Course Outline — Term 2 (2025-2026)
Group 1 • Term 2 • Location: online & 2F.20 (see dates, and locations)

Overview

Course Title: Cyber Defense    Course Number: 420-2C1-DW

Course Hours: 90    Ponderation: 3–3–3    Credits: 3

Prerequisite: None    Corequisite: None

Teacher:  agrozdanov@dawsoncollege.qc.ca (reply within 24 hours)

Course Description. Building on the foundational knowledge acquired in Preventative Monitoring, this course delves into advanced techniques for hardening hosts and securing networks and data. Students will learn to utilize appropriate tools, implement robust access control measures, and apply cryptographic techniques to safeguard information systems. This course is designed to equip students with the skills necessary to protect against cyber threats and prepares them for the subsequent course in the series, Incident Management.

Outcomes & Assessment

Labs or Quizzes

30%

Midterm Exam

30%

Final Exam

40%

Course Learning Outcomes

  • Secure a network through perimeter defense and network segmentation.
  • Control access to hosts and harden them using a variety of hardening techniques.
  • Apply the relevant cryptographic techniques to secure systems, as well as stored and transitory data.

Weekly Schedule of Learning Activities

Tip: Type a keyword to filter (e.g., “firewall”, “OPNsense”, “Wazuh”, “honeypot”).

Week 1 — Nov 18-22, 2025
14.0 hrs total

Theory (7.0 hrs)

Introduction to Cyber Defense & Network Security Fundamentals (and Practical Labs # 2 of Linux Endpoint Security, due on  Nov. 29 !)

Linux Firewall Fundamentals

Week 2 — Nov 24-29, 2025
15.0 hrs total

Theory (7.0 hrs)

Dedicated Network Firewalls - Introduction to pfSense / OPNsense / IPFire

Basic and Advanced pfSense / OPNsense / IPFire Features, Menu Elements, Wireless | Challenges, Services

  • Implementing VLANs for network segmentation
  • Introduction to VPN basics

Lab (8.0 hrs)

  • Construct a Segmented Network :
    Deploy opensource firewall solution to isolate WAN, LAN, and DMZ zones.
  • Deploy Centralized Services :
    Set up Centralized Identity Management system with DNS, DHCP, and AD across zones.
  • Simulate an External Attack :
    Host a malicious payload on pen- testing OS.
  • Execute Firewall Evasion :
    Activate the payload and bypass the firewall.
  • Implement Intrusion Detection :
    Use ids / ips to detect the malicious transfer.
  • Validate Red & Blue Team Operations :
    Confirm successful evasion and subsequent detection.
  • Rigorous Documentation :
    Provide screenshots, hyper-links and steps for setup, attack, defense and references.
Week 3 — Dec 1-6, 2025
Midterm Assessment 15.0 hrs total

Theory (7.0 hrs)

Dedicated Network Firewalls - IPFire Introduction

  • Overview of IPFire
  • Its distinct zone model (Red, Green, Blue, Orange) and its core features

Lab (8.0 hrs)

Network Reconnaissance & Firewall Evasion Lab

  • Installing IPFire in a virtual machine
  • Configuring network zones (Red, Green, Orange)
  • Implementing basic firewall rules to control traffic flow

Midterm Review & Assessment

  • Comprehensive review of firewalls, network segmentation, host hardening, and access control
  • Review exercises and scenario discussions
  • Midterm Assessment: Practical exam (in class 2F.2)
Week 4 — Dec 8-13, 2025
15.0 hrs total

Theory (7.0 hrs)

MS Windows Host Hardening - Basic Operating System Security

  • Principles of least privilege and other hardening technics with MS Windows OS

Lab (8.0 hrs)

Hardening a MS Windows VMs - Lab 05

Week 5 — Dec 15-20, 2025
15.0 hrs total

Theory (7.0 hrs)

Intrusion Detection Systems (NIDS/NSM) - Security Onion

  • Introduction to IDS/IPS concepts, signature vs. anomaly detection
  • Overview of Security Onion architecture (Suricata, Zeek for network visibility)
  • Advanced Threat Protection

Advanced Threat Detection and Response

Lab (8.0 hrs)

Security Onion Lab

Wazuh Lab

Week 6 — Jan 6-10, 2026
Final Assessment 13.0 hrs total

Theory (7.0 hrs)

Honeypots – OpenCanary and Cowrie

  • Introduction to honeypots and honeynets (low, medium, high interaction)
  • Role in threat intelligence gathering
  • Deep dive into medium-interaction honeypots (SSH/Telnet emulation)

Lab (8.0 hrs)

Honeypot Lab

  • Deploying OpenCanary, configuring emulated services (HTTP, SSH, SMB)
  • Deploying Cowrie, interacting as an "attacker" to observe logs

