CYBE467 - Practicing CyberSecurity: Attacks & CounterMeasures - MWF - 3:00pm-3:50pm - Carter Hall 210
Instructor: Dr. Angelina A Tzacheva, Department of Computer Science and Information Systems College of Engineering ,
EMail: angelina.tzacheva@mail.wvu.edu, OfficeHours: MWF 4:00pm - 6:00pm , T 5:00pm - 6:00pm   via   Zoom   link:

Join Zoom Meeting
https://us02web.zoom.us/j/6297320999
MeetingPassCode : 096877


SkypeID:    angelina.tzacheva

Teaching Assistants:


Prerequisites: CYBE 366 & CS 453, or CYBE 366 &CS 321 .

Textbook:
TestOut   Cyber Defense Pro
https://w3.testout.com/courseware/cyberdefense-pro
Price Code   14-377-AN
Instructions to GET  ACCESS to TestOut   Cyber Defense Pro

Course Outline:
- Penetration Testing and Threat Hunting
- Organizational Security
- Security Controls
- Risk Identification Process
- Social Engineering
- Physical Security
- Countermeasures and Prevention


Student Learning Outcomes:
1. Recognize and Define Attacks and CyberDefense
2. Recognize and Solve problems in Organizational Security
3. Demonstrate Security Risk Identification and Management Skills

Instructional Method
This course takes case and project approach, complemented by lectures, and group activities.
Active Learning Activities and Flipped Classroom approach will be used once per week.
Lectures Notes, Videos, and Reading Assignments are posted in the syllabus table below, as well as on eCampus.
 Please download and read each lecture material, and view each Video on the specified day.
All material by date is listed, including preparation for the exams with sample questions. The exams are open-book / open-notes.
The exams are available through eCampus and can be completed at any time on the assigned day.
The textbook is necessary, as exam questions are based on lecture notes AND on the text.
There is a group project assignment, and students are expected to identify and communicate with their
group members, meet with them ( live or online ex. via Skype, GoogleHangout ), and participate in the group activities.

Credit Hours: This is a 3 credit hour course.
This course is designed to require about 10 hours per week - for readings, exams, exercises,
video cases, and group project work.
The material is technical, and requires dedication of time to comprehend.  To complete course successfully.
Designate 6 hours every lecture day for reading the given lecture, and book chapter.
Designate additional 4 hours per week for Exercises, VideoCase assignments, and Group meetings / activities.
Exercises are assigned after each chapter. The Exercises are due on eCampus on the dates they are assigned.
 Exercises are *not accepted* through e-mail. Late Exercises are not accepted.

Course Grading:
The final course grade is determined on the following weights:
Exam I   15%
Exam II   15%
Exam III   15%
Group Project   15%
Final Exam   15%
LABS   15%
Attendance   10%

Grading scale:
The final course letter grade is determiend as follows:
A   90% - 100%
B   80% - 89%
C   70% - 79%
D   60% - 69%
F   less than 60%
X   academic dishonesty

Grading Enquiries:
Grades to all Exercises, Exams, and Project are posted on eCampus shortly after the assignments are due.
Students are expected to observe their grades on eCampus, and e-mail TA and Instructor immediately if they notice any issues .
Students who have questions or concerns about their final CourseTotal grade are expected to e-mail the TA and Instructor at least
1 week prior to letter Grades being assigned on Banner registration system  . The letter grades Due date is found on the University Calendar at the end .
 Once the letter grades are assigned and rolled on Banner registration system , we are unable to change the grades anymore .

Academic Integrity and Honesty:
Students are required to read and abide by the Code of Student Academic Integrity available from Dean of Students Office.
 This code forbids cheating, fabrication or falsification of information, multiple submissions of academic work,
plagiarism (including viewing others work without instructor permission), abuse of academic materials, and complicity of
academic dishonesty. Violations of the Code of Student Academic Integrity, including plagiarism, result in disciplinary action as provided by the Code.

