CYB/231 - Ethical Hacking Part 2
Course Description
This course provides training on penetration testing. Introduced topics include sniffing, social engineering, denial-of-service, session hijacking, hacking webservers, evading IDS, firewalls, and honeypots.
This undergraduate course is 5 weeks.
PLEASE NOTE:
Attendance and participation are mandatory in all university courses, and specific requirements may differ by course. If attendance requirements are not met, a student may be removed from the course. Please review the Course Attendance Policy in the Catalog for more information.
Course Objectives
Week 1
- Describe the sniffing process, including the challenges, tools, and techniques.
- Differentiate various spoofing and poisoning attacks.
- Determine the best attack methods to employ using sniffing techniques.
- Interpret the results of a Wireshark® capture.
- Determine the appropriate sniffing countermeasures against spoofing and poisoning attacks.
Week 2
- Describe social engineering concepts.
- Identify human weaknesses that are susceptible to social engineering attacks.
- Formulate a phishing campaign.
- Determine credential harvesting techniques to obtain information.
- Evaluate tools and techniques used for Denial of Service attacks.
Week 3
- Describe session hijacking.
- Analyze the techniques involved in session, network, and application layer session hijacking.
- Explain how Wireshark® is used to capture data indicating session hijacking.
- Evaluate countermeasures for session hijacking.
Week 4
- Explain the purpose, tools, and techniques for conducting and detecting webserver and web application hacking in a penetration test.
- Discriminate between webserver hacking and web application hacking.
- Compare vulnerabilities of open source versus proprietary webserver architectures.
- Formulate a webserver penetration test plan.
- Provide countermeasures for hacking webservers.
Week 5
- Describe web application architectures.
- Differentiate webserver and web application architectures.
- Evaluate the results of a web application attack.
- Outline a webserver/web application penetration test plan.
Disclaimers
The University of Phoenix reserves the right to modify courses.
While widely available, not all programs are available in all locations or in both online and on-campus formats. Please check with an Enrollment Representative.
Transferability of credit is at the discretion of the receiving institution. It is the student’s responsibility to confirm whether or not credits earned at University of Phoenix will be accepted by another institution of the student’s choice.