CIS 4204 Ethical Hacking Fall, 2014



Similar documents
CTS 4348 Linux Administration Spring 2014

USF Sarasota-Manatee CIS 4368 Database Security and Auditing Summer Office Hours: By Appointment

CIS 4203 IT Forensics & Investigations Summer C

CGS Web Development: JavaScript

CIS 3615 Secure Software Development

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

SYLLABUS FALL 2015 PHI 3640 Environmental Ethics (A 100% Online Class) 3 credits (Subject to Revision and Canvas Posting with Notice)

NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus

USF Sarasota-Manatee College of Business Information Technology CGS Credit Hours Computers in Business Fall 2015, USF Sarasota-Manatee

CEH Version8 Course Outline

CYBERTRON NETWORK SOLUTIONS

Network Security ITP 457 (4 Units)

Certified Ethical Hacker Exam Version Comparison. Version Comparison

University of South Florida Sarasota/Manatee Course Syllabus Fall 2015 (updated )

ITSY Security Assessment/Auditing Spring 2010 Professor: Zoltan Szabo D111 LEC TR 11:20AM 12:45PM D111 LAB TR 12:50PM 02:15PM

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

UVic Department of Electrical and Computer Engineering

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

University of South Florida Sarasota-Manatee Course Syllabus Forensic Accounting and Fraud Examination ACG 4931 Fall 2015

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Certified Ethical Hacker (CEH)

McAfee Certified Assessment Specialist Network

University of South Florida Sarasota-Manatee Course Syllabus Forensic Accounting and Fraud Examination ACG 4931 Spring 2015

Summer Credit Hours

Research Methods in Psychology

MW , TU 1-3; and other times by appointment

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

CRYPTUS DIPLOMA IN IT SECURITY

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker

[CEH]: Ethical Hacking and Countermeasures

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

EC Council Certified Ethical Hacker V8

Professional Penetration Testing Techniques and Vulnerability Assessment ...

Build Your Own Security Lab

BACHELOR OF SCIENCE IN HOSPITALITY MANAGEMENT MISSION STATEMENT

University of South Florida Sarasota-Manatee COURSE SYLLABUS

CS Ethical Hacking Spring 2016

CENTRAL TEXAS COLLEGE ITSY 2401 FIREWALLS AND NETWORK SECURITY. Semester Hours Credit: 4 INSTRUCTOR: OFFICE HOURS:

Learn Ethical Hacking, Become a Pentester

SONDRA SCHNEIDER JOHN NUNES

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

CS 464/564 Networked Systems Security SYLLABUS

CIS 213 PENETRATION TESTING 3 cr. (2-2)

Course Title: Penetration Testing: Security Analysis

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led

INFORMATION TECHNOLOGY EDUCATION PROGRAMMING & ANALYSIS COURSE SYLLABUS. Instructor: Debbie Reid. Course Credits: Office Location:


Description: Objective: Attending students will learn:

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

EC-Council Certified Security Analyst (ECSA)

CSCI 454/554 Computer and Network Security. Instructor: Dr. Kun Sun

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY-274 Privacy, Ethics & Computer Forensics

Footprinting and Reconnaissance Tools

Healthcare Information Security Governance and Public Safety II

Penetration Testing. Presented by

Understanding Security Testing

ITS425: Ethical Hacking and Penetration Testing

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

EC-Council. Certified Ethical Hacker. Program Brochure

Hackers are here. Where are you?

Venue. Dates. Certified Ethical Hacker (CEH) boot camp. Inovatec College. Nairobi Kenya (exact hotel name to be confirmed

Cisco Security Optimization Service

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities

Exam 1 - CSIS 3755 Information Assurance

Design and Configuration of a Network Security and Forensics Lab

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs

NEOSHO COUNTY COMMUNITY COLLEGE MASTER COURSE SYLLABUS. Division: Applied Science (AS) Liberal Arts (LA) Workforce Development (WD)

ETHICAL HACKING. By REAL TIME FACULTY

Penetration Testing with Kali Linux

Networking: EC Council Network Security Administrator NSA

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

Cisco Certified Security Professional (CCSP) 50 Cragwood Rd, Suite 350 South Plainfield, NJ 07080

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

EC-Council. Program Brochure. EC-Council. Page 1

COURSE NUMBER AND TITLE: Management Information Systems Concepts

This four (4) credit hour. Students will explore tools and techniques used penetrate, exploit and infiltrate data from computers and networks.