Civility:
We are concerned with a positive learning experience.
This course strives to create an inclusive academic climate in which the dignity of all individuals is respected and maintained.
We value diversity that is beneficial to both employers and society at large. Students are encouraged to actively and
 appropriately share their views in class discussions.

Inclement Weather:
University Policy Statement states the University is open unless the Chancellor announces that the University is closed.
 In the event of inclement weather, check your e-mail, and eCampus. The instructor will post a message on eCampus, and through e-mail.
The instructor will use their best judgment as to whether class should be held.

Disability:
We are committed to access to education. If you have a disability and need academic accomodations,
please provide a letter of accomodation from Disability Services early in the semester. For more information on accomodations,
contact the Office of Disability Services .

Withdrawal:
The University policy on Course Withdrawal allows students a limited number of opportunities available to withdraw from courses.
There are financial and academic consequences that may result from course withdrawal. If a student is concerned about his / her ability
 to succeed in this course it is important to make an appointment to speak with the instructor as soon as possible.

Syllabus Revision:
The instructor may modify the class schedule and syllabus during the course of the semester.
For example - additional educational vidoes may be posted. Same changed will appear on eCampus.
Students are responsible for refreshing their syllabus once per week.

E-Mail Communication:
Students are responsible for *all* announcements made in class and on the class online resources.
Students should check the online class resources throughout the semester. The Instructor and Teaching Assistants
send occasional e-mails with important information.
We send this information to the student's  e-mail address listed on Banner system.
 If a student is not checking his / her  e-mail address ( ex. userName@mail.wvu.edu )
please be sure to access this e-mail and check it regularly during this course.

Class Expectation:
By attending class beyond the first week, students agree to follow the framework and rules related to this course as described above.




Syllabus:
Date
 Material
Jan 09
Monday
 Preview of course syllabus     |     Assignment of Students in Groups   -  for the Group Project :
Project Assignment Description
       
Jan 11
Wednessday
 Group 01 Moderator

Chapter 1

1.1 Introduction to TestOut CyberDefense Pro

1.1.1 TestOut CyberDefense Pro Overview

1.1.2 Use the Simulator

1.1.3 Explore the New Lab Features

Chapter 2

2.1 Penetration Testing and Threat Hunting

2.1.1 Penetration Test Process and Types

2.1.2 Penetration Test Process and Types Facts

2.1.3 Threat Data and Intelligence

2.1.4 Threat Data and Intelligence Facts

2.1.5 Security Intelligence Cycle

2.1.6 Security Intelligence Cycle Facts

2.1.7 Threat Hunting Overview

PowerPoint :_01_Introduction
PowerPoint :_02_ThreatIntelligence

Jan 13
Friday
 		Chapter 2

2.1 Penetration Testing and Threat Hunting

2.1.8 Threat Hunting Facts

2.1.9 Threat Actor Types

2.1.10 Threat Actor Type Facts

2.1.11 Section Quiz


2.2 Organizational Security

2.2.1 Attack Frameworks

2.2.2 Attack Frameworks Facts

2.2.3 Threat Research


2.2 Organizational Security


2.2.4 Threat Research Facts

2.2.5 Threat Modeling

2.2.6 Threat Modeling Facts

PowerPoint :_02_ThreatIntelligence

VIDEO:_02_2.1_PENETRATION_TESTING_ThreatHunting
Jan 16
Monday 		MLK Day- No Class
Jan 18
Wednessday 		Chapter 2

