Dec 26, 2024  
2021-2022 Course Catalog 
    
Catalog Navigation
  Catalog Home
  Introduction to Century College
  Mission, Vision, Values

  College Calendar

  Course Descriptions and Outlines
  Programs (Century Academic Pathway)
  Programs (Department)
  Programs (A-Z)

  Academic Policies and Program Requirements
  Admissions and Registration
  Application for Admission
  Student Services and Resources
  Student Handbook
  Transfer

  Continuing Education and Customized Training
  College Administration and Faculty
  Maps and Directions
  Archived Catalogs
  My Portfolio
HELP
2021-2022 Course Catalog [ARCHIVED CATALOG]

Facebook this Page (opens a new window)
Tweet this Page (opens a new window)
Add to Portfolio (opens a new window)

CVF 2089 - Internet of Things Hacking

Credits: 3
Hours/Week: Lecture 2 Lab 2
Course Description: This course builds on the topics covered in CVF 2086 and CVF 2088. This class will focus on how cybercriminals identify and abuse weaknesses found on Internet of Things (IoT) devices. IoT devices can include internet connected web cameras, refrigerators, sprinkler systems, beds, and much more. This course includes how cybercriminals identify and abuse issues in IoT devices to include API weaknesses, wireless attacks, mobile application attacks, finding sensitive data in the cloud, and escalating privileges on compromised devices. Hands on labs will be used to ensure students finish the course with practical skills to take to the work place.
MnTC Goals
None

Prerequisite(s): CVF 2086  with grade of C or higher OR instructor consent.
Corequisite(s): None
Recommendation: None

Major Content
1. Internet of Things Discovery

  1. Port Scanning
  2. Open Source Intelligence
  3. Wireless Scanning

2. Internet of Things Devices

  1. Printers
  2. Web Cameras
  3. Kiosks
  4. Miscellaneous

3. Mobile Applications

  1. Source Code Analysis
  2. Local Sensitive Data Exposure
  3. Admin Abuse
  4. Data in Transit

4. Wireless

  1. Wi-Fi Attacks
  2. ZigBee Attacks
  3. Bluetooth Attacks

5. Application Programming Interfaces

  1. Finding Targets
  2. Common Weaknesses

6. Cloud

  1. Authentication
  2. Public Data Exposure
  3. Multi-Factor Bypasses

7. Local Device Attacks

  1. Breaking out of restricted shells
  2. Privilege Escalation
  3. Physical Attacks
  4. Pivoting

Learning Outcomes
At the end of this course, students will be able to:

1. identify when an internet of things device or appliance is on the network.

2. identify how a cybercriminal can abuse an internet of things device.

3. articulate how to remediate critical vulnerabilities in internet of things devices.

4. articulate security common measures that should be taken when deploying internet of things devices.

5. explain the value of simulating and testing attacks against internet of things devices on a corporate network.

6. identify tools and resources needed to simulate attacks against internet of things devices.

7. create robust vulnerability/simulation documentation.

8. identify security gaps in internet of things devices.

9. identify and abuse flaws in printers.

10. identify and abuse flaws in network connected web cameras.

11. identify and abuse flaws in wireless protocols on internet of things devices.

12. identify and abuse flaws in mobile applications.

13. identify and abuse flaws in internet of things APIs.

14. identify and abuse flaws in internet of things data stored in the cloud.

15. identify and abuse flaws in internet of things devices after gaining access.
Competency 1 (1-6)
None
Competency 2 (7-10)
None


Courses and Registration


Facebook this Page (opens a new window)
Tweet this Page (opens a new window)
Add to Portfolio (opens a new window)