Ethical Hacking Course Layout

Securing Cisco Network Devices (SND)

Hacking: Information Gathering and Countermeasures

CSC 474 Information Systems Security

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

How-to: DNS Enumeration

BBM 461: SECURE PROGRAMMING INTRODUCTION. Ahmet Burak Can

Instructor: Michael A. Gillespie, Ph.D. Office Hours: M, W 11:00 to 12:00

Internet Security and Acceleration Server 2000 with Service Pack 1 Audit. An analysis by Foundstone, Inc.

Course Content: Session 1. Ethics & Hacking

Texas A&M University Central Texas Network Administration CISK Founder s Hall 312 Aug 24, 2015 Dec 11, 2015

PROJECT MANAGEMENT MAN 4930

Transcription:

CIS 4204 Ethical Hacking Fall, 2014 Course Abstract: The purpose of this course is to provide a basic understanding of computing, networking, programming concepts, and exploitation techniques, as they relate to computer security. In security testing, an ethical hacker with legal permission attempts to penetrate a system or systems to find a weak link and then analyze ways to correct the security flaws. Ethical hacking relies on a combination of creativeness, expansion of knowledge based on best practices, legal issues, and client industry regulations as well as known threats and the breath of the target organization s security presence or point of risk. Outcomes of this course: General computer organization and architecture Ethical Hacking methodology Generalized exploit techniques Basic network concepts Networking vulnerabilities and countermeasures Class Format: Undergraduate course meeting online via Canvas. This class will be taught completely online. There will be a number of hands-on exercises using the tools of the trade and other freeware/shareware tools that may be acquired online. Professor: Contact Info/Office Hours: Shane Hartman Email me anytime at: shartman@sar.usf.edu.

Required reading: Hacking Exposed: Network Security Secrets and Solutions, 7 By: Stuart McClure, Joel Scambray, and George Kurtz ISBN: 0071780289 I will also refer to other books that are not required but useful for bolstering your overall knowledge of ethical hacking: I will make mention of them during class. Class Participation: Here is my official stance on the subject, as I have indicated to Student Advising: This course is to be taken asynchronously. Part of the student s grade is based on class participation, evaluations, and ability to do the work. Ethical hacking is a hands-on discipline. While there is a fair amount of information to be covered e.g., legal aspects, file systems, and network components most people learn this subject matter by being involved and engaged in activities. For this reason, this class will employ a number of hands-on exercises. Ways to get class participation credit: 1) Be online and participate 2) Provide articles and feedback on the class discussion board. Grading format: Class Participation 20% Hands-on exercises 20% Test 1 10% Midterm Exam 20% Test 2 10% Final Exam 20% Total 100% Please note these very important class rules: 1. Academic honesty is mandatory. Cheating on tests (which means giving help or receiving help from another student, or providing unattributed/plagiarized answers) is grounds for expulsion from the class and receiving a double F, which will brand your academic career in infamy forever. If you turn in work that references someone else s work and do not properly attribute it, this is plagiarism. It is also grounds for receiving a double F in the course. This includes downloading source code from the Internet. For example, if you borrow some script code to use in your project, and it is copyrighted, you may not remove the header information and insert your own as if it were original code. This is unethical and grounds for dismissal from the class. 2. Assignments are due by the beginning of class on the due date assigned. I will not accept any late assignments unless you have specifically made arrangements with me beforehand. For example, emailing me at the end of the semester to request turning in all of your missed homework because you had some illness will not work.