2.2 Organizational Security


2.2.7 Threat Intelligence Sharing

2.2.8 Threat Intelligence Sharing

2.2.9 Section Quiz



2.3 Security Controls

2.3.1 Security Frameworks and Policies

2.3.2 Security Frameworks and Policies Facts

2.3.3 Security Control Categories and Types

2.3.4 Security Control Categories and Types Facts

2.3.5 Section Quiz


PowerPoint :_02_ThreatIntelligence
Jan 20
Friday		 Group 01 Moderator
Chapter 3


3.1 Risk Identification Process

3.1.1 Risk Identification Process Overview

3.1.2 Risk Identification Process Facts

3.1.3 Section Quiz

3.2 Risk Calculation

3.2.1 Risk Calculation Overview

3.2.2 Risk Calculation Facts

3.2.3 Section Quiz

 3.3 Risk Communication and Training

3.3.1 Communication and Training Overview

3.3.2 Communication and Training Facts

3.3.3 Section Quiz
PowerPoint :_03_RiskMitigation
Jan 23
Monday 		Chapter 4


4.1 Social Engineering

4.1.1 Social Engineering Overview

4.1.2 Social Engineering Overview Facts

4.1.3 Social Engineering Motivation

4.1.4 Social Engineering Motivation Facts

4.1.5 Social Engineering Techniques

4.1.6 Social Engineering Technique Facts

4.1.7 Phishing and Internet-Based Techniques

4.1.8 Phishing and Internet-Based Technique Facts

4.1.9 Use the Social Engineer Toolkit

4.1.10 Identify Social Engineering

4.1.11 Section Quiz

PowerPoint :_04_Social_PhysicalSecurity
Jan 25
Wednessday 		Chapter 4

4.2 Physical Security

4.2.1 Physical Security Overview

4.2.2 Physical Security Facts

4.2.3 Physical Security Attacks

4.2.4 Physical Security Attack Facts

4.2.5 Section Quiz


4.3 Countermeasures and Prevention

4.3.1 Countermeasures and Prevention

4.3.2 Countermeasures and Prevention Facts

PowerPoint :_04_Social_PhysicalSecurity
Jan 27
Friday		 Group 02 Moderator

Chapter 4

4.3 Countermeasures and Prevention

4.3.3 Implement Physical Security Countermeasures

4.3.4 Section Quiz

PowerPoint :_04_Social_PhysicalSecurity

Preparing for EXAM I
Jan 30
Monday		 Exam I
- access exam on eCampus
- may complete exam any time of the day today (finish no later than 11:55pm)
- allowed time for exam is:       3:00 hours
Feb 01
Wednessday 		Chapter 5

