powered by
Center for Curriculum and Transfer Articulation
Ethical Hacking and Network Defense
Course: ITS240

First Term: 2013 Fall
 Lec + Lab   3.0 Credit(s)   4.0 Period(s)   3.7 Load  
Subject Type: Occupational
Load Formula: S- Standard


Description: Preparation for the EC-Council Certified Ethical Hacking examination. In-depth exploration of how to effectively protect computer networks from risks ranging from malicious infiltration to cyber-warfare. Includes examination of ethical hacking, relevant tools and methodologies, and its importance to network security. Resources to identify new computer network vulnerabilities and counter security strategies will be discussed as well as an overview of relevant computer crime laws and penalties.



MCCCD Official Course Competencies
1. Examine system vulnerabilities to ethical hacking and counter defense strategies. (I)
2. Evaluate the severity of network and computer attacks. (I)
3. Describe footprinting and social engineering and their relevance to system security. (I)
4. Perform port scanning and evaluate results. (I,II)
5. Practice and perform target enumeration. (I,II)
6. Demonstrate methods to hack web servers. (I,II)
7. Demonstrate hacking of web and wireless networks. (I,II)
8. Use cryptography to enhance system security. (I)
9. Compare and contrast available network protection systems. (I,II)
10. Develop business disaster recovery plan. (I)
11. Describe relevant TCP/IP concepts. (II)
12. Identify desktop and server operating systems (OS) vulnerabilities. (II)
13. Identify security risks of social media, texting and email. ( III)
14. Evaluate relevant computer crime laws and penalties. (III)
15. Identify ethical standards for penetration testers. (III)
16. Prepare business continuity plans for security management. (I, IV)
17. Define and distinguish embedded OSs. (III, V)
18. Review security vulnerability of embedded OSs and strategies to reduce risk. (III,V)
MCCCD Official Course Competencies must be coordinated with the content outline so that each major point in the outline serves one or more competencies. MCCCD faculty retains authority in determining the pedagogical approach, methodology, content sequencing, and assessment metrics for student work. Please see individual course syllabi for additional information, including specific course requirements.
 
MCCCD Official Course Outline
I. Planning corporate penetration tests and counter defense strategies
   A. Overview of corporate penetration tests
   B. Discover computer crime laws and penalties
   C. Footprinting and social engineering
   D. Port scanning and enumeration
   E. Operating systems (OS) vulnerabilities
   F. Network defense plan design
   G. Disaster recovery plan
II. TCP/IP concepts essential to managing network security
   A. Firewalls and demilitarized zones (DMZs).
   B. Port scans.
   C. Subject enumeration.
   D. Network protection systems.
III. Designing user education systems
   A. Dangers and ramifications of social engineering.
   B. Types of malware and defense against them.
   C. Penalties related to computer crimes.
   D. Ethics and legal issues
   E. Strategies for handling email-borne malware.
IV. Designing for business continuity and data availability
   A. Risks and potential consequences of business operation interruption
   B. Data management plans to minimize risk
   C. Data access strategies to maintain system
V. Preparing systems for OS hardening
   A. Software updates and compliance management.
   B. OS protection
   C. Special functions of embedded OSs
   D. Web server OS protection
   E. Wireless networks protection
 
MCCCD Governing Board Approval Date: June 25, 2013

All information published is subject to change without notice. Every effort has been made to ensure the accuracy of information presented, but based on the dynamic nature of the curricular process, course and program information is subject to change in order to reflect the most current information available.