3. Religious Observances: The University recognizes the right of students and faculty to observe major religious holidays. Students who anticipate the necessity of being absent from class for a major religious observance must provide notice of the date(s) to the instructor, in writing, by the second week of classes. 4. Disabilities Accommodation: Students are responsible for registering with the Office of Students with Disabilities Services (SDS) in order to receive academic accommodations. Reasonable notice must be given to the SDS office (typically 5 working days) for accommodations to be arranged. It is the responsibility of the student to provide the instructor with a copy of the official Memo of Accommodation. Contact Information: Pat Lakey, Coordinator, 941-359-4714, plakey@sar.usf.edu, http://www.sarasota.usf.edu/students/disability 5. Academic Disruption: The University does not tolerate behavior that disrupts the learning process. The policy for addressing academic disruption is included with Academic Dishonesty in the catalog: www.ugs.usf.edu/catalogs/0607/adadap.htm. Occurrences of academic disruption will be addressed be the professor (depending on the situation, the student may be asked to leave or security may be called). Following the incident, the professor will establish with the student terms for continued course participation, and the professor will also submit a report to the dean. The consequences to the student can range from an administrative reprimand to suspension from USF. Most students are highly motivated to learn and do not need to be informed of these things, but the 5% or so that want to get a free grade without doing any work need to be made aware of these rules. If you do not think you can abide by these (in my opinion, completely reasonable) rules, please do not take this course! Canvas (MyUSF): All of our tests and assignments will be submitted via Canvas. Students needing instruction in using Canvas can use the following resources: Online tutorial: http://www.sarasota.usf.edu/campuscomputing/documents/cc_student_resources.php Technical toll-free Helpline: 866-974-1222 Live online help: http://usfsupport.custhelp.com/cgibin/usfsupport.cfg/php/enduser/chat.php Emergency Preparedness: It is strongly recommended that you become familiar with the USF Sarasota-Manatee Emergency Action Plan http://www.sarasota.usf.edu/alpha/ready/eap.pdf and of the Safety Preparedness site http://www.sarasota.usf.edu/alpha/ready/index.html (800) Hotline: The USF hotline at 1 (800) 992-4231 is updated with pre-recorded information during an emergency. The hotline can also be operated by staff during an emergency if the situation necessitates that additional information, direction or resources need to be communicated and the personnel can be put in place in advance, such as in the event of a hurricane or ongoing emergency Fire Alarm Instructions: At the beginning of each semester please note the emergency exit maps posted in each classroom. These signs are marked with the primary evacuation route (red) and secondary evacuation route (orange) in case the building needs to be evacuated. Emergency Evacuation Procedures: http://www.sarasota.usf.edu/alpha/ready/eap_faq.pdf Contingency Plans: In the event of continued natural disruption (e.g., significant hurricane damage to the area or a pandemic affecting the area), all instruction will be completely

carried out online on Canvas (as it is anyway for this course). There will be extended deadlines as appropriate for assignments. http://sarasota.usf.edu/academics/acadaffairs/handbook/usfsm_fh_emergencyguidelines AcademicContinuity.pdf Drops: The last day to withdraw from class and receive no academic penalty is October 29 th. We will have had our first test by then so that you can gauge your progress. Important dates: September 2 th Labor Day November 11 th Veteran s Day November 28 th & 29 th - Thanksgiving December 2 nd Week for Classes December 9 rd 13 th Final Exams

Course Schedule (tentative, subject to change): Week 1 Introduction to Ethical Hacking Class Intro Hacking History Ethical Hacking Threats Week 2 TCP/IP Primer TCP IP UDP Packets 3 Way Handshake Week 3 Footprinting Gathering Information Whois Tracert and TTL Week 4 Scanning Test 1 Ping Sweeps Scanning Tools Port Scanning Week 5 Enumeration NetBIOS Active Directory SNMP Enumeration DNS Zone Transfer Week 6 Hacking Windows Privilege Escalation Cracking Passwords Data Execution Prevention Week 7 Hacking Unix Quest for Root Vulnerability Mapping Services Week 8 Network Devices and Hardware Mid-Term Discovery Fingerprinting Week 9 Hacking Code Buffer Overflows Input Validation Vulnerabilities Exploits

Week 10 Wireless Hacking Wireless Type Service Set Identifier (SSID) Wired Equivalent Protocol (WEP) Wireless Application Protocol (WAP) Week 11 Web Server Hacking and Web Application Vulnerabilities IIS Attacks Apache Attacks Spidering Week 12 SQL Injection Vulnerabilities Test 2 SQL Injection Testing and Attacks Types of Attacks SQL Injection Prevention and Remediation Week 13 Firewalls, Intrusion Detection Systems, and Honeypots Firewall Types and Configurations Intrusion Detection Systems (IDS) Honeypot Applications Week 14 Social Engineering Social Engineering Human-Based Social Engineering Computer-Based Social Engineering Identity Theft Week 15 Viruses, Worms, and Trojans Final Paper Due Viruses Spyware Spambots Worms Week 16 Final Exams

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information