5.1 Reconnaissance Overview

5.1.1 Reconnaissance Processes

5.1.2 Reconnaissance Process Facts

5.1.3 Reconnaissance Tool Facts

5.1.4 Google Hacking for Office Documents

5.1.5 Reconnaissance with TheHarvester

5.1.6 Reconnaissance with Nmap

5.1.7 Perform Reconnaissance with Nmap

5.1.8 Section Quiz

PowerPoint :_05_Reconnaissance
Feb 03 Friday Group 03 Moderator

5.2 Reconnaissance Countermeasures

5.2.1 Reconnaissance Countermeasures

5.2.2 View Windows Services

5.2.3 Disable Windows Services

5.2.4 View Linux Services

5.2.5 Manage Linux Services

5.2.6 Enable and Disable Linux Services

5.2.7 Reconnaissance Countermeasure Facts

5.2.8 Disable IIS Banner Broadcasting

5.2.9 Hide the IIS Banner Broadcast

5.2.10 Section Quiz

PowerPoint :_05_Reconnaissance
Feb 06  Monday Chapter 5

5.3 Scanning

5.3.1 Scanning Processes

5.3.2 Scanning Process Facts

5.3.3 Scanning Tool Facts

5.3.4 Troubleshoot Connectivity with ping/hping3

5.3.5 Perform a Scan with Nmap

5.3.6 Perform an Internal Scan with Nmap

5.3.7 Perform an External Scan Using Zenmap

5.3.8 Perform a Scan with Nmap Scripts

5.3.9 Scanning Considerations

5.3.10 Scanning Considerations Facts

5.3.11 Scanning and Terminating Processes

5.3.12 Scan for Zombie Processes

5.3.13 Section Quiz

PowerPoint :_05_Reconnaissance
Feb 08
Wednessday
 Chapter 6


6.1 Enumeration Overview

6.1.1 Enumeration

6.1.2 Enumerate Operating Systems

6.1.3 Enumerate Windows

6.1.4 Enumerate a Linux System

6.1.5 Enumeration Facts

6.1.6 Enumerate with NetBIOS Enumerator

6.1.7 Enumerate Ports and Services Facts

6.1.8 Perform Enumeration with Nmap

6.1.9 Enumerate with SoftPerfect

6.1.10 Enumerate with Metasploit

6.1.11 Perform Enumeration with Metasploit

6.1.12 Perform Enumeration of MSSQL with Metasploit

6.1.13 Section Quiz

6.2 Enumeration Countermeasures

6.2.1 Enumeration Countermeasures

6.2.2 Enumeration Countermeasure Facts

6.2.3 Disable DNS Zone Transfers

6.2.4 Prevent Zone Transfer

6.2.5 Section Quiz

PowerPoint :_06_Enumeration
Feb 10
Friday
 Group 04  Moderator
Chapter 7

7.1 Vulnerability Assessment

7.1.1 Vulnerability Assessment

7.1.2 Vulnerability Assessment Facts

7.1.3 Conduct Vulnerability Scans

7.1.4 Section Quiz


7.2 Vulnerability Management Life Cycle

7.2.1 Vulnerability Management Life Cycle

7.2.2 Vulnerability Management Life Cycle Facts

7.2.3 Vulnerability Solutions

7.2.4 Vulnerability Solution Facts

7.2.5 Section Quiz

PowerPoint :_07_Vulnerability Management
Feb 13
Monday

 		Class Cancelled -  No Class
//Please Read the Chapters and do the Quiz

Chapter 7

7.3 Vulnerability Scoring Systems

7.3.1 Vulnerability Scoring Systems

7.3.2 Vulnerability Scoring System Facts

7.3.3 Section Quiz


PowerPoint :_07_Vulnerability Management
Feb 15
Wednessday
 Chapter 7

7.4 Vulnerability Analysis

7.4.1 Vulnerability Assessment Tools

7.4.2 Vulnerability Assessment Tool Facts

7.4.3 Vulnerability Scan Analysis

7.4.4 Configure a Nessus Scan

7.4.5 Analyze Scan Results from a Nessus Report


 PowerPoint :_07_Vulnerability Management
Feb 17
Friday

 Group 05 Moderator
Chapter 7

7.4 Vulnerability Analysis

7.4.6 Vulnerability Scan Analysis Facts

7.4.7 Scan for Vulnerabilities on a Windows Workstation

7.4.8 Scan for Vulnerabilities on a Linux Server

7.4.9 Section Quiz

PowerPoint :_07_Vulnerability Management
Feb 20
Monday
 Chapter 8

8.1 Identity and Access Management Security

8.1.1 Identity and Access Management

8.1.2 Identity and Access Management Facts

8.1.3 Federation

8.1.4 Federation Facts

8.1.5 Single Sign-On

8.1.6 Single Sign-On Facts

8.1.7 Section Quiz


PowerPoint :_08_IdentityAccessManagementSecurity _IAM
Feb 22
Wednessday
 Chapter 8

8.2 Privilege Escalation

8.2.1 Privilege Escalation in Windows

8.2.2 Use Bootable Media to Modify User Accounts

8.2.3 Crack the SAM Database

8.2.4 Change a Windows Password

8.2.5 Privilege Escalation in Windows Facts

8.2.6 Configure User Account Control

PowerPoint :_08_IdentityAccessManagementSecurity _IAM
Feb 24
Friday 		Group 06 Moderator

Chapter 8

8.2 Privilege Escalation

8.2.7 Enforce User Account Control

8.2.8 Use Fail2Ban

8.2.9 Escalate Privileges with Curl

8.2.10 Explore Privilege Creep

8.2.11 Section Quiz

PowerPoint :_08_IdentityAccessManagementSecurity _IAM

Preaparing for Exam II
Feb 27
Monday		 Exam II
- access exam on eCampus
- may complete exam any time of the day today (finish no later than 11:55pm)
- allowed time for exam is:       3:00 hours
Mar 01 Wednessday Chapter 8

