Introduction

In this module you will learn to apply computer and network security techniques to defend against a variety of digital attacks. We will cover a wide range of topics that build on your knowledge of digital security, to develop the skills necessary to design and operate secure systems, software, and networks. In comparison to the modules you have previously completed, this module will focus further on the principles and practice of defence against various technical attacks, using Unix (and specifically Linux) to explore practical applications.

We will delve into a variety of security issues and technical solutions. Topics covered will include: operating system security models, user authentication and access control, sandboxing, and virtualisation. You can expect lots of hands-on opportunities to apply security theory, and you will develop your familiarity with Unix, free open source software, and advanced Linux security mechanisms. Digital security is an exciting field to be involved in, and hopefully this module will deepen your knowledge of and passion for security.

Summary

This module enables you to develop your theoretical understanding and practical experience of systems security. You will conceptualise and implement important security principles, primitives and practises for providing security defences. Security schemes and techniques for protecting and confining users, programs, and systems (both on devices and across networks) are covered in depth. This includes operating systems security, using access controls and authentication schemes (including network-based authentication), virtualisation, and advanced sandboxing and containerisation techniques. You will carry out technical security defences to secure systems against attack or misuse and apply offensive techniques to test the application (and misconfiguration) of security defences. Practically, this module involves configuring (and auditing the security of) systems using advanced security controls, including access control lists (ACLs), containerisation such as Docker, mandatory access controls (MAC) such as AppArmor, and network-based authentication such as LDAP and Active Directory.

The practical labs cover various aspects of system security with an emphasis on Unix/Linux environments. The Authentication lab delves into user identity verification, password storage, and cracking techniques, providing hands-on experience to understand authentication processes. The Pluggable Authentication Modules lab explores PAM and SSH, enhancing knowledge of authentication flexibility and security in Linux. The Access Controls lab focuses on Unix file permissions, inodes, and directory-level permissions, offering practical skills in managing access rights. The Set User ID lab delves into SUID and SGID, explaining their role in privilege escalation and providing practical experience in working with SUID programs. The Access Control Lists (ACLs) lab introduces ACLs, allowing granular control over resource access, with tasks involving Linux ACLs and comparison with Windows ACLs. Lastly, the Containers lab and AppArmor lab cover container-based sandboxes, Docker, capabilities, and AppArmor, exploring methods to restrict program capabilities and enforce access controls. The labs include Hackerbot challenges, lectures, and readings for a comprehensive learning experience.