ICT Networking and security - IVPV - Instituut voor Permanente ...

Post-academic course in ICT
ICT Networking and security
First component of a new broad ICT course
Part I: Communication networks, January – March 2008
Module 1: Fixed Networks
Module 2: Multimedia Networks
Module 3: Wireless Networks
Module 4: eTOM
Cases
Part II: Security, April – June 2008
Module 1: Security Basics
Module 2: Security Applications
Module 3: Advanced Security Configuration
Module 4: Organisational Aspects
Module 5: Legal Aspects
Cases
Business version!
Extra large scale business
version available via live
streaming video – see inside
Obtain a Ghent
University certificate
Scientific Coordination
Prof. dr. ir. Eric Laermans
Prof. dr. ir. Piet Demeester
Prof. dr. ir. Ingrid Moerman
Department of Information Technology,
Ghent University, IBBT
INSTITUUT VOOR
PERMANENTE
VORMING

introduction
ICT in Continuing Education: the IVPV success story
By the end of the previous century, the IVPV together with Agoria challenged the shortage in ICT-specialists by setting up a large
scale IT course. For one or two evenings per week, around 2000 employees throughout Belgium and Europe faithfully attended the
videoconferences organised by the Flemish universities. Many participants took exams on one or more modules, and received a university
certificate. The course was a true milestone for industry, and gave a new élan to many ICT-experts.
Today Agoria teaches us that again there is a growing shortage in ICT-specialists. The IVPV picks up the Agoria inquiry, and revitalizes
a new large scale ICT course. As always, the course is demand driven, and the content has been set up in close collaboration with
industry.
Why this course
The evolution in the world of communication networks in
the last decades has been rapid and thorough. We evolved
from traditional, fixed telephone networks, well controlled
by clearly identified operators
of the user itself in the form of some spyware leaking precious
information to the hacker who planted the piece of malware.
Furthermore, as users and enterprises rely more and more
on their network infrastructure to do business, the consequences
of successful attacks have
to mobile, pervasive, more open
and ever more complex IP-based
networks. The share of voice communication
in total network traffic has
dwindled, while the amount of data
communication over IP-networks
from new applications as file transfer,
e-mail, Web, etc. has steadily
risen. Even within mobile networks,
data communication is taking an
ever larger share with new technologies
as UMTS. Today, these new data
networks even compete with the
The ICT Networking & security course is
the first part of a large scale international
ICT course organised by the Institute of
Continuing Education at Ghent University.
In total, five parts will be organised
dealing with Multimedia (Part II), Software
Engineering (Part III), Operating Systems
& ICT System Management (Part IV) and
Databases (Part V). All parts are scheduled
within 2008-2009. If you want to be
updated about the following parts, send
an e-mail to info@ivpv.ugent.be
become orders of magnitude more
devastating. The second objective
of this course is to allow to understand
which security functions and
mechanisms exist, how they can be
used and implemented to achieve
acceptably secure communications.
Who should attend
This course is aimed at people with
some technological background,
although they need not be experts
in ICT. Only the advanced lab sessions
older more traditional networks for the telephone service, as
Voice-over-IP has become a fierce competitor to the historical from the fourth module of the second part require a suffi-
cient experience to start.
telephone operators. This course aims to present the underlying
technologies of this relatively new reality.
Post-academic Course Certificate granted by
the Ghent University
Originally, networks were typically tightly controlled by welldefined
operators. Attacks against those networks were sometimes
possible, allowing the hacker
This programme is part of the Ghent University post-academic
courses. To receive a post-academic certificate granted by
Ghent University for Part I and/or
to pass the bill of his communications
to the victim of the hacking,
but the amplitude of the attacks and
their damage were generally rather
limited. The openness of contemporary
networks, especially IP-based
networks, and the complexity and
vulnerability of contemporary terminals
(computers or advanced mobile
devices), means that much more
attention has to be spent on the
Extra business edition!
Follow this course worldwide. For
companies interested in this course, a
live streaming video of the lectures via
the Internet will be available to attend
locally at your business sites worldwide.
Some of the lab sessions can also
be organised locally in your company.
For more information, contact us at:
ivpv@ugent.be
Part II, one should at least attend
modules 1, 2 and 3 of part I and/or
modules 1, 2 and 4 of part II, and
successfully take exams for these.
