Download Syllabus - Skills Commons

This work by the National Information Security and Geospatial Technologies Consortium (NISGTC), and except where
otherwise noted, is licensed under the Creative Commons Attribution 3.0 Unported License.
Authoring Organization:
Written by:
Moraine Valley Community College
Susan Sands
Copyright: © National Information Security, Geospatial Technologies Consortium (NISGTC)
Development was funded by the Department of Labor (DOL) Trade Adjustment Assistance Community College and Career
Training (TAACCCT) Grant No. TC-22525-11-60-A-48; The National Information Security, Geospatial Technologies
Consortium (NISGTC) is an entity of Collin College of Texas, Bellevue College of Washington, Bunker Hill Community
College of Massachusetts, Del Mar College of Texas, Moraine Valley Community College of Illinois, Rio Salado College of
Arizona, and Salt Lake Community College of Utah.
This workforce solution was funded by a grant awarded by the U.S. Department of Labor's Employment and Training
Administration. The solution was created by the grantee and does not necessarily reflect the official position of the U.S.
Department of Labor. The Department of Labor makes no guarantees, warranties or assurances of any kind, express or
implied, with respect to such information, including any information on linked sites, and including, but not limited to
accuracy of the information or its completeness, timeliness, usefulness, adequacy, continued availability or ownership.
IT Security Practices Syllabus
Please provide a complete syllabus. All elements of the syllabus are required unless noted as “if applicable.”
Course Title: IT Security Practices
Course Number (If applicable): LAN-163
COURSE DESCRIPTION: This course provides an overview of penetration testing. The course will explore
techniques used by network hackers and malicious code developers. The course includes an overview of the
structured certified hacking process including; stealthy network recon; passive traffic identification; privilege
escalation, vulnerability identification, remote access, spoofing; impersonation, brute force attacks, exploit
payloads, and cross site scripting. The course will also include penetration testing policies and documentation
requirements. This course is designed to prepare the successful student for the CEH certification. The topics in this
lesson align to the domains of EC-Council’s Certified Ethical Hacker Certification. You can find out more about this
certification by visiting EC-Council.
PREREQUISITES: LAN153
REQUIRED MATERIALS: None
ADDITIONAL RESOURCES (if applicable):
LEARNING OUTCOMES/COMPETENCIES:
Computer Network Defense
1.1 Knowledge of access authentication methods (CND8)
1.2 Knowledge of cryptology (CND27)
1.3 Knowledge of signature development (CND115)
1.4 Knowledge of file types (e.g., .dll, .bat, .zip, .pcap, .gzip, etc.) (CND286)
1.5 Knowledge of Computer Network Defense tools, including open source tools, and their capabilities (CND19)
1.6 Knowledge of penetration testing tools and techniques (e.g., metasploit, neospooit, etc.) (CND95)
1.7 Assist in the construction of signatures which can be implemented on Computer Network Defense network tools
in response to new or observed threats within the enterprise (CND427)
1.8 Skill in detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort) (CND181)
1.9 Skill in network mapping and recreating network topologies (CND212)
1.10 Skill in performing packet-level analysis (e.g., Wireshark, tcpdump, etc.) (CND214)
1.11 Skill in using protocol analyzers (CND233)
1.12 Knowledge of unix command line (e.g., mkdir, mv, ls, passwd, grep, etc.) (CND342)
1.13 Knowledge of windows command line (e.g., ipconfig, netstat, dir, nbstat, etc.) (CND347)
1.14 Knowledge of front-end collection systems, including network traffic collection, filtering, and selection (CND915)
1.15 Skill in using network analysis tools to identify vulnerabilities (CND922)
This work by the National Information Security and Geospatial Technologies Consortium (NISGTC), and except where otherwise noted, is licensed
under the Creative Commons Attribution 3.0 Unported License.