8.3 Identity and Access Management Threats

8.3.1 Identity and Access Management Threats Overview

8.3.2 Identity and Access Management Threats Facts

8.3.3 Keylogger Attack

8.3.4 Analyze a USB Keylogger Attack

8.3.5 Use Rainbow Tables

8.3.6 Analyze Passwords using Rainbow Tables

8.3.7 Crack Passwords

8.3.8 Crack Password-Protected Files

8.3.9 Crack a Router Password

8.3.10 Use L0phtCrack to Audit Passwords

8.3.11 Configure Password Policies

8.3.12 Configure Account Password Policies

8.3.13 Section Quiz

PowerPoint :_08_IdentityAccessManagementSecurity _IAM
Mar 03 Friday Group 07  Moderator
Chapter 8

8.4 Certificate Management

8.4.1 Certificate Types

8.4.2 Certificate Types Facts

8.4.3 Manage Certificates

8.4.4 Manage Certificates

8.4.5 Section Quiz

PowerPoint :_08_IdentityAccessManagementSecurity _IAM
Mar 06 Monday Class Cancelled -  No Class
//Please Read the Chapters and do the Quiz

Chapter 9

9.1 Malware

9.1.1 Malware Overview

9.1.2 Malware Overview Facts

9.1.3 Trojans and Backdoors

9.1.4 Trojan and Backdoor Facts

9.1.5 Malware Concerns

9.1.6 Malware Concern Facts

9.1.7 Malware Analysis

9.1.8 Malware Analysis Facts

9.1.9 Create a Virus

9.1.10 Create a HTTP Trojan

9.1.11 Use ProRat to Create a Trojan

9.1.12 Section Quiz

PowerPoint :_09_CybersecurityThreats
Mar 08 Wednessday Chapter 9

9.2 Combat Malware

9.2.1 Anti-Malware Software

9.2.2 Scan for Open Ports with Netstat

9.2.3 Track Port Usage with TCPView

9.2.4 Anti-Malware Software Facts

9.2.5 Detect Open Ports with Nmap

9.2.6 View Open Ports with netstat

9.2.7 Scan for Open Ports from a Remote Computer

9.2.8 Counter Malware with Windows Defender

9.2.9 Reverse Engineering Overview

9.2.10 Perform Reverse Engineering

9.2.11 Inspect HTTP Requests with Tamper Data

9.2.12 Navigate the DVWA Website

9.2.13 Reverse Engineering Facts

9.2.14 Section Quiz

PowerPoint :_09_CybersecurityThreats
Mar 10 Friday Group 08 Moderator

Chapter 9

9.3 Sniffing

9.3.1 Sniffing

9.3.2 Sniffer Facts

9.3.3 Sniff Network Traffic with Wireshark

9.3.4 Sniff Network Traffic with TShark

9.3.5 Capture Traffic with TCPDump

9.3.6 Use SMAC to Spoof MAC Addresses

9.3.7 Poison ARP

9.3.8 Analyze ARP Poisoning with Wireshark

9.3.9 Poison DNS

9.3.10 Analyze DNS Spoofing

9.3.11 Filter and Analyze Traffic with Wireshark

9.3.12 Analyze Email Traffic for Spoofed Addresses

9.3.13 Analyze Email Traffic for Sensitive Data

9.3.14 Sniffing Countermeasures and Detection

9.3.15 Detect Promiscuous Mode

9.3.16 Sniffing Countermeasure and Detection Facts

9.3.17 Section Quiz

PowerPoint :_09_CybersecurityThreats
Mar 13 Monday Spring Break - No Class
Mar 15
Wednessday
 Spring Break - No Class
Mar 17
Friday
 Spring Break - No Class
Mar 20 Monday Chapter 9

