CVF 2086 - Introduction to Ethical Hacking Credits: 3 Hours/Week: Lecture 1 Lab 4 Course Description: This course covers the three major phases of penetration testing (Reconnaissance, Vulnerability Analysis and Exploitation) in detail. This course includes how to prepare a final ethical hacking report, tailored to maximize the value of the test from both a management and technical perspective. The final portion of the class includes a comprehensive hands-on exercise, conducting a penetration test against a hypothetical target organization, following all of the steps. This course also describes the limitations of penetration testing techniques and other practices that can be used to augment penetration testing to find vulnerabilities in architecture, policies, and processes. MnTC Goals None
Prerequisite(s): CVF 1083 with a grade of C or higher OR instructor consent. Corequisite(s): None Recommendation: None
Major Content 1. Ethics
1.1 What is Ethical Hacking
1.2 Scenarios
1.3 Consequences of unethical hacking
2. Phases of Ethical Hacking
2.1 Purpose of Ethical Hacking
2.2 Types of tests
2.3 Reconnaissance
2.4 Vulnerability Analysis
2.5 Exploitation
3. Reconnaissance
3.1 Open Source Intelligence
3.2 Passive Information Gathering
3.3 Active Information Gathering
3.4 Banner Grabbing
3.4 Service Enumeration
4. Vulnerability Analysis
4.1 Default/Poor Configurations
4.2 Version Fingerprinting
4.3 Common Vulnerabilities and Exposures (CVEs)
4.4 Automated Vulnerability Scanning
5. Exploitation
5.1 Metasploit Framework
5.2 Buffer Overflows
5.3 Brute Forcing
5.4 Cracking Hashes
5.5 Post Exploitation
5.5 Exploit-DB
6. Report Writing
6.1 Executive Summaries
6.2 Evidence
6.3 Recommendations
6.4 Walkthroughs Learning Outcomes At the end of this course students will be able to:
- explain what it means to ethically hack and the consequences of unethical hacking.
- describe the phases of ethical hacking.
- explain the use basic ethical hacking tools such as NMap and Metasploit.
- articulate ethical hacking findings in a professional report format.
- perform ethical hacking against a lab environment.
- identify vulnerabilities and weak systems on a lab network.
- articulate fixes/recommendations for identified vulnerabilities.
- explain the benefits of ethical hacking and how it can strengthen security programs.
Competency 1 (1-6) None Competency 2 (7-10) None Courses and Registration
Add to Portfolio (opens a new window)
|