* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Syllabus - Skills Commons
Survey
Document related concepts
Unix security wikipedia , lookup
Deep packet inspection wikipedia , lookup
Information security wikipedia , lookup
Cyber-security regulation wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Network tap wikipedia , lookup
Cyberattack wikipedia , lookup
Security-focused operating system wikipedia , lookup
Computer security wikipedia , lookup
Mobile security wikipedia , lookup
Distributed firewall wikipedia , lookup
Wireless security wikipedia , lookup
Citizen Lab wikipedia , lookup
Social engineering (security) wikipedia , lookup
Transcript
This work by the National Information Security and Geospatial Technologies Consortium (NISGTC), and except where otherwise noted, is licensed under the Creative Commons Attribution 3.0 Unported License. Authoring Organization: Written by: Moraine Valley Community College Susan Sands Copyright: © National Information Security, Geospatial Technologies Consortium (NISGTC) Development was funded by the Department of Labor (DOL) Trade Adjustment Assistance Community College and Career Training (TAACCCT) Grant No. TC-22525-11-60-A-48; The National Information Security, Geospatial Technologies Consortium (NISGTC) is an entity of Collin College of Texas, Bellevue College of Washington, Bunker Hill Community College of Massachusetts, Del Mar College of Texas, Moraine Valley Community College of Illinois, Rio Salado College of Arizona, and Salt Lake Community College of Utah. This workforce solution was funded by a grant awarded by the U.S. Department of Labor's Employment and Training Administration. The solution was created by the grantee and does not necessarily reflect the official position of the U.S. Department of Labor. The Department of Labor makes no guarantees, warranties or assurances of any kind, express or implied, with respect to such information, including any information on linked sites, and including, but not limited to accuracy of the information or its completeness, timeliness, usefulness, adequacy, continued availability or ownership. IT Security Practices Syllabus Please provide a complete syllabus. All elements of the syllabus are required unless noted as “if applicable.” Course Title: IT Security Practices Course Number (If applicable): LAN-163 COURSE DESCRIPTION: This course provides an overview of penetration testing. The course will explore techniques used by network hackers and malicious code developers. The course includes an overview of the structured certified hacking process including; stealthy network recon; passive traffic identification; privilege escalation, vulnerability identification, remote access, spoofing; impersonation, brute force attacks, exploit payloads, and cross site scripting. The course will also include penetration testing policies and documentation requirements. This course is designed to prepare the successful student for the CEH certification. The topics in this lesson align to the domains of EC-Council’s Certified Ethical Hacker Certification. You can find out more about this certification by visiting EC-Council. PREREQUISITES: LAN153 REQUIRED MATERIALS: None ADDITIONAL RESOURCES (if applicable): LEARNING OUTCOMES/COMPETENCIES: Computer Network Defense 1.1 Knowledge of access authentication methods (CND8) 1.2 Knowledge of cryptology (CND27) 1.3 Knowledge of signature development (CND115) 1.4 Knowledge of file types (e.g., .dll, .bat, .zip, .pcap, .gzip, etc.) (CND286) 1.5 Knowledge of Computer Network Defense tools, including open source tools, and their capabilities (CND19) 1.6 Knowledge of penetration testing tools and techniques (e.g., metasploit, neospooit, etc.) (CND95) 1.7 Assist in the construction of signatures which can be implemented on Computer Network Defense network tools in response to new or observed threats within the enterprise (CND427) 1.8 Skill in detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort) (CND181) 1.9 Skill in network mapping and recreating network topologies (CND212) 1.10 Skill in performing packet-level analysis (e.g., Wireshark, tcpdump, etc.) (CND214) 1.11 Skill in using protocol analyzers (CND233) 1.12 Knowledge of unix command line (e.g., mkdir, mv, ls, passwd, grep, etc.) (CND342) 