CS3695 Network Vulnerability Assessment and Risk Mitigation

This course provides a basis for understanding the potential vulnerabilities and their mitigation in networked systems by studying methods to: (1) obtain information about a remote network, (2) to possibly exploit or subvert systems residing on that network and (3) techniques to mitigate risks to networked systems. Labs provide practical experience with current network attack and vulnerability assessment tools, as well as tools and methodologies for a systematic approach to reducing vulnerabilities. A final project that demonstrates skill and knowledge is required.

Prerequisite

CS3502 or IS3502 or CS3690 or permission of the instructor.

Lecture Hours

Lab Hours

Course Learning Outcomes

Upon successful completion of this course, you will be able to:

Describe the methodology used to assess the vulnerabilities of an organization connected to the Internet, to include:
- Footprinting
- Scanning
- Enumeration of Assets
- Gaining Access
- Escalating Privileges
- Pilfering
- Covering Tracks
- Creating Back Doors
- Denials of Service
Define and describe current types of vulnerabilities, how they leave an organization open to a threat, and how to protect against them.
Brief the reasons why hackers hack (their motivations), the different types of hackers, and some of the history of hackers and their exploits.
Employ the common tools of the trade used during the vulnerability assessments and used in risk mitigation.
Understand attack tools used by crime syndicates and nation state actors.
Use a distribution of Linux to compile new tools and use such applications as vi and nmap.
Complete an assessment on a lab network, to include a full mapping of the network, vulnerabilities that lie therein, and exploits that could be used as threats against them.