Using an isolated network laboratory to teach advanced networks and security
Proceedings of the thirty-second SIGCSE technical symposium on Computer Science Education
Computer security and impact on computer science education
CCSC '01 Proceedings of the sixth annual CCSC northeastern conference on The journal of computing in small colleges
A laboratory-based course on internet security
SIGCSE '03 Proceedings of the 34th SIGCSE technical symposium on Computer science education
A unique experiential model for teaching network administration
CITC4 '03 Proceedings of the 4th conference on Information technology curriculum
Information system security curricula development
CITC4 '03 Proceedings of the 4th conference on Information technology curriculum
Security education within the IT curriculum
CITC4 '03 Proceedings of the 4th conference on Information technology curriculum
Teaching computer security at a small college
Proceedings of the 35th SIGCSE technical symposium on Computer science education
Tele-lab IT security: an architecture for interactive lessons for security education
Proceedings of the 35th SIGCSE technical symposium on Computer science education
A laboratory based capstone course in computer security for undergraduates
Proceedings of the 37th SIGCSE technical symposium on Computer science education
Stingray: a hands-on approach to learning information security
Proceedings of the 7th conference on Information technology education
Black Hat/White Hat: an aggressive approach to the graduate computer security course
Journal of Computing Sciences in Colleges
SEED: A Suite of Instructional Laboratories for Computer Security Education
Journal on Educational Resources in Computing (JERIC)
Network firewall visualization in the classroom
Journal of Computing Sciences in Colleges
Disturbed playing: another kind of educational security games
CSET'12 Proceedings of the 5th USENIX conference on Cyber Security Experimentation and Test
| Hi-index | 0.00 |
The objective of this paper is to describe the successful deployment and operation of a student managed, isolated network "Sandbox" laboratory used for teaching Information Technology (IT) Security System Engineers. Laboratories for training Network Engineers have previously been deployed in IT education, frequently using a standard operating system base configuration in order to facilitate re-imaging for new classes. We have elected to employ a mujlti-platform environment that utilizes bothWindows and Linux operating systems. The Sandbox is called such because it is a creative experimental area physically isolated from all other networks including the Internet. Experimentation with every class of vulnerability such as viruses, worms, parasites, malware, and Denial of Service attacks is evaluated, mitigated and controlled. Having a strictly Linux-based environment as others frequently have done avoids the escalating problems introduced by Windows platforms. We have elected to study and experiment with multiple OS environments and confront the challenges that Windows presents. The Sandbox security laboratory has served as a test-bed for executing security labs created by students concurrent with the running of two different upper-class and graduate university-level IT security courses. Students created both the lectures and the labs used in these security courses. The first course was a very comprehensive course in all topics of network, internet and web security. The sescond course dealt with identity management, data privacy and identity theft. Students architected the network topology and built the Sandbox. The Sandbox is designed in a modular fashion to facilitate the creation of multiple network nodes with firewalls, IDSs, and associated servers, routers and switches. A student Security Team was organized to administer the Sandbox. Security Best Practices were developed to ensure consistent management of the Sandbox and its security policies. IT undergraduate and graduate students have learned that the role of a Security Systems Engineer involves not only technology, but also responsible management of policy and Best Practices concept.