|
May 04, 2024
|
|
|
|
CIS 450 - Penetration Testing I 5 Credits This course is the first course in the Penetration Testing certificate. Students begin by reviewing the five fundamentals: information gathering, scanning, enumeration, exploitation and reporting. They will examine actual exploitation techniques and the business practices needed to prevent the same. The course focuses on the penetration testing of large network infrastructures with layer 2 and layer 3 attacks. Students will use basic and advanced tools to examine packets and network traffic. Students will be exposed to service provider level attacks, including VPN and SSL attacks – and learn how to detect/defend against them. Students are introduced to creating a pen testing lab. Upon completing the course, students can sit for the Mile2.com Pen Testing Consultant certification exam.
Pre-requisite(s) CIS 370 and CIS 412 and CIS 420 w/ min. 2.0 Program Admission Required Yes Admitted Program BAS - CIS FeesCF
Quarters Typically Offered
Winter Evening Spring Evening
Designed to Serve For students admitted to the BAS program in CyberSecurity and Forensics. Active Date 20190625T13:35:31
Grading System Decimal Grade Class Limit 24 Contact Hours: Lecture 44 Lab 22 Total Contact Hours 66 Degree Distributions: ProfTech Course Yes Restricted Elective Yes Course Outline
- Define Penetration Testing
- Laws and relevant regulations
- Business Practices and Policies
- Information Gathering
- Scanning
- Enumeration
- Exploitation
- Reporting
- Hardening and Testing Systems
- Exploits and Payloads
- Service Provider Attacks
- Packet Capture and Analysis
- Layer 2 Attacks
- Layer 3 Attacks
- Attacks on Cisco Infrastructure
- VPN Attacks
- Exploiting Certificates and Trust on Networks
- Testing IDS and IPS Systems
- Penetration Testing of Cloud Based Deployments
- Hardening and Retesting Systems
- Reporting to the Client / Management
Student Learning Outcomes Explain and report on the difference between penetration testing and hacking.
Explain the laws and relevant regulations that apply to penetration testing of systems.
Apply the business practices and policies that should be in place to the operating systems, networks and network devices used by the business or entity.
Explain the application and use of the five fundamentals of penetration testing.
Demonstrate the use of common tools for information gathering, scanning, enumeration, exploitation and reporting.
Demonstrate the of use the tools to harden and test systems.
Explain the impact and how to mitigate a service provider level attack.
Demonstrate the capture and analysis of packets.
Demonstrate a Layer 2 attack.
Add to Portfolio (opens a new window)
|
|