1.13 Knowledge of windows command line (e.g., ipconfig, netstat, dir, nbstat, etc.) (CND347) 1.14 Knowledge of front-end collection systems, including network traffic collection, filtering, and selection (CND915) 1.15 Skill in using network analysis tools to identify vulnerabilities (CND922) This work by the National Information Security and Geospatial Technologies Consortium (NISGTC), and except where otherwise noted, is licensed under the Creative Commons Attribution 3.0 Unported License. Authoring Organization: Moraine Valley Community College Written by: Susan Sands Copyright: © National Information Security, Geospatial Technologies Consortium (NISGTC) Data Administration 2.1 Knowledge of query language such as SQL (structured query language) (DA104) Digital Forensics 3.1 Skill in identifying, modifying, and manipulating applicable system components (Window and/or Unix/Linux) (e.g., passwords, user accounts, files) (DF364) 3.2 Knowledge of hacking methodologies in Windows or Unix/Linux environment (DF294) 3.9 Knowledge of Laws that affect cybersecurity (e.g., Wiretap Act, Pen/Trap and Trace Statue, Stored Electronic Communication Act) (DF305) Incident Response 4.1 Knowledge of how network services and protocols interact to provide network communications. (IR50) 4.2 Knowledge of what constitutes a "threat" to a network. (IR153) 4.3 Skill in recognizing and categorizing types of vulnerabilities and associated attacks (IR895) Network Services 5.1 Knowledge of remote access technology concepts (NS106) 5.2 Skill in protecting a network against malware (NS896) 5.3 Knowledge of wireless fidelity (WIFI) (NS903) This work by the National Information Security and Geospatial Technologies Consortium (NISGTC), and except where otherwise noted, is licensed under the Creative Commons Attribution 3.0 Unported License. Authoring Organization: Moraine Valley Community College Written by: Susan Sands Copyright: © National Information Security, Geospatial Technologies Consortium (NISGTC) COURSE ASSESSMENT: Grading Scale Category Weight Labs 50 Quizzes 35 Final Exam 15 Final Grade 100% Total Points Percentage Grade 368-400 92-100 A 340-367 85-91 B 308-339 77-84 C 276-307 69-76 D 0-275 0-68 F This work by the National Information Security and Geospatial Technologies Consortium (NISGTC), and except where otherwise noted, is licensed under the Creative Commons Attribution 3.0 Unported License. Authoring Organization: Moraine Valley Community College Written by: Susan Sands Copyright: © National Information Security, Geospatial Technologies Consortium (NISGTC) COURSE SCHEDULE: Lesson 1 2 Module/Lesson Title & description (if applicable) Domain 1: Introduction to Ethical Hacking Domain 2: Footprinting and Reconnaissance Domain 3: Scanning Networks 3 4 5 Domain 4: Enumeration Domain 5: System Hacking Domain 6: Trojans and Backdoors Domain 7: Viruses and Worms 6 Domain 8: Sniffers Learning Objectives 1. Identify the five phase of ethical hacking. 2. Identify the different types of hacker attacks. Assignment (w/category & point value) Quiz (5 pts) 1. Identify the specific concepts associated with Footprinting. 2. Describe information gathering tools and methodology. 3. Explain DNS enumeration. 4. Perform active and passive reconnaissance. 5. Recognize the differences between port scanning, network scanning and vulnerability scanning. 6. Identify TCP flag types. 7. Identify types of port scans. 8. Identify scanning countermeasures Quiz (10 pts) 1. 2. 3. 4. Quiz (5 pts) Explain enumeration techniques. Recognize how to establish a sessions. Identify enumeration countermeasures. Perform active and passive enumeration. Lab 2: Conducting Active and Passive Reconnaissance Against a Target Lab 1: Using Active and Passive Techniques to Enumerate Network Hosts 1. Identify different types of password attacks. 2. Use a password cracking tool. 3. Identify various password cracking countermeasures. 4. Identify different ways to hide files. 5. Recognize how to detect a rootkit. 6. Identify tools that can be used to cover attacker tracks. Quiz (10 pts) 1. Explain how a Trojan infects a system. 2. Identify ports used by Trojans and Trojan countermeasures. 3. Identify the symptoms of a virus. 4. Describe how a virus works. 