Fall 2009 - Network Security, Virtualization, and Linux Courses

Network Security

ITN260 Network Security Basics – Face-to-Face Course #48924 Section #N01C Tuesdays 6-9:30pm - Online Course#48926 Section# O02C - This course lays the foundation for further study in the network security program. Content domains include cryptography, communications security, infrastructure security, operating system security, wireless security, intrusion detection, malicious software, common attacks, and countermeasures. This course, among others, has helped hundreds of students to comply with DOD 8570.01m. Prerequisite: ITN 101 or sufficient networking experience.

ITN 262 Network Communication, Security, and Authentication - Wednesdays 6-9:30pm Course#48940 Section#N01C Students in ITN 262 learn how to analyze network traffic, reveal malicious attacks, configure intrusion detection systems, andwrite signatures to both detect and react to the latest threats. Prerequisite: ITN 260 Network Security Basics

ITN 267 Legal Topics in Network Security (Cyberlaw) – Online - Course Course#48944 Section#O01C – Find out how to protect your organization’s legal interests when managing security. In this course, students learn about the numerous laws affecting intellectual property, computer crime, privacy, and technology. This course thoroughly covers the Law, Investigations and Ethics domain of the CISSP certification. Coreq: ITN 260

VMware Academic Program

(NEW!) ITN 293 VMware Virtual Infrastructure: Install and Configure – Course# 72645 Section# N01C – Thursdays from 6pm to 9:30pm - Explore virtual network design and implementation, storage area networks, virtual switching, virtual system management, engineering for high availability, and virtualization security. This special academic partnership with VMware allows students to earn the VMware Certified Professional (VCP) credential for about 15% of what it would normally cost! Prerequisites: ITN 171 and ITN 260

(NEW!) ITN 293 Information Storage and Management – Course 72646 Section# N01C Mondays from 6pm to 9:30pm. Focuses on advanced storage systems, protocols, and architectures, including Storage Area Networks (SAN), Network-Attached Storage (NAS), Fibre Channel Networks, Internet Protocol SANs (IPSAN), iSCSI, and Content-Addressable Storage (CAS). Prepares students for the EMC Proven Professional Associate Certification exam.

Linux Courses

Due to a change in the Red Hat Academy program, qualifying students now get to take the RHCT ($399) and RHCE (4799) exams for FREE! For further information about the academy, please email rguess@tcc.edu or rking@tcc.edu.

ITN 171 Unix I - Online 4 credits – Course #48922 Section #O01C Provides an introduction to UNIX-like operating systems (using Linux). Teaches login procedures, file creation, UNIX file structure, input/output control, and the UNIX shells.

ITN 170 Linux System Administration - Course#48920 Section#N01C Tuesdays 6:00pm – 9:30pm 4Cr Focuses on the installation, configuration and administration of the Linux operating system. Emphasis is placed upon use of Linux as a network client and workstation. Leads to Red Hat Certified Technician (RHCT) Certification Exam. Prerequisite: ITN 171

ITN 270 Advanced Linux Network Administration – Next Spring 2010 - Focuses on the configuration and administration of the Linux operating system as a network server. Emphasis is placed upon the configuration of common network services and security. Leads to Red Hat Certified Engineer (RHCE) Certification Exam. Prerequisite: ITN170

Get Off My Cloud - by Mark Rasch

Paper Catalog + Computer Database = Patent? Um, No.

Senators Announce New Intellectual Property Enforcement Bill - Why??? Enforcement of civil law is traditionally (and best) left to the harmed party or parties. Is DOJ prepared to force the FBI to start investigating copyright infringement (again) despite the fact such frivolous issues would steal resources away from much more pressing matters? I do not think that anyone could possibly want this bill to pass other than special interests in Hollywood.

California court posting SSNs and other personal data, privacy advocates charge

North Dakota Man Charged for Spam Tracking / DNS Zone Transfer - from Ron

Marin Samson - Internet Law Update 1/13/2008

The Sears "Community" Installation of ComScore - Sears admits to joining spyware biz - from Dan

According to Cary Sherman of the RIAA, SONY BMG's in-house lawyer Jennifer Pariser "Misspoke" when testifying during Capitol v. Thomas trial

Companies Claim Right to Interfere with eBay Auctions for Charging Too Little

US v. Forrester Decision - 9th Circuit holds that the 4th Amendment does not protect against the search and seizure of administrative data such as to/from addresses of email, IP addresses of websites, or total volume of information transmitted

The First Amendment as Criminal Procedure by Daniel Solove

Martin Samson - Communications Decency Act Immunizes Employer From Liability For Employee's Threatening Emails, Michelangelo Delfino v. Agilent Technologies, Inc., H028993 ( Cal. Crt. App., December 14, 2006 ).