The exam will normally take place at
the end of September 2008. Example
questions, giving a precise idea of
what can be asked at the exam, will
be given in advance. Course certificates
are a personal merit: participants
who aspire a certificate cannot
security of these networks. Attacks can come from anywhere, be replaced, others can.
at any time. The attack could even originate from the terminal

programme
Program Part I: Communication networks
Module 1: Fixed Networks
The basis of most contemporary fixed networks is the TCP/IP protocol
stack. The objective of this module is to discuss in more detail the
several layers of this stack, starting with the application layer and
ending with the data link layer. At the application layer, we shall
deal with the most common protocols for Web (HTTP), e-mail (SMTP,
POP), file transfer (FTP),... One level lower in the protocol stack, at
the transport layer, we find the well known TCP and UDP. The transport
layer itself relies on the underlying network layer, where the Internet
Protocol (IP) is used. At this point routing and network management
tools like OSPF, BGP, ICMP, NAT, DHCP,... will also be discussed. Finally,
we end with the data link layer protocols such as Ethernet or PPP.
The theory from this module will be illustrated by a series of 4 lab
sessions which will give the course members hands-on experience
about the operation of basic IP applications, network protocols and
basic network configuration.
Teachers: Piet Demeester, Andy Van Maele (Lab sessions)
Organisation: 3 plenary sessions theory + 4 group sessions lab exercises
Reference book: “Computer networking - A top-down approach
featuring the internet, 4th Edition” by James F. Kurose & Keith W. Ross
Module 2: Multimedia Networks
The second module of this part about communication networks deals
with multimedia networks and the specific network requirements multimedia
implies. It is in this module that we shall discuss important
concepts as quality of service (QoS), multicast and the next generation
of the Internet Protocol (IPv6), which offers new possibilities that are
unavailable in less advanced networks and are useful for the reliable
transmission of multimedia data. Voice-over-IP will be considered as a
typical multimedia application. Other, more advanced, techniques that
will also be dealt with are SIP (used to support Voice-over-IP), MPLS
(used to support QoS),...
The theory is complemented by a series of 3 lab sessions where experience
will be acquired with the nature of video traffic, by configuring
a network to support QoS and with SIP.
Teachers: Piet Demeester, Andy Van Maele (Lab sessions)
Organisation: 2 plenary sessions theory + 3 group sessions lab exercises
Reference book: “Computer networking - A top-down approach
featuring the internet, 4th Edition” by James F. Kurose & Keith W. Ross
Module 3: Wireless Networks
Two different kinds of wireless networks are dealt with in this module.
On the one hand, we shall consider mobile communication systems
relying on large cellular infrastructures, like GSM and UMTS. But the
main accent of this module will lie on less “institutional” wireless
technologies like WiMAX (wide area networks), WLAN (local networks),
Bluetooth and Zigbee (personal networks) and even RFID (tagging).
Teacher: Ingrid Moerman
Organisation: 3 plenary sessions theory
Reference book: “Mobile Communications, 2 nd edition” by Jochen
Schiller
Module 4: eTOM
The first part is concluded by a session about eTOM, which is to the
telecommunication industry what ITIL is to the information technology
industry: a framework of best practice approaches to deliver high
quality services. It deals with the more organisational, rather than
technical, aspects of telecommunication networks.
Teacher: Filip De Turck
Organisation: 1 plenary session theory
Extra module: Cases
This module contains 1 session with 4 cases to give an overall illustration
of the course topics. Subscription is free and automatically
included.
Organisation: 1 group session lab exercises
Program Part II: Security
Module 1: Security Basics
What does information security mean Which functions can be realised
Why do we need security These are the questions that should be
answered in the first session of this module.
The main basic objectives of information security are discussed: confidentiality,
authentication, data-integrity, non-repudiation and availability.
We shall show what may happen if insufficient measures are
taken to achieve these properties and how people with bad intentions
can undermine these objectives to gain an advantage. Besides these
basic security concepts, this module also deals with the concrete basic
mechanisms that can be used to achieve the desired security objectives.
The basic principles of conventional and asymmetric encryption,
hash functions, message authentication codes, time stamps, certificates,
PKI,... are explained, without plunging into the mathematical
details underlying these complex techniques. Biometric techniques will
also be shortly discussed here, both with their advantages and their
shortcomings.
Teacher: Eric Laermans
Organisation: 2 plenary sessions theory
Reference book: “Cryptography and Network Security, Principles and
Practices, 4th edition” by William Stallings
*1 session = 2 lectures/labs of 1.5 hr.
Module 2: Security Applications
Once the basic building blocks are well understood, we shall try to
understand how they are used to achieve security in communication
networks, at the different levels of the protocol stack: at application
layer (PGP, S/MIME, SSH,...), at the transport layer (TLS/SSL) or at
the network layer (IPSec). Related to these secure protocols, we shall
also explain how they can be used to create VPN’s. The use of these
cryptographic security techniques alone is not sufficient to guarantee

teachers
the security of computer or communication systems. System security
measures protecting against malware and other intrusions are also essential.