Authoring Organization: Moraine Valley Community College
Written by: Susan Sands
Copyright: © National Information Security, Geospatial Technologies Consortium (NISGTC)
Data Administration
2.1 Knowledge of query language such as SQL (structured query language) (DA104)
Digital Forensics
3.1 Skill in identifying, modifying, and manipulating applicable system components (Window and/or Unix/Linux) (e.g.,
passwords, user accounts, files) (DF364)
3.2 Knowledge of hacking methodologies in Windows or Unix/Linux environment (DF294)
3.9 Knowledge of Laws that affect cybersecurity (e.g., Wiretap Act, Pen/Trap and Trace Statue, Stored Electronic
Communication Act) (DF305)
Incident Response
4.1 Knowledge of how network services and protocols interact to provide network communications. (IR50)
4.2 Knowledge of what constitutes a "threat" to a network. (IR153)
4.3 Skill in recognizing and categorizing types of vulnerabilities and associated attacks (IR895)
Network Services
5.1 Knowledge of remote access technology concepts (NS106)
5.2 Skill in protecting a network against malware (NS896)
5.3 Knowledge of wireless fidelity (WIFI) (NS903)
This work by the National Information Security and Geospatial Technologies Consortium (NISGTC), and except where otherwise noted, is licensed
under the Creative Commons Attribution 3.0 Unported License.
Authoring Organization: Moraine Valley Community College
Written by: Susan Sands
Copyright: © National Information Security, Geospatial Technologies Consortium (NISGTC)
COURSE ASSESSMENT:
Grading Scale
Category
Weight
Labs
50
Quizzes
35
Final Exam
15
Final Grade
100%
Total Points
Percentage
Grade
368-400
92-100
A
340-367
85-91
B
308-339
77-84
C
276-307
69-76
D
0-275
0-68
F
This work by the National Information Security and Geospatial Technologies Consortium (NISGTC), and except where otherwise noted, is licensed
under the Creative Commons Attribution 3.0 Unported License.
Authoring Organization: Moraine Valley Community College
Written by: Susan Sands
Copyright: © National Information Security, Geospatial Technologies Consortium (NISGTC)
COURSE SCHEDULE:
Lesson
1
2
Module/Lesson Title &
description (if applicable)
Domain 1: Introduction to
Ethical Hacking
Domain 2: Footprinting
and Reconnaissance
Domain 3: Scanning
Networks
3
4
5
Domain 4: Enumeration
Domain 5: System
Hacking
Domain 6: Trojans and
Backdoors
Domain 7: Viruses and
Worms
6
Domain 8: Sniffers
Learning Objectives
1. Identify the five phase of ethical
hacking.
2. Identify the different types of hacker
attacks.
Assignment (w/category & point
value)
Quiz (5 pts)
1. Identify the specific concepts
associated with Footprinting.
2. Describe information gathering tools
and methodology.
3. Explain DNS enumeration.
4. Perform active and passive
reconnaissance.
5. Recognize the differences between
port scanning, network scanning and
vulnerability scanning.
6. Identify TCP flag types.
7. Identify types of port scans.
8. Identify scanning countermeasures
Quiz (10 pts)
1.
2.
3.
4.
Quiz (5 pts)
Explain enumeration techniques.
Recognize how to establish a sessions.
Identify enumeration countermeasures.
Perform active and passive
enumeration.
Lab 2: Conducting Active and
Passive Reconnaissance
Against a Target
Lab 1: Using Active and Passive
Techniques to Enumerate Network
Hosts
1. Identify different types of password
attacks.
2. Use a password cracking tool.
3. Identify various password cracking
countermeasures.
4. Identify different ways to hide files.
5. Recognize how to detect a rootkit.
6. Identify tools that can be used to cover
attacker tracks.
Quiz (10 pts)
1. Explain how a Trojan infects a system.
2. Identify ports used by Trojans and
Trojan countermeasures.
3. Identify the symptoms of a virus.
4. Describe how a virus works.
5. Identify virus types, virus detection
methods, and virus countermeasures.
Quiz (10 pts)
1. Identify types of sniffing, and protocols
Quiz (10 pts)
Lab 3: System Hacking
Lab 7: Breaking Windows
Passwords
Lab 4: Poison Ivy – Remote Access
Trojan
Lab 6: Utilizing Malware – Dark
Content
This work by the National Information Security and Geospatial Technologies Consortium (NISGTC), and except where otherwise noted, is licensed
under the Creative Commons Attribution 3.0 Unported License.