9.4 Session Hijacking

9.4.1 Session Hijacking Overview

9.4.2 Session Hijacking Facts

9.4.3 Client-Side and Network Attacks

9.4.4 Client-Side and Network Attack Facts

9.4.5 Perform a Man-in-the-Middle DHCP Attack

9.4.6 Analyze a DHCP Spoofing Man-in-the-Middle Attack

9.4.7 Analyze HTTP POST Packets with Wireshark

9.4.8 Set Up a Web Session Hijack

9.4.9 Hijack a Web Session

9.4.10 Session Hijacking Countermeasures

9.4.11 Session Hijacking Countermeasure Facts

9.4.12 Section Quiz

PowerPoint :_09_CybersecurityThreats
Mar 22 Wednessday Chapter 9

9.5 Denial of Service

9.5.1 Denial of Service (DoS) Overview

9.5.2 Denial of Service (DoS) Facts

9.5.3 DoS Attack Types

9.5.4 DoS Attack Type Facts

9.5.5 Perform a SYN Flood

9.5.6 Analyze a SYN Flood Attack

9.5.7 Analyze ICMP Traffic in Wireshark

9.5.8 Launch a DoS and DDoS Attack

9.5.9 Analyze a DoS Attack

9.5.10 Analyze a DDoS Attack

9.5.11 DoS Countermeasures

9.5.12 DoS Countermeasure Facts

9.5.13 Section Quiz

PowerPoint :_09_CybersecurityThreats
Mar 24 Friday
 Group 09 Moderator
Chapter 9
9.6 SQL Injections

9.6.1 SQL Injection

9.6.2 SQL Injection Facts

9.6.3 SQL Injection Attack Types

9.6.4 SQL Injection Attack Facts

9.6.5 Exploit SQL on a Web Page

9.6.6 Explore SQL Injection Flaws

9.6.7 SQL Injection Countermeasures

9.6.8 SQL Injection Countermeasure Facts

9.6.9 Find SQL Injection Flaws with sqlmap

9.6.10 Test a Web Application with Burp Suite

9.6.11 Detect SQL Injection Flaws with Burp Suite

9.6.12 Section Quiz

PowerPoint :_09_CybersecurityThreats

Preparing for EXAM III
Mar 27 Monday Exam III
- access exam on eCampus
- may complete exam any time of the day today (finish no later than 11:55pm)
- allowed time for exam is:       3:00 hours
Mar 29 Wednessday Chapter 10


10.1 Intrusion Detection Systems

10.1.1 Security Monitoring

10.1.2 Security Monitoring Facts

10.1.3 Intrusion Detection System (IDS)

10.1.4 Intrusion Detection System (IDS) Facts

10.1.5 Evade IDS

10.1.6 Evade IDS Facts

10.1.7 Intrusion Detection and Prevention with Snort

10.1.8 Intrusion Detection and Prevention with Suricata

10.1.9 Implement Intrusion Prevention with pfSense

10.1.10 Section Quiz

PowerPoint :_10_InfrastructureSecurity
Mar 31 Friday Group 10 Moderator
Chapter 10

