Ethical Hacking(2)

Ethical Hacking CISS 301 Orientation

Instructor: Buddy Spisak • Office Hours:

• •

• • •

– Monday’s 6-7 p.m. in BS-143 (Jan. 28th to May 12th , 2008) – I am also available through Email or you can chat with me using Microsoft’s Windows Messenger (when I am available). Phone: (916) 568-3100 x14162 or (800) 486-8162 x14162 Email: [email protected] (put “CISS 301” in the subject line). The turn around time for most Email is about one to two days. Be sure to include your name in each Email so that I can identify who you are and what the Email is about. Course Web page: http://blackboard.losrios.edu/ Instructor Web page: http://wserver.crc.losrios.edu/~spisakj/ Microsoft Messenger: You can also add me to you contact list for Windows Messenger. You can use my Email address to find me.

CISS 301

2

Course Details • Class Credits: 2 units • Prerequisite: None • Advisory: CISC 323, CISC 356, and CISS 300 • Lecture: Online • Lab Hours: – Tuesday 6:00 to 10:05 p.m. • Accepted for Credit: CSU CISS 301

3

Required Textbook:

Hands-On Ethical Hacking and Network Defense Author:  Michael T. Simpson Publisher:  Thompson Course Technology ISBN10:  0-619-21708-1 ISBN13: 978-0-619-21708-2

CISS 301

4

Optional Materials: • 3-1/2” floppies or a flash drive to store your work for the class.

CISS 301

5

Course Description: • With the threats of cyber-terrorism and corporate

espionage increasing, the need for trained network security professionals continues to grow.  This course covers penetration-testing tools and techniques that White Hat Hackers and security testers used to protect computer networks.  This course provides a structured knowledge base for preparing security professionals to discover vulnerabilities and recommend solutions for tightening network security and protecting data from potential attackers. 

CISS 301

6

Student Learning Outcomes and Course Objectives: As a result of completing this course, you will be able to: • Describe the role of an ethical hacker • Differentiate between what you can or cannot do legally as an ethical hacker • Describe the TCP/IP protocol stack and be able to review the addressing schemes and how they relate to TCP/IP protocol and security • Explain the basic concepts of IP addressing • Explain the binary, octal, and hexadecimal numbering systems CISS 301

7

Student Learning Outcomes and Course Objectives Continued: • Critique the physical security attacks and their • • • •

vulnerabilities Describe the different types of malicious software Classify the different methods of protecting against malware attacks Evaluate the different types of network attacks and how they can be prevented Research the different types of port scans currently being used; the tools available to most hackers; their purpose, and function

CISS 301

8

Student Learning Outcomes and Course Objectives Continued: • Reason what ping sweeps are used for • Uncover how shell scripting is used to automate

security tasks • Critique the advantages and disadvantages of different Intrusion Detection (IDS) technology currently available • Critique the advantages and disadvantages of different software firewall technology currently available • Investigate honeypots, their purpose and usefulness in a network security plan CISS 301

9

Student Obligations: • It is important that you understand what is expected of you in this course. • Refer to the Syllabus if you have any questions.

CISS 301

10

Attendance: • Since this course is an online-hybrid class, only attendance at the

• • • •

On-Campus Orientation on January 22, 2008 and the Final Exam on March 11, 2008 is necessary. There will be weekly lab time on campus, and it is up to you to complete the lab assignments during the lab time or at home. Doing the labs themselves is not optional but doing them at the college can be. I will be giving credit for students attending the lab On-Campus. Typically each week we will be covering two chapters in your textbook. Attendance for the On-Campus Final Exam is required. Photo identification is required at the time of the exam to verify your identity.

CISS 301

11

Quizzes: • Each week there will be a quiz that will test you on the material covered.

– –

It is open book and open notes. You can take the quiz multiple times to improve you score, but be aware that the questions may change each time you take quiz and that you last quiz score will be the one counted as your grade.

• Each quiz is worth 30 points.

CISS 301

12

Discussion Board: • I want everyone to take a pro-active approach to learning

this material. This includes using the discussion board to ask questions and also answer other students’ questions. I will be posting questions to further your understanding of the material. • I expect each student to post at least two times in a discussion board item. – You can accomplish this task by asking questions about the current discussion topic or by responding to existing questions. – My expectation from you is that you will write at least two to three sentence responses that add substance to the discussion.

• Each discussion board item is worth 20 points.

CISS 301

13

Labs: • We will be spending a lot of time working

on lab activities. Each lab assignment has review questions that you will need to answer in Blackboard in order for you to receive points for that assignment. • You are responsible for making sure that your instructor receives your lab review. • Each lab assignment is worth 50 points.

CISS 301

14

Final Exam: • The final exam will consist of two parts.

One part will be a hands-on practical demonstration of assigned tasks and the other part will be an exam taken in Blackboard. • The final exam will be on Tuesday, March 11th, 2008. – I will be having a review session the week before to help you. CISS 301

15

Due Dates: • Unless noted, all assignments will be submitted in Blackboard under the “Weekly Assignments” link.

