CSCA 5303: Security & Ethical Hacking: Attacking the Network
ÌýPreview this courseÌýin the non-credit experience today!Ìý
Start working toward program admission and requirements right away.ÌýWork you complete in the non-credit experience will transfer to the for-credit experience when you upgrade and pay tuition. See How It Works for details.
- Course Type: Elective
- Specialization: Security & Ethical Hacking
- Instructors:ÌýDr. Ahmed Hamza
- Prior knowledge needed: An understanding of python programming and networking basics is required. Course assessments are practical work, quizzes and exams.
Course Description
This course explains the science and art behind offensive security techniques used in penetration testing of networks and systems. A review of networking concepts is given. Students will utilize low-level programming through network interfaces, in executing a variety of network attacks, while learning to use essential auxiliary tooling for both recon and active attacks. An introduction to cryptogpahy for pentesters is provided.
An understanding of python programming and networking basics is required. Course assessments are practical work, quizzes and exams.
Learning Outcomes
- Analyze a complex computing problem and to apply principles of computing and other relevant disciplines to identify solutions.
- Design, implement, and evaluate a computing-based solution to meet a given set of computing requirements in the context of the program’s discipline.
- Communicate effectively in a variety of professional contexts.
- Recognize professional responsibilities and make informed judgments in computing practice based on legal and ethical principles.
- Function effectively as a member or leader of a team engaged in activities appropriate to the program’s discipline.
- Apply computer science theory and software development fundamentals to produce computing-based solutions.
Course Grading Policy
| Assignment | Percentage of Grade |
|---|---|
| Ungraded Labs | 0% |
| Graded Assignments | 60% (5 assignments; 12% each) |
| Final Exam | 40% |
Course Content
Duration: 4Ìýhours, 51 minutes
Module 1 provides an introduction to the course sequence, motivations, ethical concepts and challenges, and a refresher on networking concepts.Ìý
Duration: 6 hours, 2 minutes
Module 2 provides an in-depth technical introduction to network packet crafting and interpretation with scapy. Other essential tools such as ncat (and the older netcat!), as well as an introduction to monitoring tools.
Duration: 6Ìýhours, 17 minutes
Module 3 provides a detailed exposition of Nmap for host discovery, port scanning, service and operating system identification. We touch on firewalking (firewall bypass) and evasion techniques in heavily monitored environments. We also discuss other, related tooling, and manual construction with scapy for some things beyond nmap native capability.
Duration: 2Ìýhours, 31 minutes
Module 4 examines how network recon leads to a variety of network attacks, and the timeline of modern browser-built defenses in encrypted communication, and how these can be bypassed. An advanced attack scenario with malicious software updates is presented.
Duration: 6 hours, 56 minutes
Most advanced attackers possess evasive capabilities when operating campaigns in any target network -- module 5 builds on previous material and focuses specifically on masking attacker activities with network tunneling. We examine the SSH protocol and tunneling forms, as well as how to use dynamic socks proxies to enable any remote tool to covertly tunnel into, and operate within, a target space.Ìý
Duration: 2Ìýhours, 31 minutes
This module contains materials for the proctored final exam for MS-CS degree students. If you've upgraded to the for-credit version of this course, please make sure you review the additional for-credit materials in the Introductory module and anywhere else they may be found.Ìý
Notes
- Page Updates: This page is periodically updated. Course information on the Coursera platform supersedes the information on this page. Click theÌýView on CourseraÌýbuttonÌýabove for the most up-to-date information.