5. Identify virus types, virus detection methods, and virus countermeasures. Quiz (10 pts) 1. Identify types of sniffing, and protocols Quiz (10 pts) Lab 3: System Hacking Lab 7: Breaking Windows Passwords Lab 4: Poison Ivy – Remote Access Trojan Lab 6: Utilizing Malware – Dark Content This work by the National Information Security and Geospatial Technologies Consortium (NISGTC), and except where otherwise noted, is licensed under the Creative Commons Attribution 3.0 Unported License. Authoring Organization: Moraine Valley Community College Written by: Susan Sands Copyright: © National Information Security, Geospatial Technologies Consortium (NISGTC) Domain 9: Social Engineering 7 8 9 10 11 12 13 Domain 10: Denial of Service Domain 11: Session Hijacking Domain 12: Hacking Webservers Domain 13: Hacking Web Applications Domain 14: SQL Injection Domain 15: Hacking Wireless Networks Domain 16: Evading IDS, Firewalls, and Honeypots 2. 3. 4. 5. 1. 2. 3. 4. vulnerable to sniffing. Recognize types of sniffing attacks. Identify methods for detecting sniffing. Identify countermeasures for sniffing. Identify different types of social engineering, and social engineering countermeasures. Identify characteristics of a DoS attack. Analyze symptoms of a DoS attack. Recognize DoS attack techniques. Identify detection techniques, and countermeasure strategies. Lab 11: Using Metasploit to Attack a Remote system Lab 5: Using the SHARK Remote Administration Tool Quiz (5 pts) Lab 15: Abusing Systems 1. Identify the proper order of steps used to conduct a session hijacking attack. 2. Recognize different types of session hijacking. 3. Identify TCP/IP hijacking. 4. Describe countermeasures to protect against session hijacking. Quiz (5 pts) 1. Define Web Server architecture. 2. Explain Web server vulnerabilities. 3. Explore various Web Server attacks. Quiz (5 pts) 1. Identify Web application components. 2. Describe Web application attacks. 3. Identify countermeasures. Lab 9: Using Spear Phishing to Target an Organization Lab 12: Using Armitage to Attack the Network Quiz (5 pts) Lab 13:Exploitation with IPv6 1. Examine SQL Injection Attacks. 2. Identify defensive strategies against SQL injection attacks. Quiz (5 pts) 1. Identify various types of wireless networks. 2. Identify authentication methods, and types of wireless encryption. 3. Explain the methodology of wireless hacking. 4. Apply wireless commands and tools. 5. Examine plain text wireless traffic, wired equivalent privacy (WEP) traffic, and Wi-Fi Protected Access (WPA) traffic. Quiz (5 pts) 1. Identify intrusion detection systems, and techniques. 2. Identify the classes of firewalls. 3. Define a honeypot. 4. Analyze internal and external network traffic using an intrusion detection Quiz (5 pts) Lab 16: SQL Injection Lab 10: Breaking WEP and WPA Encryption Lab 18: Intrusion Detection This work by the National Information Security and Geospatial Technologies Consortium (NISGTC), and except where otherwise noted, is licensed under the Creative Commons Attribution 3.0 Unported License. Authoring Organization: Moraine Valley Community College Written by: Susan Sands Copyright: © National Information Security, Geospatial Technologies Consortium (NISGTC) system. 14 15 16 17 Domain 17: Buffer Overflow Domain 18: Cryptography Domain 19: Penetration Testing Final Exam 1. Define a buffer overflow. 2. Identify a buffer overflow. 3. Identify buffer overflow countermeasures. Quiz (5 pts) 1. 2. 3. 4. 5. Recognize public key cryptography. Identify a digital signature. Define a message digest. Define secure sockets layer (SSL). Analyze encrypted email. Quiz (5 pts) 1. 2. 3. 4. Identify types of security assessments. Identify steps of penetration testing. Examine risk management. Identify various penetration testing tools. Quiz (5 pts) Lab 17: Launching a Buffer Overflow Lab 19 – Using Certificates to Encrypt Email Lab 14 – Creating MSFPAYLOADS Final Exam (35 pts) This work by the National Information Security and Geospatial Technologies Consortium (NISGTC), and except where otherwise noted, is licensed under the Creative Commons Attribution 3.0 Unported License. Authoring Organization: Moraine Valley Community College Written by: Susan Sands Copyright: © National Information Security, Geospatial Technologies Consortium (NISGTC)