– If, for any reason, you cannot access Blackboard or are unable to submit the assignment on time, please Email it to me instead so that you are not penalized for being late.

• Quizzes and the discussion board items cannot be taken past their due date.

– If you miss a quiz and you want to make up points, you can take advantage of the extra credit assignments posted in Blackboard. – Everyone is welcome to work on the extra credit assignments. Typically, they are five to ten points each, depending on the difficulty of the assignment.

CISS 301

16

Late Work: • Unless noted all assignments are due on Monday by midnight each week.

– I have identified the due dates in the course schedule. – Late work will be accepted ONLY if you have contacted me prior to the due date either by Email or voice mail. – In general, late work is due the next week, and no late assignments may be turned in after one week from the original due date regardless of the reason. – For every day an assignment is late, you will lose 10% of its grade.

CISS 301

17

Plagiarism Policy/Cheating: Plagiarism: • It is inappropriate, and a violation of academic policy, to copy information from any source (including, but not limited to, textbooks, magazine articles, newspaper articles and Internet articles) without giving proper credit to the author by using standard quotation procedures such as in-line quotes, footnotes, endnotes, etc. Quotes may not exceed 25% of the assignment’s total length. • You will receive no credit (0 points) for any assignment that copies any material from any other source without giving proper credit to the author(s). Repeated offenders of this policy are subject to academic discipline as outlined in the polices published by the college. Cheating: • Students who cheat will receive a failing grade for the course. (see CRC 2007-08 College Catalog, p. 42.)

CISS 301

18

Dropping: • Students are responsible for dropping the course.

CISS 301

19

Email/Discussion Board Etiquette: • Every student will be required to have an Email • •

account. I will not tolerate rude and demeaning comments or Emails to anyone in this class. Please keep you comments and Emails topic-related. If I determine that a comment or Email to anyone else in the class is rude or demeaning, I will warn you once. If you behavior continues to be unacceptable, I will refer you to the administration of the college for disciplinary action.

CISS 301

20

Personal Belongings: • No food or drinks are allowed in the

classroom. • All cell phones, beepers, and pagers, etc. should be turned off or set to vibrate. – Any telephone calls need to be taken outside.

CISS 301

21

Disabilities: • If you have a documented disability and wish to discuss academic accommodations, please contact after class or contact the Office of Disable Student Programs and Services at 6917275 as soon as possible.

CISS 301

22

Campus Police • You can call 691-7777 to request a safety escort.

CISS 301

23

Online Course Responsibilities: • This course requires significant self-motivation. You must

not get behind. Labs and weekly assignments can take up to eight hours to finish. Please don’t try to finish them in one day. Not all activities are created equal. Some may take a bit longer than others. • You would normally spend 3 hours per week in class for this course: total of 54 hours. Allow yourself at least 8 hours per week to complete the activities online, including the time spent writing for the postings to the class discussion board. You should plan additional time to read the textbook and study for the quizzes. • Some people believe this is a much easier way to study this subject than an on-campus framework because they love to read and avoid the parking problems. Others feel very intimidated at first. Be patient as you work your way through the activities. CISS 301

24

Using Blackboard: • How to log in:

– You will not be able to participate in the online portion of your class using Los Rios Online until you have enrolled in your course through your college's registration system. – Students registered as of the first day of the term should already have Los Rios Online accounts and be linked to the classes in which they are enrolled.

• To log on to your Blackboard account, open your

web browser and go to the following URL: http://blackboard.losrios.edu • Your User Name is the letter w followed by your Student ID# Example: w0123456 • Your default password is your birthday in the format: MMDDYYYY Example: Birthday is June 12, 1974 then password = 06121974 CISS 301

25

Grading: Course Topic

Points

Total

Approximate % the of Grade

Labs (6)

50

300

40

Orientation Quiz (1)

10

10

1

Quizzes (4)

30

120

16

DB (Discussion Boards) (6)

20

120

16

200

200

27

Final Exam (1)

Point System: There are 750 total assigned points. Grade Ranges: A= 675-750, B=600-674, C=525-599, D=450-524, F=0CISS 301 449

26

Sample Schedule: Day: Week 1

Tues.

(1/22)

Lecture/Lab Schedule: Orientation and Introductions Ch 1: Ethical Hacking Overview

Assignment Due:

Due Date (By Midnight):

Orientation DB Orientation Quiz

Mon., Jan. 28, 2008

View the Online Orientation

Ch 2: TCP/IP Concepts Review

Week 2

Tues.

CISS 301

(1/29)

Ch 3: Networking and Computer Attacks

DB #1

Ch4: Network and Computer Attacks

Lab Review #1

Mon. , Feb. 4, 2008

27

Conclusion: • Log into Blackboard and take the Orientation

Quiz. It is due on Monday, Jan. 28th, 2008. • Go to the Orientation Discussion Board and introduce yourself to the class. • Registered students for the class have access to Blackboard and can log into the campus network. • Email any questions you might have to me.

CISS 301

28