10.2 Firewalls

10.2.1 Firewalls

10.2.2 Firewall Facts

10.2.3 Evade Firewalls

10.2.4 Evade Firewalls Facts

10.2.5 Configure a Perimeter Firewall

10.2.6 Configure a Perimeter Firewall

10.2.7 Avoid Firewall Detection

10.2.8 Perform a Decoy Scan

10.2.9 Bypass Windows Firewall with Metasploit

10.2.10 Bypass Windows Firewall with Nmap

10.2.11 Configure NPS Remote Access

10.2.12 Create a Remote Access Policy

10.2.13 Protect Remote Access with NPS

10.2.14 Section Quiz

PowerPoint :_10_InfrastructureSecurity
Apr 03 Monday Chapter 10

10.3 Honeypots and DNS Sinkholes

10.3.1 Honeypots

10.3.2 Honeypot Facts

10.3.3 Evade Honeypots

10.3.4 Evade Honeypots Facts

10.3.5 Detect Malicious Network Traffic with a Honeypot

10.3.6 Create a Honeypot with Pentbox

10.3.7 Blackholing and DNS Sinkholing

10.3.8 DNS Sinkholes Facts

10.3.9 Section Quiz

PowerPoint :_10_InfrastructureSecurity
Apr 05 Wednessday Group 11 Moderator

Chapter 10

10.4 Web Servers

10.4.1 Web Server Hacking

10.4.2 Web Server Hacking Facts

10.4.3 Web Server Attacks

10.4.4 Web Server Attack Facts

10.4.5 Mirror a Website with HTTrack

10.4.6 Extract Web Server Information

10.4.7 Extract Web Server Information with Nmap

10.4.8 Analyze FTP Credentials with Wireshark

10.4.9 Web Server Countermeasures

10.4.10 Web Server Countermeasures Facts

10.4.11 Evaluate Webserver Security

10.4.12 Section Quiz

PowerPoint :_10_InfrastructureSecurity
Apr 07 Friday Spring Holiday - No Classes
Apr 10 Monday Chapter 10

10.5 Network Access

10.5.1 Network Access Control (NAC)

10.5.2 Network Access Control (NAC) Facts

10.5.3 Permissions

10.5.4 Permission Facts

10.5.5 Change File Permissions with icacls

10.5.6 Section Quiz

PowerPoint :_10_InfrastructureSecurity
Apr 12 Wednessday
Chapter 10

10.6 Web Applications

10.6.1 Web Applications

10.6.2 Web Application Facts

10.6.3 Web Application Hacking

10.6.4 Web Application Hacking Facts

10.6.5 Overflow Attacks

10.6.6 Overflow Attacks Facts

10.6.7 Hidden Field Manipulation Attacks

10.6.8 Exploit Cross-Site Scripting Vulnerabilities

10.6.9 Test the Security of a Web Application 1

10.6.10 Test the Security of a Web Application 2

10.6.11 Web Application Countermeasures

10.6.12 Scan a Website with Acunetix

10.6.13 Web Application Countermeasure Facts

10.6.14 Set Up URL Blocking

10.6.15 Configure URL Blocking

10.6.16 Section Quiz

PowerPoint :_10_InfrastructureSecurity
Apr 14 Friday Chapter 10

10.7 Specialized Technology

10.7.1 Embedded Systems

10.7.2 Embedded Systems Facts

10.7.3 Controller Systems

10.7.4 Controller Systems Facts

10.7.5 Premises and Automotive Systems

10.7.6 Premises and Automotive Systems Facts

10.7.7 Use Windows Defender Application Control

10.7.8 Configure Windows Defender Application Control

10.7.9 Section Quiz


PowerPoint :_10_InfrastructureSecurity
Apr 17 Monday Class Cancelled -  No Class
//Please Read the Chapters and do the Quiz