2007 Cybercrime Summit

Collecting Evidence from a Running Computer: A Technical and Legal Primer for the Justice Community

The Court Technology Laboratory has a good section on Biometrics

Man claims ADA applies to wrongful termination for sex addiction in the workplace - from Clyde - The phrase "snowball's chance in hell" comes to mind

SCO trying to subpoena "Pamela Jones" of Groklaw.

"In the past, SCO executives have said they suspect that "Groklaw" is actually being penned by a team of lawyers, and is funded by IBM."

My sides hurt.

Apple, Beatles Settle Trademark Suit - from Daniel

Copyright Office Report on Orphan Works

Nissan Motor Is Suing Nissan Computer For Trademark Infringement, Trademark Dilution And Cyber-Squatting - from Daniel

3 Lectures from Dr. Tom O'Connor

PRIVACY AND CYBERLAW

CYBERCRIME: THE INTERNET AS CRIME SCENE

DIGITAL EVIDENCE COLLECTION & HANDLING

The Real World: Forensics - EnCase vsFTK

The Ten Most Important Security Trends of the Coming Year

Ohio U. names interim CIO to replace William Sams following security lapses that led to the firing of two IT workers - Malware wars: Are hackers on top? - From Andy

A Critical Look at the Regulation of Cybercrime

Amendments to Federal Rules - 12/1/2006

E-Discovery - Amendments to the Federal Rules of Civil Procedure (12-1-2006)

Amendments to the Federal Rules of Evidence, Federal Rules of Civil Procedure, and Federal Rules of Criminal Procedure took effect Friday. There seems to be a lot of misinformation out there which is typical when non-lawyers try to make sense of the law. Being a non-lawyer myself, I shall endeavor to add to the noise!

In short, the new rules state that organizations must track data collected and, should they become aware of pending legal action, endeavor to preserve all relevant data. The outcome is that all organizations need to have document retention and destruction policies in place. These policies must be adhered to in a consistent manner in order to avoid the appearance of impropriety. Documents (like email) may be safely destroyed in a manner consistent with this policy. However, once an organization becomes aware of a lawsuit that may affect these records, the organization must endeavor to preserve all relevant evidence in order to avoid the appearance of impropriety. This requires that the organization be aware of what sort of records they have. This is a good reason for organizations to limit what data is collected and retained as a systematic part of managing corporate liability.

The history of this clarification is in the Enron case. Arthur Andersen had document destruction policies in place but failed to follow them. When served with a subpoena in the Enron case, AA officials suddenly "followed" their policy by shredding tons of documents and by deleting email. Deleting a file NEVER really deletes it so many of the emails were later recovered. This created the appearance of impropriety and doomed them before the court. AA is no longer allowed to even practice accounting as a result. Lesson learned: If they had adhered to their policies in a consistent manner, they still would have been "wrong" in the big picture sense but they would have been within their rights under the law.

Certain records like financial statements, medical data, etc. have legal retention periods. Ensure that any policy created adheres with these requirements. Email Retention Policy (sample policy): Specify an online retention period of roughly 3-6 months, an of roughly 12-24 months. The time interval is going to vary widely based upon the organizational goals, objectives and liabilities. This type of decision making should really flow from the top but the hard part is that "the top" may be a group of people with diverse backgrounds and little understanding of the importance of such policies in terms of managing legal liabilities.

Document Retention and Destruction Post-Arthur Andersen: What Can You Destroy? - Perfecting the Document Destruction Policy - A Brave New World

Note: I am not an attorney. This is not legal advice. If you require legal advice, please consult with an attorney.

E-Mail Retention: The High Cost of Digging Up Data

Wi-Fi Liability: Potential Legal Risks in Accessing and Operating Wireless Internet by Robert Hale II

Universal sues MySpace for copyright violations from Daniel

Kahle v. Gonzales - Does the Copyright Term Extension Act Violate Free Speech?

Lawsuit attempts to brand GPL as anti-trust

RIAA calls Consumer Electronics Association "Extremist"

Sports Artist Sued for Mix of Crimson and Tide

Consumer Sentinel - Fraud Trends

How Many Identity Theft Victims Are There? What IS the Impact on Victims? - Recent Surveys and Studies from the Better Business Bureau, Identity Theft Resource Center, Federal Trade Commission,
Gartner, and Privacy & American Business

The Identity Theft Prevention and Recovery Guide

Online Identity Theft: Phishing Technology, Chokepoints and Countermeasures by Aaron Emigh

US DoJ Crime and Victims Statistics - First Estimates from the National Crime Victimization Survey

Please share these flyers on the Network Security Program and the Red Hat Academy Program with anyone you know who may be interested.

Analysis of the Jurisdictional Thresholds for Prosecuting Cyber Crimes in the United States at the State Level