10151164Penetration Testing
Course Information
Description
This course provides a broad overview of the tools and techniques commonly used for penetration testing. In depth hands-on exercises are used to instruct the student in the proper selection and application of a given tool for the intended task. Also included are basic strategies for documenting and reporting on the outcome of the test. The student must demonstrate the ability to plan, and execute a basic network security audit in an environment that simulates a common business or organization. Open Source tools include: NMap, Metasploit, Medusa, etc.
Total Credits
3
Course Competencies
-
Summarize network operating systemsAssessment Strategiesby participating in the classby completing lab manual assignment correctlyby examinationusing a business scenarioCriteriayou complete your lab manual assignment correctlyyou enter into class discussions about common phases of an attackyou enter into class discussions about review of network conceptsyou enter into class discussions about review of linux conceptsyou enter into class discussions about review of windows conceptsyou attend class regularlyyou arrive for class on timeyou listen attentively during class
-
Defend a network with reconnaissance techniquesAssessment Strategiesby participating in the classby completing lab manual assignment correctlyusing a business scenarioby examinationCriteriayou complete your lab manual assignment correctlyyou enter into class discussions about vulnerabilities and defenses of social engineeringyou enter into class discussions about vulnerabilities and defenses of physical break-inyou enter into class discussions about gaining information about an organizationyou enter into class discussions about vulnerabilities and defenses of DNS (Domain Name System) serversyou enter into class discussions about vulnerabilities and defenses of portalsyou attend class regularlyyou arrive for class on timeyou listen attentively during class
-
Scan a network for vulnerabilitiesAssessment Strategiesby participating in the classby completing lab manual assignmentusing a business scenarioby examinationCriteriayou complete your lab manual assignment correctlyyou enter into class discussions about vulnerabilities and defenses of wireless access pointsyou enter into class discussions about vulnerabilities and defenses of modemsyou enter into class discussions about vulnerabilities and defenses of network mapping techniquesyou enter into class discussions about vulnerabilities and defenses of port scannersyou enter into class discussions about vulnerabilities and defenses of UDP (User Datagram Protocol)you enter into class discussions about timing of an attackyou enter into class discussions about vulnerabilities and defenses of firewall configurationyou enter into class discussions about vulnerability scanningyou attend class regularlyyou arrive for class on timeyou listen attentively during class
-
Implement a plan to gain access an operating systemAssessment Strategiesby participating in the classby completing lab manual assignmentby examinationusing a business scenarioCriteriayou complete your lab manual assignment correctlyyou enter into class discussions about vulnerabilities and defenses of script kiddies exploitsyou enter into class discussions about vulnerabilities and defenses of buffer overflow exploitsyou enter into class discussions about vulnerabilities and defenses of exploitation enginesyou enter into class discussions about vulnerabilities and defenses of password attacksyou enter into class discussions about vulnerabilities and defenses of web application attacksyou enter into class discussions about vulnerabilities and defenses of SQL (Structured Query Language) injectionyou enter into class discussions about vulnerabilities and defenses of browser flawsyou attend class regularlyyou arrive for class on timeyou listen attentively during class
-
Implement a plan to gain access to a networkAssessment Strategiesby participating in the classby completing lab manual assignmentby examinationusing a business scenarioCriteriayou complete your lab manual assignment correctlyyou enter into class discussions about vulnerabilities and defenses of sniffer toolsyou enter into class discussions about vulnerabilities and defenses of port stealingyou enter into class discussions about vulnerabilities and defenses of spoofing DNS (Domain Name System)you enter into class discussions about vulnerabilities and defenses of HTTPS and SSHyou enter into class discussions about vulnerabilities and defenses of IP Address spoofingyou enter into class discussions about vulnerabilities and defenses of host-based session hijackingyou enter into class discussions about vulnerabilities and defenses of the netcat toolyou attend class regularlyyou arrive for class on timeyou listen attentively during class
-
Summarize a denial-of-service attackAssessment Strategiesby participating in the classby completing lab manual assignmentby examinationusing a business scenarioCriteriayou complete your lab manual assignment correctlyyou enter into class discussions about vulnerabilities and defenses of denial-of-service attacksyou enter into class discussions about vulnerabilities and defenses of SYN floodyou enter into class discussions about vulnerabilities and defenses of smurf attacksyou enter into class discussions about vulnerabilities and defenses of distributed denial-of-service attacksyou attend class regularlyyou arrive for class on timeyou listen attentively during class
-
Explain a plan to maintain access to a networkAssessment Strategiesby participating in the classby completing lab manual assignmentby examinationusing a business scenarioCriteriayou complete your lab manual assignment correctlyyou enter into class discussions about vulnerabilities and defenses of trojan horsesyou enter into class discussions about vulnerabilities and defenses of backdoorsyou enter into class discussions about vulnerabilities and defenses of spywareyou enter into class discussions about vulnerabilities and defenses of BOTS (short for robot)you enter into class discussions about vulnerabilities and defenses of rootkitsyou enter into class discussions about vulnerabilities and defenses of kernel-mode rootkitsyou attend class regularlyyou arrive for class on timeyou listen attentively during class
-
Summarize a plan to hide and cover the tracks of an attackAssessment Strategiesby participating in the classby completing lab manual assignmentby examinationusing a business scenarioCriteriayou complete your lab manual assignment correctlyyou enter into class discussions about creating difficult-to-find files and directoriesyou enter into class discussions about vulnerabilities and defenses of tunnelingyou enter into class discussions about vulnerabilities and defenses of altering event logs and accounting filesyou enter into class discussions about vulnerabilities and defenses of covert channelsyou enter into class discussions about vulnerabilities and defenses of steganographyyou attend class regularlyyou arrive for class on timeyou listen attentively during class
-
Determine a plan to protect your network from vulnerabilitiesAssessment Strategiesby participating in the classby completing lab manual assignmentby examinationusing a business scenarioCriteriayou complete your lab manual assignment correctlyyou enter into class discussions about protecting against common mistakes in network defenseyou arrive for class on timeyou listen attentively during classyou attend class regularly
-
Summarize the future of penetration testing and network defenseAssessment Strategiesby participating in the classby completing lab manual assignmentby examinationusing a business scenarioCriteriayou complete your lab manual assignment correctlyyou enter into class discussions about methods to keep up with new tools, exploits, and vulnerabilitiesyou enter into class discussions about network defense content in mailing lists, websites, conferencesyou attend class regularlyyou arrive for class on timeyou listen attentively during class