CISW 250 Ethical Hacking and Countermeasures*
To understand why IT vulnerabilities exist, and how to protect a system or network against them, one must understand the nature of these vulnerabilities, and how they are used to gain access to networks and systems. In a closed, controlled setting, students will learn the methodologies, tools and techniques used by penetration testers in order to properly secure their networks and systems.
CISW 250Ethical Hacking and Countermeasures*
Please note: This is not a course syllabus. A course syllabus is unique to a particular section of a course by instructor. This curriculum guide provides general information about a course.
I. General Information
Department
Information Technology
II. Course Specification
Course Type
Program Requirement
Credit Hours Narrative
3 Credits
Semester Contact Hours Lecture
45
Prerequisite Narrative
CISW 240 and CISS 236
Grading Method
Letter grade
III. Catalog Course Description
To understand why IT vulnerabilities exist, and how to protect a system or network against them, one must understand the nature of these vulnerabilities, and how they are used to gain access to networks and systems. In a closed, controlled setting, students will learn the methodologies, tools and techniques used by penetration testers in order to properly secure their networks and systems.
IV. Student Learning Outcomes
Upon completion of this course, a student will be able to:
- Describe penetration testing, and discuss its legal and practical ramifications.
- Set up and maintain tools necessary for penetration testing.
- Describe, and demonstrate the practice of each of the following technical areas: a. Reconnaissance: network/traffic/vulnerability analysis and similar topics b. Tools: using tools like Metasploit to exploit systemic weaknesses c. Web: Penetration testing websites and applications d. Systems: Penetration testing OS and services e. Offline: Exploiting information obtained through interaction with a system, such as a password analysis f. Maintaining Access: Post-exploitation and pivoting to other systems/networks
V. Topical Outline (Course Content)
VI. Delivery Methodologies