This is why we shall also discuss malware protection, firewalls and
intrusion detection systems. And finally, as wireless networks are particularly
open and vulnerable to attacks, we deal with the specific security
measures for wireless networks: from the defective WEP to the improved
WPA and WPA2. A demonstration session will illustrate the potential risks
in networks, especially in WEP secured wireless local networks.
The theory presented in this module is also complemented by two lab
sessions about the principles of network security and about the configuration
and vulnerability of a basic wireless local network secured by WEP.
Teachers: Eric Laermans, Andy Van Maele (Lab sessions)
Organisation: 5 plenary sessions theory + 2 group sessions lab exercises
Reference book: “Cryptography and Network Security, Principles and
Practices, 4th edition” by William Stallings
Module 3: Advanced security configuration
To those who are already more familiar with ICT and security, this module
is devoted to the more advanced practical aspects of information security.
In a series of 4 lab sessions, hands-on experience will be obtained in
advanced PC security, authentication services with a RADIUS server and
advanced security aspects of wireless networks.
Teacher: Andy Van Maele
Organisation: 1 plenary session theory + 4 group sessions lab exercises
Module 4: Organisational aspects
Security is not just a matter of technology. The organisational aspects
certainly are not less important. In this module, we shall see how information
security can be organised within a company: how security policies
are designed and implemented and how a company can respond to security
incidents. Attention will also be given to the control and auditing of
security policies, for which CobiT is an important standard.
Teacher: Marc Vael
Organisation: 2 plenary sessions theory
Module 5: Legal aspects
The security part of this course concludes with a last module about the
legal aspects of security. What activities (hacking, identity theft,...)
can be considered illegal What are the legal measures against computer
crime Another important legal aspect of information security is the
protection of personal data (of customers or employees). This module
also discusses the obligations a company has to achieve an acceptable
level of information security. Besides protection against attacks, we also
deal with the legal framework for electronic signatures and e-commerce.
Teacher: Jos Dumortier
Organisation: 1 plenary session theory
Scientific Coordination
> Prof. dr. ir. Eric Laermans
Department of Information Technology,
Ghent University, IBBT
> Prof. dr. ir. Piet Demeester
Department of Information Technology,
Ghent University, IBBT
> Prof. dr. ir. Ingrid Moerman
Department of Information Technology,
Ghent University, IBBT
Teachers
> Piet Demeester
Department of Information Technology,
Ghent University, IBBT
> Jos Dumortier
ICRI, KULeuven, IBBT
> Filip De Turck
Department of Information Technology,
Ghent University, IBBT
> Eric Laermans
Department of Information Technology,
Ghent University, IBBT
> Ingrid Moerman
Department of Information Technology,
Ghent University, IBBT
> Marc Vael
Executive Director at Protiviti Belgium, Brussels
> Andy Van Maele
Department of Information Technology,
Ghent University, IBBT
This course is organised as a cooperation between the
Institute for Continuing Education (IVPV) of Ghent University
and the Interdisciplinary institute for BroadBand Technology
(IBBT) with the support of Agoria (Belgium employers’
organisation and trade association).
Extra module: Cases
This module contains 1 session with 4 cases to give an overall illustration
of the course topics. Subscription is free and automatically included.
INSTITUUT VOOR
PERMANENTE
VORMING

✂
subscription form
Preferably via www.ivpv.ugent.be OR by using this form:
Return completed and signed form (use capitals):
Name: ∏ Mr. / ∏ Ms.
First Name:
Private address Street: Number:
Zip: City: Country:
Telephone:
Company:
Function:
Company address Street:
Number:
Zip: City: Country:
Telephone:
Fax:
E-mail:
VAT nr:
Invoice: ∏ company
I will pay e
Date:
∏ private
by means of employer/employee training cheques
Signature:
Your address data are incorporated by the IVPV in a database in order to be able to keep you informed of our activities and programmes. In accordance with the law from
8/12/1992 safeguarding personal privacy with respect to the processing of personal data, you are entitled to examine, correct or cancel this information kept by the IVPV.
Part I: Communication Networks
∏ Module 1: Fixed Networks € 1100
∏ Module 2: Multimedia Networks € 800
∏ Module 3: Wireless Networks € 500
∏ Module 4: eTom € 200
∏ Modules 1 – 4 together € 2100
Part II: Security
∏ Module 1: Security Basics € 330
∏ Module 2: Security Applications € 1100
∏ Module 3: Advanced Security Configuration € 800
∏ Module 4: Organisational Aspects € 330
∏ Module 5: Legal Aspects € 200
∏ Modules 1 – 5 together € 2200
∏ All modules Part I & II € 3900
Reference books
∏ Computer networking - A top-down approach featuring the internet,
Participation Fee
The participation fee includes the tuition fee, course notes,
soft drinks, coffee and sandwiches. Payment occurs after
reception of the invoice. All invoices are due in thirty days.
