UNIVERSITY OF MINES AND TECHNOLOGY

FACULTY OF COMPUTING AND MATHEMATICAL SCIENCES

ENTERPRISE AND PERIMETER SECURITY

Course Syllabus, Teaching Plan and Reading List
2024/25 Academic Year – Second Semester

1. Instructor and Contact Information

Lecturer: Frederick Broni Jnr

Email: [email protected]

Office Location: Top Floor old Mining Block

2. Course Information
Course Code: CY 377

Sessions:

Department: Computer Science and Engineering

Level: Undergraduate

3. Course Objective
The objective of this course is to provide students with a comprehensive

understanding of the concepts, technologies, and best practices associated with

enterprise and perimeter security. Students will learn how to design, implement, and

manage security systems and protocols that protect an organization's network and
assets. By the end of this course, students will be able to understand the fundamental

concepts of enterprise and perimeter security, analyze and compare various security
technologies and protocols, design and implement security systems and protocols for

Page 1 of 6
enterprise networks, manage and maintain security systems and protocols and

understand the legal and ethical issues related to enterprise and perimeter security.

4. Course Content
Introduction to Enterprise and Perimeter Security, Network Security Fundamentals,

Firewalls and VPNs, Intrusion Detection and Prevention Systems, Security Information
and Event Management (SIEM), Access Control and Identity Management, Network

Segmentation and Micro-Segmentation, Cloud Security, Incident Response and

Disaster Recovery, Compliance and Standards, Legal and Ethical Issues.

5. Mode of Delivery
Lectures (face-to-face and online using Virtual Learning Environment), tutorials,

seminars, written, oral presentations, class quizzes and practical assignment. Students

are expected to practice.

6. Recommended and Supplementary Text

1. Northcutt, S., Zeltser, L., Winters, S., Kent, K. and Ritchey, R. W. (2020), Inside
Network Perimeter Security, Sam Publications, 2nd Edition, 250 pp.

2. Garbis, J., & Chapman, J. W. (2021). Zero trust security: An enterprise guide.

Apress. https://doi.org/10.1007/978-1-4842-6702-8.

3. Bhattacharya, S., & Kuppam, M. (2024). Enterprise digital reliability: Building

security, usability, and digital trust. Apress. https://doi.org/10.1007/979-8-

8688-1032-9.

4. Kant, A. (2024). Ultimate Linux network security for enterprises: Master

effective and advanced cybersecurity techniques to safeguard Linux networks

and manage enterprise-level network services. Orange Education Pvt Ltd,

AVA™.

Page 2 of 6
7. Assessment

Items Marks
Quizzes 10

Presentation 5

Class Attendance 10

Class Participation 5

Project Work 10

End of Semester 60

Total 100

*Note: There will be several quizzes that will cover lecture material, and

quizzes are unannounced pop-up quizzes. Each week there would be an

assignment and a quiz. They are to be solved independently and tightly
related to the class materials.
If you miss a quiz or and assignment, you will receive a zero. There will be
no make-up quizzes, but the instructor will drop one lowest quiz score. There
are also no make-up assignments. Missed quizzes can be made up in cases
of extreme circumstances.

8. Session Outline

Weeks Topics Lessons

• Overview of Enterprise Security
• Key Security Challenges in Enterprises
Introduction to
One • Introduction to Network Security, Endpoint Security,
Enterprise Security
Application Security, and Data Security

Enterprise Perimeter • Network Security Architecture

Two and Network Security • Weaknesses in Network Topologies
(Part 1) • Placement of Security Devices in Enterprise Networks

Page 3 of 6
 • SABSA Framework for Aligning Business and Security
Needs

• Building an Enterprise Network

• Network Segmentation and Least Privilege
Enterprise Perimeter • VPN Setup for Remote Access
Three and Network Security • Firewall, IPS and IDS Setup
(Part 2) • Introduction to SIEM (Security Information and Event
Management)

• Zero Trust Architecture

Enterprise Perimeter
• Principles of Zero Trust
Four and Network Security
• Designing a Zero Trust Model
(Part 3)

• Introduction to Endpoint Security

Enterprise Endpoint • Asset Identification and Vulnerability
Five Security (Part 1) Mitigation
• System Hardening for Windows and Linux

• BYOD (Bring Your Own Device) Strategy

Enterprise Endpoint
• Security Policies and Compliance
Six Security (Part 2)
• Remote Work Policies

• Cloud Management and Security

Enterprise Endpoint
• Public Access Configuration
Seven Security (Part 3)
• Cloud Broker Configuration

• Introduction to Application Security

Enterprise-Wide
• DevSecOps and SDLC (Software
Application Security
Eight Development Lifecycle)
(Part 1)
• Designing Security Architecture

• Threat Modeling and Vulnerability

Enterprise-Wide
Scanning
Application Security
Nine • Exploiting Vulnerabilities
(Part 2)
• Penetration Testing Roadmap

Enterprise-Wide • Container Vulnerabilities

Ten Application Security • API Vulnerabilities
(Part 3) • Mitigation Strategies for Application

Page 4 of 6
 Vulnerabilities

• Introduction to Data Governance

Enterprise Data • Compliance Regulations and Data
Eleven Security (Part 1) Classification
• Data Security Policies

• Data Confidentiality and Encryption

Enterprise Data
• Data Integrity and Auditing
Twelve Security (Part 2)
• File Integrity Monitoring

• Data Availability and Backup Strategies

Enterprise Data
• Disaster Recovery Planning
Thirteen Security (Part 3)
• Backup and Recovery Testing

9. Assignment Submission Guidelines

All materials submitted for grading must conform to the following guidelines, failure
to do so may result in loss of credit.

Academic Integrity

All programs submitted must be your own work, and you are expected to develop

your programs independently. You may receive as much help as you wish on the use

of the operating system, text editors, debuggers, file transfer protocols and so on. You
may consult with other members of the class about interpreting the assignment, and
you may get help in finding bugs, but not fixing bugs, but you are not allowed to look

at or copy another person's code or discuss design decisions with others, and you

cannot show your code to others. Students found to be in violation of these guidelines
will fail the project and will be reported to the HOD.

What should be submitted

Page 5 of 6
 • A Readme file describing the contents of the directory.

• All source code required for the problem.

• Any test files or configuration files required for the problem.

• Documentation explaining the solution to the problem or answer to the

question.

General Guidelines

• Your work should be submitted as a zip file. This file should expand to a
directory, named after your id number, containing the answer to the question,

as described above.

• It is the responsibility of the student to submit valid, readable zip files to the

correct address and via the appropriate platform. Corrupt or incomplete files
are unacceptable and may be judged incorrect.

Late Submissions and Resubmissions

The due date for assignments is strict. For any part of assignment completed and

submitted after the due date you will lose 40% of your score for each late day. I.e.,

homework submitted one day after the deadline will bring you only 60% of earned

points; two days after the deadline it will bring you 20%.

You can also improve your submission or fix errors in your submission until the due
date. Simply upload the new version.

Office Hours
Office hours are an opportunity for you to clarify details you may have missed in class

or to resolve a serious problem you have encountered. They are not a place to get a

"second run" of the lecture if you missed the class or obtain answers on the
assignment.

Page 6 of 6