|
Apr 25, 2024
|
|
|
|
CST 285 - Network Intrusion Security TestingCredits: 3 Instructional Contact Hours: 3
Serves as a capstone for the Information Assurance track. Introduces security testing to protect networks and computers by using various tools to attempt entry into a network or computer. Credit may be earned in CST 158 or CST 285, but not both.
Prerequisite(s): CST 250W and CST 252 Corequisite(s): None Lecture Hours: 15 Lab Hours: 30 Meets MTA Requirement: None Pass/NoCredit: Yes
Outcomes and Objectives
- Test a network for proper security measures.
- Discuss intrusion testing.
- Discuss what can be done legally.
- Discuss what cannot be done legally.
- Discuss the importance of getting it in writing.
- Discuss TCP/IP concepts.
- Discuss proper TCP/IP security objectives.
- Discuss IP addressing.
- Discuss binary, octal, and hexadecimal numbering systems.
- Discuss network and computer attacks.
- Discuss malicious software.
- Discuss protecting against malware attacks.
- Discuss intruder attacks on networks and computers.
- Discuss addressing physical security.
- Discuss footprinting and social engineering.
- Discuss using web tools for footprinting.
- Discuss conducting competitive intelligence.
- Discuss using DNS zone transfers.
- Discuss social engineering.
- Discuss port scanning.
- Discuss types of port scans
- Discuss using port scanning tools.
- Discuss conducting ping sweeps.
- Discuss shell scripting.
- Discuss enumeration.
- Discuss enumeration and what it is.
- Discuss enumerating Microsoft Operating systems.
- Discuss enumerating the NetWare Operating system.
- Discuss enumerating the Unix Operating system.
- Discuss Microsoft operating system vulnerabilities.
- Discuss tools to identify vulnerabilities on Microsoft systems.
- Discuss Microsoft OS vulnerabilities.
- Discuss vulnerabilities in Microsoft services.
- Discuss best practices for hardening Microsoft systems.
- Discuss Linux operating system vulnerabilities.
- Discuss Linux fundamentals.
- Discuss Linux OS vulnerabilities.
- Discuss remote access attacks on Linux systems.
- Discuss countermeasures against Linux remote attacks.
- Discuss web server vulnerabilities.
- Discuss web applications.
- Discuss web application vulnerabilities.
- Discuss tools of web attackers and security tools.
- Discuss cryptography.
- Discuss cryptographic basics.
- Discuss symmetric and asymmetric algorithms.
- Discuss PKI.
- Discuss cryptographic attacks.
- Discuss protecting networks with security devices.
- Discuss network security devices.
- Discuss firewalls.
- Discuss NIDS.
- Discuss HIDS.
- Discuss honeypots.
- Identify network and application vulnerabilities using a scripting language.
- Perform network attacks (including port scanning, port knocking, and brute-forcing logins).
- Bypass antivirus products with a scripting language.
- Find buffer overflow vulnerabilities with fuzz testing.
- Create remote code execution exploits for Linux and Windows targets.
Add to Portfolio (opens a new window)
|
|