All fees are exempt of VAT; eventual transfer rates are at the
expense of the participant. Reference books are billed directly
by the bookshop. Special prices apply for UGent employees and
members of Ghent University Association (Consult the website
from within the Ghent University/Association network).
Group Reduction
When participant(s) of a company subscribe for the equivalent
of the complete course, a reduction of 20% is given to all
additional subscriptions of the same company, even on single
modules. Invoicing is then done by one company invoice. For
larger numbers of subscriptions, additional reductions could be
envisaged: please contact the IVPV-secretariat.
Training cheques (‘Opleidingscheques – BEA’)
Ghent University has been recognised as an official training
supplier within the framework of the training cheques of the
Flemish Community. Thereby you can save on the participation
fee of this training (www.vlaanderen.be/opleidingscheques).
For employers we refer to www.BEAweb.be (authorisation ID:
DV.O103 194)
4 th edition by James F. Kurose & Keith W. Ross (reference work for Part I, modules 1 and 2): e 50,26 (incl. VAT).
∏ Cryptography and Network Security, Principles and Practices,
4 th edition by William Stallings (reference work for Part II, modules 1 and 2): e 65,72 (incl. VAT).
∏ Mobile Communications, 2 nd edition by Jochen Schiller (reference work for Part I, module 3): e 63,02 (incl. VAT).

practical info
Practical Information
The programme consists of different modules. Each module
can be followed separately. Plenary sessions (theory) are
organised as follows:
> 18h00-19h30: session 1
> 19h30-20h00: sandwich break
> 20h00-21h30: session 2
Location
> Plenary sessions (theory): Ghent University, Institute
for Continuing Education, Campus Engineering Faculty,
Building “Magnel” (nr. 904), Technologiepark, 9052
Zwijnaarde, Belgium
> Lab sessions: Ghent University, IBBT, Zuiderpoort Office
Park, Gaston Crommenlaan 8, B-9050 Gent-Ledeberg,
Belgium
Language
English is used in all presentations, lab exercises and
documentation, so a good knowledge of this language
is necessary.
Cancellation Policy
> Cancellation should be done in writing (either letter or
fax);
> Cancellation can be done on individual modules or on full
subscriptions;
> When cancelling up to 10 days before the start of the
course/module, an administrative fee of 25% on the
requested payback is due;
> When cancelling less than 10 days before the start of the
module, the full fee is due;
Information and Documentation
More detailed information about the course in general or
on particular modules can be found on the course website:
http://www.ivpv.ugent.be
The IVPV secretariat can also be contacted:
Institute for Continuing Education
Els Van Lierde
Technologiepark 913, 9052 Zwijnaarde
Tel: +32 9 264 55 82, fax: +32 9 264 56 05
E-mail: ivpv@UGent.be
Scheduling & Participation Fee
Part I: Communication Networks Theory Lab* Fee**
Module 1: Fixed Networks 10/01/08, 17/01/08, 24/01/08 12/01/08, 19/01/08, € 1100
26/01/08, 02/02/08
Module 2: Multimedia Networks 31/01/08, 13/02/08 16/02/08, 23/02/08, 1/03/08 € 800
Module 3: Wireless Networks 21/02/08, 28/02/08, 6/03/08 € 500
Module 4: eTom 13/03/08 € 200
Extra Module: Cases 20/03/08 Included
Part II: Security Theory Lab* Fee**
Module 1: Security Basics 10/04/08, 17/04/08 € 330
Module 2: Security Applications 24/04/08, 30/04/08, 8/05/08, 17/05/08, 24/05/08 € 1100
15/05/08, 22/05/08
Module 3: Advanced Security Configuration 29/05/08 31/05/08, 7/06/08, € 800
14/06/08, 21/06/08
Module 4: Organisational Aspects 5/06/08, 12/06/08 € 330
Module 5: Legal Aspects 19/06/08 € 200
Extra Module: Cases 26/06/08 Included
Part I: all modules together € 2100
Part II all modules together € 2200
Part I & II, all modules € 3900
Scriptics 09 225 52 02
* Extra lab sessions will be organised if necessary This schedule may be subject to modification
** Exempt of VAT. Eventual transfer rates are at the expense of the participant.