools available for various Windows platforms and applications.

Prerequisites

  • ENG 101: English Composition 1
  • ENG 102: English Composition 2
  • ITE 145: Fundamentals of Information Systems Security
  • ITE 220: Networking and Data Communication (Recommended)

Student Learning Outcomes (SLOs)

Students who successfully complete this course will be able to:

  1. Explain information security and how it applies to the Microsoft Windows operating systems.
  2. Explain security features of the Microsoft Windows operating systems.
  3. Implement secure access controls when setting up Microsoft Windows in a given organization.
  4. Set up encryption in a given organization to secure Windows environment.
  5. Install controls to protect a given Windows system from malware.
  6. Define and apply Group Policy controls in Microsoft Windows.
  7. Explain profile and audit tools to keep Windows systems secure.
  8. Perform backup and restore operations on a given Windows system.
  9. Design techniques to protect Windows networks from security vulnerabilities.
  10. Develop a security administration framework to ensure your organization meets its security policy goals.
  11. Identify and implement the most effective security controls to make computers and networks as secure as possible.
  12. Design techniques to protect given Windows application software from security vulnerabilities.
  13. Apply best practices for handling a given Microsoft Windows system and application incident.
  14. Include security concerns as early as possible in the software development process.
  15. Apply best practices to securing Microsoft Windows computers, networks, and applications.

Course Concepts

  1. Windows security vulnerabilities
  2. Microsoft Windows hardening strategies
  3. Windows system monitoring techniques
  4. Backup and restore operations
  5. Security incident handling tactics

General Education Outcomes (GEOs)

Please check the applicable GEOs for this course, if any, by outcomes at GEO Category Search, or by subject area at GEO Discipline Search.

Course Activities and Grading

Assignment(s)

Weight

Discussions

4%

Written Assignments

46%

Lab Assignments

20%

Final Exam

30%

Total

100%

Required Textbooks

(Available through our online bookstore)

  • Solomon, Michael. Security Strategies in Windows Platforms and Applications - Print Bundle for LMS Integrations. 2nd ed., Sudbury, MA: Jones & Bartlett, 2014. ISBN-13: 978-1-284-15824-3

Note: This is a Print Bundle which includes the textbook and the Access Code required for this course. Student must purchase these materials “New” from the Charter Oak State College bookstore. Used materials or materials from any other source are not acceptable.

Recommended Resources

Not available through bookstore and these resources will be additional costs to the students

  • Brian Komar, Windows Server 2008 PKI and Certificate Security
  • Erik Larkin, “Advanced Antivirus.” PC World, January 2010, Vol. 28 Issue 1 (Pages 80-86) (AN 47157049)
  • Harold F. Tipton, et al., Information Security Management Handbook, 6th ed.
  • ISACA, Cybercrime: Incident Response and Digital Forensics
  • Jeremy Moskowitz, Group Policy: Fundamentals, Security, and Troubleshooting
  • Jesper M. Johansson, et al., Windows Server 2008 Security Resource Kit
  • Mitch Tulloch, et al., Windows 7 Resource Kit
  • Steve Seguis, Microsoft Windows Server 2008 Administration

Course Schedule

Week

SLOs

Readings and Exercises

Assignments

1

1, 2

Topic: Security Features in Microsoft Windows

  • Readings:
    • Chapter 1 “Microsoft Windows and the Threat Landscape”
    • Chapter 2 “Security in the Microsoft Windows Operating System”
  • Read assigned chapters
  • Review the Lecture material
  • Submit Week 1 Assignments
    • Adding Active Directory
    • Active Directory Executive Summary Report
  • Submit Week 1 Lab
    • Implementing Access Controls with Windows Active Directory

2

3,4

Topic: Access Controls in Microsoft Windows

  • Readings:
    • Chapter 3 “Access Controls in Microsoft Windows”
    • Chapter 4 “Microsoft Windows Encryption Tools and Technologies”
  • Read assigned chapter
  • Review the Lecture material
  • Submit Week 2 Assignments
    • Recommendations for Access Controls
    • Access Controls Procedure Guide
    • Encryption and BitLocker Activity
  • Submit Week 2 Lab
    • Using Access Control Lists to Modify File System Permissions on Windows Systems
    • Configuring BitLocker and Windows Encryption

3

5,6

Topic: Protecting Microsoft Windows Systems

  • Readings:
    • Chapter 5 “Protecting Microsoft Windows against Malware”
    • Chapter 6 “Group Policy Control in Microsoft Windows”
  • Read assigned chapters
  • Review the Lecture material
  • Submit Week 3 Assignments
    • Malware Policy Procedure Guide
    • Group Policy Objects Lists
  • Submit Week 3 Labs
    • Identifying and Removing Malware from Windows Systems
    • Managing Group Policy Within the Microsoft Windows Environment

4

7,8

Topics: Microsoft Windows Security Profile, Group Policy Controls, Windows Backup & Recovery Tools

  • Readings:
    • Chapter 7 “Microsoft Windows Security Profile and Audit Tools”
    • Chapter 8 “Microsoft Windows Backup and Recovery Tools”
  • Read assigned chapters
  • Review the Lecture material
  • Participate in the Discussions
  • Submit Week 4 Assignments
    • Auditing Tools for Windows System
    • Security Audit Procedure Guide
    • Procedure Guide on Restoring a System
  • Submit Week 4 Labs
    • Creating a Scheduled Backup and Replicating System Folders

5

9, 10

Topic: Securing Microsoft Windows Networks

  • Readings:
    • Chapter 9 “Microsoft Windows Network Security”
    • Chapter 10 “Microsoft Windows Security Administration”
  • Read assigned chapters
  • Review the Lecture material
  • Submit Week 5 Assignments
    • Network Security Controls
    • Security Administration Using the Plan-Do-Check-Act (PDCA) Cycle
  • Submit Week 5 Lab
    • Securing Servers with the Security Configuration Wizard and the Windows Firewall

6

11, 12

Topic: Securing the Microsoft Windows Operating System & Applications

  • Readings:
    • Chapter 11 “Hardening the Microsoft Windows Operating System”
    • Chapter 12 “Microsoft Application Security”
  • Read assigned chapters
  • Review the Lecture material
  • Submit Week 6 Assignments
    • Policy for Securing Windows Environment
    • Hardening Windows Authentication, Networking, and Data Access
  • Submit Week 6 Lab
    • Securing Internet Client and Server Applications on Windows Systems

7

13,14,15

Topics: Microsoft Windows Incident Handling and Managment & Security Life Cycle & Windows Best Practices

  • Readings:
    • Chapter 13 “Microsoft Windows Incident Handling and Management”
    • Chapter 14 “Microsoft Windows and the Security Life Cycle”
    • Chapter 15 “Best Practices for Microsoft Windows and Application Security”
  • Read assigned chapters
  • Review the Lecture material
  • Participate in the Discussions
  • Submit Week 7 Assignments
    • Evidence Collection Policy
    • Windows Incident Handling Tools
  • Submit Week 7 Labs
    • Protecting Digital Evidence, Documentation, and the Chain of Custody
    • Hardening the Windows Server Security Using Microsoft Baseline Security Analyzer

8

1-15

Topics: Course Review and Final Examination

  • Readings:
    • None
  • Submit Week 8 Assignments
    • Best Procedures to Secure Windows Applications
    • Software Development Management Policies
  • Complete Final Exam
  • Complete the Course Evaluation