Cybersecurity Essentials (Summer 2025)

Course Description:
Introduction to Cybersecurity: Network Security, Compliance, and Operational Security. Threats, Attacks, and Vulnerabilities. Application Security, Encryption, and Public Key Cryptography. Access Control and Identity Management. Security Operations and Incident Response.

Prerequisite: Basic Knowledge of Computer Network; Operating System; Computer Architecture; Database

Instructor:

Chakchai So-In, Ph.D., chakso AT kku.ac.th

Satit Kravenkit, Ph.D., satikr AT kku.ac.th

Phet Aimtongkham, Ph.D., phetim AT kku.ac.th

Office: @9525 (Applied Network Technology)
Office Hours: Saturday/Sunday 08.30 to 09.00 (or email me for appointment)
Class homepage: https://csperson.kku.ac.th/chakchai/Cybersecurity_essentials_Summer25
CompTIA Security+: CompTIA Sec+
Teaching Assistant:

Titaya Sriwuttisap titaya_s AT kkumail.com, Office hour Saturday (Email -> Tentative)

Chatchai Punriboon chatchai AT kkumail.com, Office hour Sunday (Email -> Tentative)

Location:
Section I: - Lecture: on Saturday/Sunday at room @SC9524 from 09.00 to 16.00
Section I: - Lab: on Saturday/Sunday at room @SC9524 from 09.00 to 16.00
Facebook Group: Facebook Group

Textbook
The main textbooks for the course are
1. Mike Chapple and David Seidl, CompTIA Security+ Certification Kit: Exam SY0-701 (Sybex Study Guide)," Sybex, 1008 pp., 2024.
2. CompTIA "CompTIA Security+ SY0-601 Certification Study Guide," ComTIA Pentest+, 2024.

Supplementary (Cisco Cybersecurity Essenteial)
1.Cisco Certified Support Technician (CCST) Cybersecurity 100-160 Official Cert Guide by Shane Sexton and Raymond Lacoste, 2024.

Supplementary
1. Principles of Information Security (7th edition) by Michael E. Whitman and Herbert J. Mattord, 2021.
2. Network Security: Private Communication in a Public World (3rd edition) by Charlie Kaufman, Radia Perlman, and Mike Specimner, 2022
3. Effective Cybersecurity: A Guide to Using Best Practices and Standards by William Stallings, 2018
4. Cryptography and Network Security: Principles and Practice (8th edition) by William Stallings, 2019
5. Computer and Information Security Handbook (3rd edition) by John Vacca, 2017
6. CCNA Security Course Booklet (version 1.1) by Cisco Systems, 2012.
7. CompTIA Security+ Guide to Network Security Fundamentals (MindTap Course List) (7th edition) by Mark Ciampa, 2020.
8. Law (ICT) Thailand

Interesting Computer and Network Security Material
1. Master in Security 3rd edition (Thai) by Jatuchai Pangjun, 2018
2. ºÃÔËÒÃ¨Ñ´¡ÒÃ Networking ´éÇÂ Windows 7 by ¾ÔÈÒÅ ¾Ô·ÂÒ¸ØÃÇÔÇÑ²¹ì, 2012
3. ¤ÑÁÀÕÃì Ubuntu Linux Server àÅèÁ 1 by ºÑ³±Ôµ ¨ÒÁÃÀÙµÔ, 2012
4. ¤ÑÁÀÕÃì Ubuntu Linux Server àÅèÁ 2 by ºÑ³±Ôµ ¨ÒÁÃÀÙµÔ, 2012
5. ¤ÑÁÀÕÃì Ubuntu Linux Server àÅèÁ 3 by ºÑ³±Ôµ ¨ÒÁÃÀÙµÔ, 2012
6. µÔ´µÑé§ÃÐººà¤Ã×Í¢èÒÂ Linux Server ÀÒ¤»¯ÔºÑµÔ by ¾ÔÈÒÅ ¾Ô·ÂÒ¸ØÃÇÔÇÑ²¹ì, 2012
7. Network and Computer Security Specialist #1, #2, #3 (Thai) by Minister of ICT, Thailand
8. Hands-on Ethical Hacking and Network Defense by Michael T. Simpson, Kent Backman, and James E. Corley, 2018
9. CEH Certified Ethical Hacker All-in-One Exam Guide by Matt Walker, 2011
10. CEH Certified Ethical Hacker Study Guide by Kimberly Graves, 2010
11. Applied Cryptography: Protocols, Algorithms, and Source Code in C by Bruce Scheier, 2096
12. Network Security Essentials: Applications and Standards by William Stalling, 2010
13. Hacking Exposed: Network Security Secrets and Solutions by Stuart McClure, Joel Scambray, and George Kurtz, 2009
14. Network Security Architectures by Sean Convery, 2010
15. CISSP Certified Information Systems Security Professional STUDY GUIDE by SYBEX, 2010

