Course Description

Encompasses in‐depth exploration of various methods for attacking and defending a network. Explores network security concepts from the viewpoint of hackers and their attack methodologies. Includes topics about hackers, attacks, Intrusion Detection Systems (IDS) malicious code, computer crime and industrial espionage.

General Course Purpose

This course introduces the student to the process and tools, including nmap and other port scanning tools, used to perform ethical hacking. A discussion of different network attacks, computer crime, and hacking is provided. The purpose of this course is to inform the student of common techniques used by attackers in order to increase awareness and assist the student learn how to effectively counter these attacks. This course also includes content, as indicated below in parenthesis behind each learning objective, which directly maps to DHS/NSA’s Center of Academic Excellence – 2 Year (CAE2Y) criteria. Please find the current information on NOVA's Cybersecurity Program.

Course Prerequisites/Corequisites

Prerequisites: ITN 260

Course Objectives

Upon completing the course, the student will be able to:

1. Attacks (PTT)(VLA)
   1. Explain the professional hacker’s methodology for attacking a network.
      
   2. Explain the script kiddie’s methodology for attacking network.
      
   3. Explain network security vulnerabilities.
      
   4. Explain hackers, hacker techniques, tools and methodologies.
      
   5. Describe hacker motivation.
      
   6. Describe and perform network reconnaissance
      
   7. Describe and perform network mapping and scanning
      
   8. Describe and perform gaining access to a network.
      
   9. Describe and perform maintaining access to a network.
      
   10. Describe and perform covering tracks after gaining access to a network.
       
   11. Describe the Adversary Model (resources, capabilities, intent, motivation, risk aversion, access).
       
   12. Use a network mapping tool to identify open ports on a network. 
2. Malicious Code (CTH)
   1. Describe the general symptoms of a virus attack
      
   2. Differentiate between viruses and worms.
      
   3. Identify and describe the various categories of viruses and how they operate.
      
   4. Identify and describe the virus attack categories.
      
   5. Identify and describe the propagation of worms.
      
   6. Learn the terms and definitions associated with viruses, worms and malicious code.
      
   7. Describe the use of social engineering in the propagation of worms and viruses.
      
   8. Describe the operation of a macro virus.
      
   9. Define and describe the two basic approaches to antivirus software.
      
   10. Describe how to defend against a worm and virus attack.
3. Computer Crime (CCR)
   1. Describe the steps in planning for a computer incident.
      
   2. Identify the difficulty in establishing who has jurisdiction over a computer crime.
      
   3. Understand the legal issues with regard to preserving digital evidence.
      
   4. Describe the various factors to consider in evaluating the financial loss due to a computer incident.
      
   5. Identify and describe the incident response goals and priorities.
      
   6. Describe the factors involved in identifying a computer incident.
      
   7. Describe and use the various tools associated with identifying an intruder.
      
   8. Specify the process for the initial response to an incident.
      
   9. Identify the various factors involved in assessing an incident.
      
   10. Identify the various types of documentation that should be examined in evaluating an incident.
       
   11. Describe how to handle and evaluate a computer incident.
       
   12. Recognize the role of law enforcement and rule of particularity in executing a search warrant.
       
   13. Describe the role the network security specialist would play in assisting the law enforcement and prosecution effort.
       
   14. Describe the difficulties in prosecuting a computer crime incident.
4. Industrial Espionage (CCR)(ICS)
   1. Differentiate between competitive intelligence, economic intelligence, and industrial espionage.
      
   2. Differentiate between information, data, knowledge and intelligence.
      
   3. Specify the advantages of intelligence in industrial espionage.
      
   4. Describe the foreign intelligence organizations interested in economic intelligence and their general methodology.
      
   5. Describe Industrial Control Systems (ICS) and security issues associated with ICS and SCADA.
      
   6. Describe personnel countermeasure factors.
      
   7. Describe physical countermeasure factors.
      
   8. Describe technical countermeasure factors.
5. Information Warfare (CSE)(PLE)
   1. Describe the history of warfare and its relationship to information warfare.
      
   2. Describe the historical factors that lead to information warfare.
      
   3. Explain the concerns of the US. Government with regard to the information infrastructure.
      
   4. Identify the spectrum of threats against the information infrastructure.
      
   5. Specify the role of offensive information warfare.
      
   6. Identify the types and roles of information warfare weapons.
      
   7. Specify the role of defensive information warfare.
      
   8. Explain the information assurance factors relating to defensive information warfare.
      
   9. Explain the military role in information warfare.
      
   10. Explain the civilian role in information warfare.
       
   11. Explain the law enforcement role in information warfare.