Final Review & Assessment

  • Comprehensive review of all course topics
  • Integrating firewalls, IDS, and honeypots for layered defense
  • Complex lab scenario integrating multiple tools
  • Final Theory / Final Lab Assessment (in class 2F.2)

Evaluation & Competency Details

Evaluation Breakdown & Dates
ComponentTentative DateValue
Review Final Quiz (Formative) December 6th, 2025 (morning - online) FORMATIVE
Labs or Quizzes Nov 29, Dec 4, Dec 13, Dec 20, Jan 10 30%
Midterm Exam December 6th, 2025 (afternoon - in class - 2F.20) 30%
Final Exam January 10th, 2026 (afternoon - in class - 2F.20) 40%
Total 100%

Note: A minimum grade total of 60% must be achieved to successfully complete this course with a passing grade. Students must successfully pass the summative assessment element.

Competency Details (EZ03)
EZ03 - Application of access control measures

This course addresses competency EZ03: Application of access control measures in its entirety.

Achievement Context

  • For an entire network comprising various platforms.
  • To respond to a one-time request or a request for services.
  • Working independently.
  • In collaboration with analysts and other technicians.
  • In accordance with internal policies, practices and procedures.
  • Based on risk analysis.
  • With the help of: technical manuals, documents describing infrastructure, equipment, tools and software.

Performance Criteria (Overall)

  • Compliance with regulations & professional ethics.
  • Demonstration of autonomy.
  • Effective priority management.
  • Problem-solving skills.
  • Compliance with policies, standards, and constraints.
  • Compliance with best practices in cybersecurity.
  • Effective work methods.
  • Appropriate use of equipment, tools and software.
  • Detailed documentation of operations carried out.

Elements of the Competency

ElementPerformance Criteria
1. Apply cyber defense techniques. 1.1 Correct identification of perimeter elements.
1.2 Implementation of appropriate security measures on the perimeter.
1.3 Subdivision of the network into relevant zones.
1.4 Appropriate configuration of active defense systems.
1.5 Application of relevant redundancy measures.
2. Control access to hosts. 2.1 Correct identification of the position, role and nature of the host.
2.2 Effective control of digital identities, permissions, and access.
2.3 Compliant configuration of a system firewall.
2.4 Application of the relevant control measures according to the role of the system.
2.5 Systematic application of reinforcement measures (hardening).
2.6 Rigorous validation of the effectiveness of access control measures applied.
3. Control access to networks. 3.1 Effective control of digital identities, permissions, and access rights.
3.2 Determination of appropriate access to the various network zones.
3.3 Compliant configuration of a network firewall.
3.4 Correct installation of intrusion prevention and detection systems.
3.5 Appropriate use of security protocols on the wired and wireless network.
3.6 Rigorous validation of the effectiveness of the access-control measures applied.
4. Apply cryptographic techniques. 4.1 Correct application of the basic concepts of cryptography.
4.2 Compliant implementation of the main cryptosystems.
4.3 Analysis that summarizes the main attacks on cryptographic systems.
4.4 Correct assessment of the relative effectiveness of different cryptographic systems.
4.5 Use of the appropriate techniques to secure transitory and stored data.
Institutional Policies (ISEP)

Institutional Student Evaluation Policy (ISEP): ISEP is designed to promote equitable and effective evaluation of student learning. The policy describes the rights and obligations of students, faculty, departments, programs, and the College administration. This course outline has been prepared in conformity with ISEP. The full policy is available on the Dawson College webpage.

Literacy Standards: The Computer Science Department recognizes that literacy in all its forms is essential. In graded activities, teachers may deduct up to 10% for grammar, spelling, punctuation and/or syntax errors.

Academic Integrity Policy: Cheating and Plagiarism are serious offences and will result in failure in the assignment, test or exam, or entire evaluation component and may also result in failure of the course. Further disciplinary action might be taken. Every instance must be reported, with explanation, in writing, to the appropriate Dean. (ISEP Section V-A)

Code of Conduct: “Everyone has the right to a safe and non-violent environment. Students are obliged to conduct themselves as stated in the Student Code of Conduct and in the ISEP section on the roles and responsibilities of students.” (ISEP section II-D).

Professional Conduct: Faculty members in the program are responsible for assessing student behaviour in terms of suitability to the profession, advising students that exhibit inappropriate behaviour, and reporting said behaviour to the Program Coordinator when necessary. (ISEP section IV-O.2)

Attendance Policy: “Students should refer to the Institutional Student Evaluation Policy (ISEP section IV-C) regarding attendance.”

Policy on Religious Observances Statements: “Students observing religious holidays must inform their teachers, in writing, as prescribed in the ISEP Policy on Religious Observances, no later than the end of the second week of the impacted semester or term. This applies both to the semester or term, as well as to any final examination period.” (ISEP section IV-D).

Copyright © 2025 Cyber Soho. All Rights Reserved.

This content is the exclusive intellectual property of the author and may not be reused without permission.