Authoring Organization: Moraine Valley Community College
Written by: Susan Sands
Copyright: © National Information Security, Geospatial Technologies Consortium (NISGTC)
Domain 9: Social
Engineering
7
8
9
10
11
12
13
Domain 10: Denial of
Service
Domain 11: Session
Hijacking
Domain 12: Hacking
Webservers
Domain 13: Hacking Web
Applications
Domain 14: SQL Injection
Domain 15: Hacking
Wireless Networks
Domain 16: Evading IDS,
Firewalls, and Honeypots
2.
3.
4.
5.
1.
2.
3.
4.
vulnerable to sniffing.
Recognize types of sniffing attacks.
Identify methods for detecting sniffing.
Identify countermeasures for sniffing.
Identify different types of social
engineering, and social engineering
countermeasures.
Identify characteristics of a DoS attack.
Analyze symptoms of a DoS attack.
Recognize DoS attack techniques.
Identify detection techniques, and
countermeasure strategies.
Lab 11: Using Metasploit to Attack a
Remote system
Lab 5: Using the SHARK Remote
Administration Tool
Quiz (5 pts)
Lab 15: Abusing Systems
1. Identify the proper order of steps used to
conduct a session hijacking attack.
2. Recognize different types of session
hijacking.
3. Identify TCP/IP hijacking.
4. Describe countermeasures to protect
against session hijacking.
Quiz (5 pts)
1. Define Web Server architecture.
2. Explain Web server vulnerabilities.
3. Explore various Web Server attacks.
Quiz (5 pts)
1. Identify Web application components.
2. Describe Web application attacks.
3. Identify countermeasures.
Lab 9: Using Spear Phishing to
Target an Organization
Lab 12: Using Armitage to Attack
the Network
Quiz (5 pts)
Lab 13:Exploitation with IPv6
1. Examine SQL Injection Attacks.
2. Identify defensive strategies against
SQL injection attacks.
Quiz (5 pts)
1. Identify various types of wireless
networks.
2. Identify authentication methods, and
types of wireless encryption.
3. Explain the methodology of wireless
hacking.
4. Apply wireless commands and tools.
5. Examine plain text wireless traffic, wired
equivalent privacy (WEP) traffic, and
Wi-Fi Protected Access (WPA) traffic.
Quiz (5 pts)
1. Identify intrusion detection systems, and
techniques.
2. Identify the classes of firewalls.
3. Define a honeypot.
4. Analyze internal and external network
traffic using an intrusion detection
Quiz (5 pts)
Lab 16: SQL Injection
Lab 10: Breaking WEP and WPA
Encryption
Lab 18: Intrusion Detection
This work by the National Information Security and Geospatial Technologies Consortium (NISGTC), and except where otherwise noted, is licensed
under the Creative Commons Attribution 3.0 Unported License.
Authoring Organization: Moraine Valley Community College
Written by: Susan Sands
Copyright: © National Information Security, Geospatial Technologies Consortium (NISGTC)
system.
14
15
16
17
Domain 17: Buffer
Overflow
Domain 18: Cryptography
Domain 19: Penetration
Testing
Final Exam
1. Define a buffer overflow.
2. Identify a buffer overflow.
3. Identify buffer overflow
countermeasures.
Quiz (5 pts)
1.
2.
3.
4.
5.
Recognize public key cryptography.
Identify a digital signature.
Define a message digest.
Define secure sockets layer (SSL).
Analyze encrypted email.
Quiz (5 pts)
1.
2.
3.
4.
Identify types of security assessments.
Identify steps of penetration testing.
Examine risk management.
Identify various penetration testing tools.
Quiz (5 pts)
Lab 17: Launching a Buffer
Overflow
Lab 19 – Using Certificates to
Encrypt Email
Lab 14 – Creating MSFPAYLOADS
Final Exam
(35 pts)
This work by the National Information Security and Geospatial Technologies Consortium (NISGTC), and except where otherwise noted, is licensed
under the Creative Commons Attribution 3.0 Unported License.
Authoring Organization: Moraine Valley Community College
Written by: Susan Sands
Copyright: © National Information Security, Geospatial Technologies Consortium (NISGTC)