Jul 11, 2025  
2021-22 Catalog 
    
Catalog Navigation
  Catalog Home
  About Highline
  Academic Calendars
  Core Competencies
  Enroll in Classes
  Getting Started
  Assessment, Placement, and Educational Planning
  Financial Aid and Student Employment
  Programs, Resources and Services for Students
  Registration and Records
  Tuition and Fees
  Advanced Placement Equivalency Information
  Course Descriptions
  Associate Degree & Certificate Requirements
  Baccalaureate Degrees
  Professional Technical Associate Degrees & Certificates
  Transferable Degrees and Certificates
  Other Instructional Programs
  Board of Trustees/Faculty/Staff
  College Policies and Procedures
  Instructional Policies and Procedures
  Maps
  Services Directory
  Glossary
  Veterans Services Addenda
  My Portfolio
HELP
2021-22 Catalog [ARCHIVED CATALOG]

Add to Portfolio (opens a new window)

CIS 450 - Penetration Testing I

5 Credits
This course is the first course in the Penetration Testing certificate. Students begin by reviewing the five fundamentals: information gathering, scanning, enumeration, exploitation and reporting. They will examine actual exploitation techniques and the business practices needed to prevent the same. The course focuses on the penetration testing of large network infrastructures with layer 2 and layer 3 attacks. Students will use basic and advanced tools to examine packets and network traffic. Students will be exposed to service provider level attacks, including VPN and SSL attacks - and learn how to detect/defend against them. Students are introduced to creating a pen testing lab. Upon completing the course, students can sit for the Mile2.com Pen Testing Consultant certification exam.

Pre-requisite(s) CIS 370 and CIS 420 w/ min. 2.0
Program Admission Required Yes Admitted Program BAS - CIS
FeesCF

Quarters Typically Offered
Winter Evening
Spring Evening

Designed to Serve For students admitted to the BAS program in CyberSecurity and Forensics.
Active Date 20210403T10:07:58

Grading System Decimal Grade
Class Limit 24
Contact Hours: Lecture 44 Lab 22
Total Contact Hours 66
Degree Distributions:
ProfTech Course Yes
Restricted Elective Yes
Course Outline
 

  • Define Penetration Testing
  • Laws and relevant regulations
  • Business Practices and Policies
  • Information Gathering
    • Common tools
    • Methodology
  • Scanning
    • Common tools
    • Methodology
  • Enumeration
    • Common tools
    • Methodology
  • Exploitation
    • Common tools
    • Methodology
  • Reporting
    • Common tools
    • Methodology
  • Hardening and Testing Systems
  • Exploits and Payloads
  • Service Provider Attacks
  • Packet Capture and Analysis
  • Layer 2 Attacks
  • Layer 3 Attacks
  • Attacks on Cisco Infrastructure
  • VPN Attacks
  • Exploiting Certificates and Trust on Networks
  • Testing IDS and IPS Systems
  • Penetration Testing of Cloud Based Deployments
  • Hardening and Retesting Systems
  • Reporting to the Client / Management


Student Learning Outcomes
Explain and report on the difference between penetration testing and hacking including laws and relevant regulations.

Apply the cybersecurity practices and policies that should be in place to the operating systems, networks and network devices used by the business or entity.

Explain the application and use of the  industry fundamentals of penetration testing.

Demonstrate the use of common tools for information gathering, scanning, enumeration, exploitation and reporting.

Explain and demonstrate the of use the tools to harden and test systems.

Explain  the impact of advanced persistent threats and how to mitigate same.

Demonstrate the capture and analysis of packets.

Explain the attacks against each ISO layer.


Add to Portfolio (opens a new window)