Other good books are
Slides from Prof. Raj Jain, Network Security Slides
Most importantly, please READ all Computer and Network Security Wiki related topics.
Network Programming (Bee)
UNIX Tutorial for Beginners Tutorial@virginia.edu

Example Toos/Testbed (Networking/Security/Mobile and Wireless Technology)
Click Here to see a list of testbed/tools
Youtube Project:

Project (Testbed) (Class in 2024)

Project (Testbed) (Class in 2023)

More Examples Click Here

News

01/02/2025: Finalterm Exam date = Sunday 27/04 at 13.00 - 16.00 @9524
01/02/2025: Web site created.

Lecture Schedule: (Tentative Subject to Change)

Class	Day	Date	Topic
1	Saturday	05/04/2025	Course Overview + 1) Summarizing Fundamental Security Concepts + 2) Comparing Threat Types + 3) Explaining Appropriate Cryptographic Solutions
2	Sunday	06/04/2025	4) Implement Identity and Access Management + 5) Maintain Enterprise Campus Network Architecture + 6) Secure Cloud Network Architecture
3	Saturday	12/04/2025 (Songkran Day)	N/A
4	Sunday	13/04/2025 (Songkran Day)	N/A
5	Saturday	19/04/2025	7) Explain Resiliency and Site Security Concepts + 8) Explain Vulnerability Management + 9) Evaluate Network Security Capabilities
6	Sunday	20/04/2025	10) Assess Endpoint Security Capabilities + 11) Enhance Application Security Capabilities + 12) Explain Alerting and Monitoring Concepts
7	Saturday	03/05/2025	13) Analyze Indicators of Malicious Activity + 14) Summarize Security Governance Concepts + 15) Explain Risk Management Processes
8	Sunday	04/05/2025	16) Summarize Data Protection and Compliance Concepts + (Exam CompTIA Sec+ = KKU Exam)

More Youtube Examples SY0-701 vs. SY0-601 Click Here#1, Click Here#2; Study SY0-701 Click Here SY0-701, Practice test: Click Here

(Individual + Pari) Homework/LabHW/Incident_and_response_Report Assignments (Summer 2025 schedule): (Subject to Change)
Weekly CompTIA Lecture-ONLINE Capture (Individual-Learning) Click Here
Weekly CompTIA Lab-ONLINE Capture (Individual-Learning) Click Here
Weekly (2 Cases = Sat/Sun) Incident and Response Report (Pair-homework) Click here

Submission:
All assignment should be turned via Google Drive = Cyber_Essential_SPT_Summer25. Late homework will be assessed a 30% penalty.
Each homework should include title prefix = "StudentID_HWID" such that ID is your student number.
Each lab-homework should include title prefix = "StudentID_LabHWID" such that ID is your student number.
Each pair (Incident and Response Report) should include title prefix = "GroupID_HWID" such that ID is your student number.
Note: For pair (Incident and Response Report); you MUST include the cover letter with students' signature OTHERWISE they WILL NOT be graded.

Lab Schedule: (Tentative Subject to Change)

Lab#1 (Sec+)	Description (5-6 Labs each week)
#1	1) Exploring the Lab Environment
#2	2) Perform System Configuration Gap Analysis
#3	3) Configuring Examples of Security Control Types
#4	4) Finding Open Service Ports
#5	5) Using SET to Perform Social Engineering
#6	6) Using Storage Encryption
#7	7) Using Hashing and Salting
#8	8) Managing Password Security
#9	9) Managing Permissions
#10	10) Setting up Remote Access
#11	11) Using IPSec Tunneling
#12	12) Using Containers
#13	13) Using Virtualization
#14	14) Implementing Backups
#15	15) Performing Drive Sanitization
#16	16) Exploiting and Detecting SQLi
#17	17) Working with Threat Feeds
#18	18) Performing Vulnerability Scans
#19	19) Understanding Security Baselines
#20	20) Implementing a Firewall
#21	21) Using Group Policy
#22	22) Hardening
#23	23) Performing DNS Filtering
#24	24) Configuring System Monitoring
#25	25) Incident Response Detection
#26	26) Performing Digital Forensic
#27	27) Performing Root Cause Analysis
#28	28) Detecting and Responding to Malware
#29	29) Understanding On Path Attacks
#30	30) Using a Playbook
#31	31) Implementing Allow Lists and Deny Lists
#32	32) Performing Reconnaissance
#33	33) Performing Penetration Testing
#34	34) Training and Awareness through Simulation
#35	35) Use Cases of Automation and Scripting
#36	36) Using Network Sniffers
#37	37) Network Incident Investigation and Remediation

More Youtube Examples Click Here SY0-701, Click Here SY0-601
Academic Integrity
Students at Khon Khan University are engaged in the first step for their professional career with the highest standards. Please follow the academic integrity guideline at Cheating and Plagiarism [@CMU]. All these rules are enforced for the entire course.

