![]() |
CNIT 140: IT Security PracticesSpring 2018 - Sam BowneScoresSchedule · Reference Materials · Projects · Practice · Links · Home Page
Moved to SCIE 37 |
![]() |
Purpose of ClassTraining students for cybersecurity competitions, including CTF events and the Collegiate Cyberdefense Competition (CCDC). This training will prepare students for employment as security professionals, and if our team does well in the competitions, the competitors will gain recognition and respect which should lead to more and better job offers. ![]() Live StreamingYou can attend class remotely using a PC, Mac, Linux, iOS or Android: https://zoom.us/j/4108472927 TextbookThere will be no textbook. We will use online tutorials and CTFs instead. Catalog DescriptionThis course explores techniques used by hackers to access protected data. Students will learn about cybercrime laws, penalties and organizations defending civil liberties of citizens. Students will learn about the various methodologies hackers use to gain access to confidential data such stealthy network recon, passive traffic identification, etc. CSU |
Class Schedule (may be revised) | ||||
Date | Topic | |||
---|---|---|---|---|
Mon Jan 22 | First Class: Cybercompetitions: CCDC, CPTC, & NCL Class Structure and Grading
| |||
Mon Jan 29 | Practice 1 -- Goal: 4 picoCTF Challenges Solved | |||
Mon Feb 5 | Practice 2
| |||
Mon Feb 12 | Practice 3 | |||
Mon Feb 19 | Holiday: No Class | |||
Mon Feb 26 | Practice 4 NCL Registration Starts | |||
Mon Mar 5 | Practice 5 | |||
Mon Mar 12 | Practice 6 | |||
Mon Mar 19 | Practice 7 | |||
Mon Mar 26 | Holiday: No Class | |||
Mon Apr 2 | TBA | |||
Mon Apr 9 | ||||
Mon Apr 16 | Practice 9 | |||
Mon Apr 23 | Practice 10 | |||
Mon Apr 30 | ||||
Mon May 7 | ||||
Mon May 14 |
| |||
There is no final exam in this class |
|
|
Reference Materials | ||
---|---|---|
Grading Policy ·
First Day Handout
Tim Krugh's Slides (ODP) · Tim Krugh's Lecture (YouTube) Codepath Cybersecurity University 1. Networking -- Traffic flow, switching, and routing. · KEY · PDF 2. Perimeter Security -- Network and Host based firewalls, how they work and how to configure them, as well as Intrusion Detection Systems, Virtual Private Networks, and DMZs.· KEY · PDF Write-Up for "Judgement", from Tokyo Westerns / MMA CTF 2nd 2016
3. Flashing/Patching -- Both Hardware and Software Flashing/Patching NECCDC Materials & Rekall KEY · PDF 4. UNIX -- Multiple flavors of UNIX such as Fedora Core, Solaris, Gentoo, BSD, Ubuntu, etc. 5. Windows Workstations and Servers -- NT, 2000, 2008, 2012, XP, 7, 8, 10 6. User Management -- Adding and deleting users on multiple Operating Systems and managing those user accounts 7. Services and Applications -- Email, DNS, HTTP, HTTPS, SQL, Web applications 8. Tools - Port Scanners, Vulnerability Scanners, MD5, and Software based firewalls and IDSs. 9. Authentication -- Beyond just knowing how to change passwords in multiple environments, also understanding other forms of authentication such as multi-factor, biometrics, and tokens 10. General - Performing admin duties such as installing, securing, updating, troubleshooting, and maintaining the functionality of computer systems on a network.
Click a lecture name to see it on SlideShare. If you want to use other formats, you may find this useful: Cloud Convert. |
Projects (under development) | |
---|---|
Installing Python on Windows Downloading the Virtual Machines Detecting Nmap Scans with Snort
Suggested Project Topics
Networking EquipmentConfiguring routers and switches; using Packet TracerConfiguring firewalls Windows ServersCommon Services: IIS, SQL Server, Exchange, and Domain ControllersFinding and Patching Vulnerabilities: MBSA Linux ServersEssential Versions: Ubuntu, Fedora, FreeBSD, and SolarisServices: Apache, Bind, and Sendmail ProtocolsHTTP, HTTPS, DNS, SMTP, POP3, SSH, FTP, SQLIntrusion DetectionSnort, Splunk, Configuring Logging, Network MonitoringInjectsMigrate a Website from IIS to Apache | |
Tools (may be revised)Assessment Tools:Kali, Codescout, Metasploit Framework, Microsoft Baseline Security Analyzer, Nessus, Netcat, Nikto, Nmap, Paros Proxy, Superscan Forensics Utilities: Coroners Toolkit DNS Utilities: Dig, Nslookup, Whois Packet Analysis: Ettercap, TCPDUMP, Wireshark Compression Utilities: Gzip, 7-Zip, Tar, Zip Perimeter Security: Iptables/TCP Wrappers, Snort Password Auditing: John the Ripper, L0pht Crack, Cain and Abel Miscellaneous Tools: GCC, Make, MD5, Microsoft Update, Nagios, PGP, PHPMyAdmin Ping, Sysinternals, Traceroute, Tripwire Training: Hackme Bank, Books, Casino, Shipping, or Travel, WebGoat, WebMaven |