Apr 24, 2024  
2022-2023 College Catalog 
    
Catalog Navigation
  Catalog Home
  Message from the Chancellor
  Course Descriptions
  General Education Courses
  All Programs
  Admissions, Registration and Records
  Earning a Degree or Certificate
  Faculty
  Compliance Documents
HELP
2022-2023 College Catalog [ARCHIVED CATALOG]

CIS 247 - Ethical Hacking I

3 Credits, 4 Contact Hours
2 lecture periods 2 lab periods

Skills necessary to plan and scope an assessment, understand legal and compliance requirements, perform vulnerability scanning and penetration testing, analyze data, and effectively report and communicate results.

Prerequisite(s): CIS 137  
Information: This course may help in preparation for the CompTIA PenTest+ examination.
Gen-Ed: Meets AGEC-S Options requirement


  button image Prior Learning and link to PLA webpage

Course Learning Outcomes
1.          Analyze results from a vulnerability scan.

2.         Assess known vulnerabilities across multiple technologies such as network devices, wireless, applications and operating systems.

3.          Compare ethical penetration testing and unethical hacking.

Outline:
  1. Planning and Scoping
    1. Understanding the target audience
    2. Rules of engagement and disclaimers
    3. Communications escalation
    4. Legal
      1. Contracts
        1. SOW
        2. NDA
        3. MSA
      2. Written authorization
    5. Types of assessments
      1. Red Team
      2. Compliance-based
      3. Goal based
    6. Target Selection
      1. On-site vs off-site
      2. Social engineering
    7. Strategies
      1. Black box
      2. White box
      3. Gray box
  2. Information Gathering and Vulnerability Identification
    1. Information gathering
      1. Scanning and enumeration
      2. Packet inspection
      3. Fingerprinting
      4. Eavesdropping
      5. Decompiling and debugging
      6. Open Source Intelligence (OSINT)
    2. Perform scans
      1. Types of scans
        1. Discovery
        2. Full
        3. Stealth
        4. Compliance
      2. Application scanning
      3. Consideration
        1. Bandwidth
        2. Execution time
        3. Business impact
    3. Leveraging Information
      1. Map vulnerabilities to potential exploits
      2. Techniques to execute attack
        1. Exploit chaining
        2. Social engineering
        3. Password attacks
          1. Credential brute force
          2. Rainbow tables
          3. Dictionary attacks
  3. Attacks and Exploits
    1. Social engineering attacks
      1. Spear phishing
      2. Impersonation
      3. USB drop
    2. Network based vulnerabilities
      1. Man in the middle
      2. DoS
      3. DNS exploits
      4. SMB, SMTP, SNMP, FTP exploits
      5. Pass the hash
    3. Wireless and RF vulnerabilities
      1. RFID cloning
      2. Bluejacking
      3. Deauthentication attacks
      4. Credential harvesting
    4. Application vulnerabilities
      1. Injections
      2. Cross site scripting
      3. Cookie manipulation
      4. Directory traversal
      5. Default/weak credentials
      6. Session hijacking
    5. Local host vulnerabilities
      1. OS Vulnerabilities
      2. Privilege escalation
      3. Physical device security
      4. Sandbox escape
    6. Post exploitation
      1. Lateral movement
      2. Persistence
      3. Exfiltration
      4. Covering your tracks
  4. Penetration Testing Tools
    1. Scanning
    2. Credential harvesting
    3. OSINT
    4. Wireless
    5. Web Proxies
    6. Frameworks
  5. Reporting and Communication
    1. Report writing and handling
    2. Post engagement cleanup
    3. Follow-up actions/retesting
    4. Attestation of findings
    5. Recommend mitigation techniques for discovered vulnerabilities