Southern Polytechnic State University
Information Technology Department
IT 6843 – Ethical Hacking: Network Security and Penetration Testing

Course Syllabus

Required Textbooks
Michael Simpson, Hands-On Ethical Hacking and Network Defense.
Course Technology Incorporated, 2006, ISBN 0-619-21708-1

Shon Harris et al, Gray Hat Hacking: The Ethical Hacker’s Handbook, McGraw-Hill, 2 edition, 2007. ISBN: 978-0071495684.

This course will be conducted as a hybrid (1/2 in class AND  1/2 web an On-line web course). People learn through interactions, to facilitate interactive learning this course will use Discussions feature of WebCT. Discussions will take place in an asynchronous manner.

Catalog Description

Prerequisite: IT 6823 Information Security Concepts and Administration.
This course covers the major issues surrounding the use of penetration testing to secure network security and important skills of a professional hacker and common security challenges that an information security officer will face in his/her work. Topics include the ethics of ethical hacking, laws and regulations, vulnerability discovery and risk analysis, internal and external attacks, how malicious hackers attack and exploit system vulnerabilities, penetration testing methods and tools, latest security countermeasures, and various types of penetration testing and programming skills required to complete successful penetration tests and to secure real systems against real attacks.

Course Outcomes

Students who complete this course successfully will be able to

·         Differentiate what an ethical hacker can and cannot do legally.

·         Evaluate security threats and vulnerabilities.

·         Use hacking tools to locate and fix security leaks.

·         Assess potential operating systems vulnerabilities.

·         Compare different crypto algorithms.

·         Manage and configure network security devices to secure real systems against real attacks.

·         In depth knowledge of at least two network security topics.

 

Topics

Chapter 1

Syllabus. Ethical Hacking Overview

Chapter 2

TCP/IP Concepts Review

Chapter 2

TCP/IP lab

Chapter 3

Network and Computer Attacks

Chapter 4

Footprinting and Social Engineering

Chapter 5

Port Scanning

Chapter 6

Enumeration

Chapter 7

Programming for Security Professionals

Chapter 8

Microsoft Operating System Vulnerabilities

Chapter 9

Linux Operating System Vulnerabilities

Chapter 10

Hacking Web Servers

Chapter 11

Hacking Wireless Networks

Chapter 12

Cryptography

Chapter 13

Protecting Networks with Security Devices + Presentations

WebCT Discussion

All discussions must be completed by 8am on Wednesday. Do not wait till the last minute to start, you will cause difficulties to your classmates and also have 30 points penalty for starting later than Sunday 1 pm. Each person should give their opinion about assigned question (at least two paragraphs and references) and AT LEAST TWO posts to critique the work of your classmates.
Discussion grading criteria:

·         Preparation 20% - read material and post on time.

·         Information 20% - accurate information supported by external references.

·         Analysis 40% - highlights significant issues without overgeneralizing.

·         Interaction 20% - responses to peer's posts and where appropriate challenges other posts.

·         Penalty – 30 points for starting Sunday after 1 pm.

·         Bonus – 15 points for moderating the discussion.

Assignments, labs, and quizzes

Assignments will be posted on WebCT http://spsu.view.usg.edu/ at least one week before they are due. Quizzes will be announced one class in advance in class and on the class website. You are required to bring your textbook to class each week. You need it for many class activities. In most cases, lab exercises will be performed with a partner. However, students will be responsible for documenting lab exercise individually. All assignments are due at the beginning of the class on the due date. If for some reason you have not been able to submit assignment by deadline, then you have 24 hours to submit your work with a 20% penalty. No reports will be accepted after that.

Journal Content
For each chapter you should include:

  1. 2-3 paragraph description of the main points of the chapter
  2. Proof of completion of all hands-on activities from the chapter (except ones that are not possible to complete off-campus)

Students should post each journal entry on WebCT (use Discussion tool) and it should be up to date to the previous syllabus topic.
Note: Reviewer might be the instructor or your classmate. Timeliness of journal entries is 70% of the grade.

Grading Policy Your grade will be based upon:

Tests (2)

25%

Labs Reports

20%

Quizzes

10%

Research Projects (2)

25%

Journal

10%

Discussions

10%

The following numerical scale will be used in assigning grades based on Score, the weighted score computed using the preceding table.

Score ≥ 90

A

Score ≥ 80 & Score < 90

B

Score ≥ 70 & Score < 80

C

Score < 70

F

Preparation of work for this course
All assignments and lab reports must be submitted through WebCT before the corresponding deadline, specified on WebCT. The quizzes will consist entirely of multiple choice questions. The tests will be multiple choice, fill in the blank and short answer essay.