Security Tools/Apps - Group of 6 students
Security Tool
ONLY hands-on security tools on topic of your choice
The final outcome MUST be something VISUAL= Computer/Network/Information/Internet/ Security Tools
There is about 20 mins demo + Document (PPT/ Poster/ Video mp4 - youtube/ Code-Zip)
Tool Ideas: http://sectools.org/?page=1

Main Project (Project I)
Project Ideas:

Ideas at Stanford.edu

Ideas at Berkeley.edu

Ideas at MIT.edu

Ideas at DotCrime

Ideas at Sunysb.edu

Ideas at Berkeley.edu

Ideas at Udel.edu

Ideas at Fsu.edu

Ideas at Upenn.edu

In this semester, we focus on Security and Privacy; however, we do not limit on these.
Cisco Netrider Contest (Networking Competition)
Network Security Contest
Click Here

Grading: (tentative)

Final-Term Exam (Lecture)	25% +/- 5%
CompTIA Homework Course + Lab (Lecture/Lab)	25% +/- 5%
Quiz + Class participation	10% +/- 5%
Project	25% +/- 5%
Security Report VA Scan Incident and Response (1 each week)	15 +/- 5% (grading individually)

Note that students are allowed to bring only "TWO" piece of A4 paper in midterm/final exams with additional non-memorized calculator
The final exam material will be after the mid-term; however, all related contents will be also covered.
The exam includes 1. True/False (+1, -1, and 0), 2. Numerical and Analysis, and 3. Fill in the blank.
The final grade will be curved based on the overall performance of the whole class (probablistic clear cut-off point).
Note: Extra Credits:

+5 passing Security Certifications

+2.5 to 5% 1st round competition

+1% for taking a security contest exam

+2.5% for taking/passing the security online course, e.g., udemy and coursera

Other related computer and network security research links

CCSS Center for Computer Systems Security, University of Southern California, http://ccss.usc.edu/
UW CSE Systems, Networking, and Security Research, University of Washington, http://www.cs.washington.edu/research/systems.intro.html
Cyber Security, Virginia Tech, http://www.cyber.vt.edu/research
The Computer Security Group, UCSB, http://seclab.cs.ucsb.edu/
Security Research Lab, UC Berkeley, http://security.cs.berkeley.edu/
IBM Security and Privacy, IBM, http://researcher.ibm.com/view_project.php?id=151
CyLab, CMU, http://www.cylab.cmu.edu/
Computer Security Division, NIST, http://csrc.nist.gov/
Networking and Security Research Center, PSU, http://nsrc.cse.psu.edu/
Security Group @CA, University of Cambridge, http://www.cl.cam.ac.uk/research/security/
Stanford Security Laboratory, Stanford University, http://seclab.stanford.edu/
Network Operations and Internet Security Lab, GATECH (Prof. Nick Feamster), http://www.gtnoise.net/
Illinois Security Lab, UIUC (Dr. Carl A. Gunter), http://seclab.illinois.edu/
Systems and Internet Infrastructure Security (SIIS), PSU, http://siis.cse.psu.edu/
Network Security Lab, Columbia University, http://nsl.cs.columbia.edu/
CENTER FOR INFORMATION AND COMPUTATION SECURITY (CICS), UCLA, http://www.cs.ucla.edu/security/
Center for Wireless Information Network Studies, WPI (Prof. Kaveh Pahlavan), http://www.cwins.wpi.edu/
Maryland Cybersecurity Center, UMD, http://www.cyber.umd.edu/faculty/index.html
Center for Research on Computation and Society (CRCS), Harvard, http://crcs.seas.harvard.edu/
Systems and networking group, UCSD, http://sysnet.sysnet.ucsd.edu/sysnet/
Information Security Research Group, UCL, http://sec.cs.ucl.ac.uk/
Center for Information Assurance and Security, UTexas, http://www.cias.utexas.edu/index.htm
Johns Hopkins University Information Security Institute (JHUISI), JHU, http://web.jhu.edu/jhuisi/
University of Oregon Network Security Research Lab, University of Oregon, http://netsec.cs.uoregon.edu/

Back to Chakchai So-In's Home Page