Southern Polytechnic State University
Information Technology Department
IT 6843 – Ethical Hacking: Network Security and Penetration Testing
Course
Syllabus
Required Textbooks
Michael Simpson, Hands-On Ethical
Hacking and Network Defense. Course Technology Incorporated, 2006,
ISBN 0-619-21708-1
Shon Harris et al, Gray Hat Hacking: The Ethical Hacker’s Handbook, McGraw-Hill, 2 edition, 2007. ISBN: 978-0071495684.
This course will be conducted as a hybrid (1/2 in class AND 1/2 web an On-line web course). People learn through interactions, to facilitate interactive learning this course will use Discussions feature of WebCT. Discussions will take place in an asynchronous manner.
Catalog Description
Prerequisite: IT 6823 Information Security Concepts
and Administration.
This course covers the major issues surrounding the use of penetration testing
to secure network security and important skills of a professional hacker and
common security challenges that an information security officer will face in
his/her work. Topics include the ethics of ethical hacking, laws and
regulations, vulnerability discovery and risk analysis, internal and external
attacks, how malicious hackers attack and exploit system vulnerabilities,
penetration testing methods and tools, latest security countermeasures, and various
types of penetration testing and programming skills required to complete
successful penetration tests and to secure real systems against real attacks.
Course Outcomes
Students who complete this course successfully will be able to
·
Differentiate
what an ethical hacker can and cannot do legally.
·
Evaluate
security threats and vulnerabilities.
·
Use
hacking tools to locate and fix security leaks.
·
Assess
potential operating systems vulnerabilities.
·
Compare
different crypto algorithms.
·
Manage
and configure network security devices to secure real systems against
real attacks.
·
In depth
knowledge of at least two network security topics.
|
|
Topics |
|
Chapter 1 |
Syllabus.
Ethical Hacking Overview |
|
Chapter 2 |
|
|
Chapter 2 |
TCP/IP
lab |
|
Chapter 3 |
Network
and Computer Attacks |
|
Chapter 4 |
Footprinting and Social Engineering |
|
Chapter 5 |
Port
Scanning |
|
Chapter 6 |
Enumeration |
|
Chapter 7 |
Programming
for Security Professionals |
|
Chapter 8 |
Microsoft
Operating System Vulnerabilities |
|
Chapter 9 |
Linux
Operating System Vulnerabilities |
|
Chapter 10 |
Hacking
Web Servers |
|
Chapter 11 |
Hacking
Wireless Networks |
|
Chapter 12 |
Cryptography |
|
Chapter 13 |
Protecting Networks with Security Devices + Presentations |
WebCT Discussion
All
discussions must be completed by 8am on Wednesday. Do not wait till the last
minute to start, you will cause difficulties to your classmates and also have
30 points penalty for starting later than Sunday 1 pm. Each person should give
their opinion about assigned question (at least two paragraphs and references)
and AT LEAST TWO posts to critique the work of your classmates.
Discussion grading criteria:
·
Preparation
20% - read material and post on time.
·
Information
20% - accurate information supported by external references.
·
Analysis
40% - highlights significant issues without overgeneralizing.
·
Interaction
20% - responses to peer's posts and where appropriate challenges other posts.
·
Penalty
– 30 points for starting Sunday after 1 pm.
·
Bonus – 15
points for moderating the discussion.
Assignments, labs, and quizzes
Assignments will be posted on WebCT http://spsu.view.usg.edu/ at least one week before they are due. Quizzes will be announced one class in advance in class and on the class website. You are required to bring your textbook to class each week. You need it for many class activities. In most cases, lab exercises will be performed with a partner. However, students will be responsible for documenting lab exercise individually. All assignments are due at the beginning of the class on the due date. If for some reason you have not been able to submit assignment by deadline, then you have 24 hours to submit your work with a 20% penalty. No reports will be accepted after that.
Journal Content
For each chapter you should include:
Students should post each journal entry on WebCT (use Discussion tool) and it should be up to date to
the previous syllabus topic.
Note: Reviewer might be the instructor or your classmate. Timeliness of journal
entries is 70% of the grade.
Grading Policy Your grade will be based upon:
|
Tests (2) |
25% |
|
Labs Reports |
20% |
|
Quizzes |
10% |
|
Research Projects (2) |
25% |
|
Journal |
10% |
|
Discussions |
10% |
The following numerical
scale will be used in assigning grades based on Score,
the weighted score computed using the preceding table.
|
Score ≥ 90 |
A |
|
Score ≥ 80 & Score < 90 |
B |
|
Score ≥ 70 & Score < 80 |
C |
|
Score < 70 |
F |
Preparation of work for this course
All assignments and lab reports must be submitted
through WebCT before the corresponding deadline,
specified on WebCT. The quizzes will consist entirely
of multiple choice questions. The tests will be multiple choice, fill in the
blank and short answer essay.