Chapter 11

11.1 Wireless Security

11.1.1 Wireless Overview

11.1.2 Wireless Facts

11.1.3 Wireless Encryption and Authentication

11.1.4 Wireless Encryption and Authentication Facts

11.1.5 Wireless Hacking

11.1.6 Wireless Hacking Facts

11.1.7 Wi-Fi Packet Analysis

11.1.8 Crack Wi-Fi Encryption with Aircrack-ng

11.1.9 Discover a Hidden Network

11.1.10 Wireless Hacking Countermeasures

11.1.11 Wireless Hacking Countermeasure Facts

11.1.12 Detect a Rogue Device

11.1.13 Discover a Rogue DHCP Server

11.1.14 Locate a Rogue Wireless Access Point

11.1.15 Set Up a Captive Portal

11.1.16 Configure a Captive Portal

11.1.17 Section Quiz

PowerPoint :_11_Wireless_IoTSecurity
Apr 19 Wednessday Chapter 11

 11.2 Bluetooth Security

11.2.1 Bluetooth Threats

11.2.2 Bluetooth Threats Facts

11.2.3 Discover Vulnerable Bluetooth Devices

11.2.4 Discover Bluetooth Devices

11.2.5 Section Quiz

PowerPoint :_11_Wireless_IoTSecurity
Apr 21 Friday Chapter 11

11.3 Mobile Device Security

11.3.1 Mobile Device Attacks

11.3.2 Mobile Device Attack Facts

11.3.3 Mobile Device Operating Systems

11.3.4 Mobile Device Operating System Facts

11.3.5 Exploit Android with Binary Payloads

11.3.6 Securing Mobile Devices

11.3.7 Secure a Mobile Device

11.3.8 Mobile Device Defense

11.3.9 Mobile Device Management Facts

11.3.10 Section Quiz

PowerPoint :_11_Wireless_IoTSecurity
Apr 24 Monday
11.4 Cloud Security

11.4.1 Cloud Computing

11.4.2 Cloud Computing Facts

11.4.3 Cloud Threats

11.4.4 Cloud Threats Facts

11.4.5 Cloud Attacks

11.4.6 Cloud Attacks Facts

11.4.7 Cloud Security

11.4.8 Cloud Security Facts

11.4.9 Secure Files in the Cloud

11.4.10 Use ScoutSuite to Analyze a Cloud Infrastructure

11.4.11 Section Quiz

11.5 Internet of Things Security

11.5.1 Internet of Things

11.5.2 Internet of Things Facts

11.5.3 IoT Technologies and Protocols

11.5.4 IoT Technologies and Protocols Facts

11.5.5 IoT Security Challenges

11.5.6 IoT Security Challenge Facts

11.5.7 IoT Security

11.5.8 IoT Security Facts

11.5.9 Search for IoT with Shodan

11.5.10 Scan for IoT with Nmap

11.5.11 Scan for Vulnerabilities on IoT

11.5.12 Section Quiz

PowerPoint :_11_Wireless_IoTSecurity
Apr 26 Wednessday Chapter 12


12.1 Hardware Analysis

12.1.1 Hardware Assurance

12.1.2 Hardware Assurance Facts

12.1.3 Encrypt Data

12.1.4 Encrypt a Hard Disk

12.1.5 Encrypt a Hard Drive

12.1.6 Segmentation

12.1.7 Segmentation Facts

12.1.8 Secure Processing

12.1.9 Secure Processing Facts

12.1.10 Section Quiz

12.2 Security Information and Event Management (SIEM)

12.2.1 Security Information and Event Management (SIEM) Overview

12.2.2 SIEM Review Facts

12.2.3 Set Up Security Appliance Access

12.2.4 Configure a Security Appliance

12.2.5 Configure Security Appliance Access

12.2.6 Use Security Onion v2 – Hunter

12.2.7 Use Security Onion v2 – Kibana

12.2.8 Evaluate Network Security with Kibana

12.2.9 Evaluate Network Security with Hunter-1

12.2.10 Evaluate Network Security with Hunter-2

12.2.11 Section Quiz

PowerPoint :_12_InfrastructureAnalysis
Apr 28
Friday

 Reading Day - No Class
//Read the following Chapters and complete the section Quizzes

Chapter 12

 12.3 Log Review

12.3.1 Log Review Overview

12.3.2 Log Review Facts

12.3.3 Configure Centralized Logging with Cisco Devices

12.3.4 Use pfSense to Log Events

12.3.5 Evaluate Event Logs in pfSense

12.3.6 Log Events with pfSense

12.3.7 Evaluate Event Logs in pfSense

12.3.8 Log Events with Event Viewer

12.3.9 Windows Event Subscriptions

12.3.10 Configure Collector-Initiated Subscriptions

12.3.11 Configure Source-Initiated Subscriptions

12.3.12 Windows Event Subscription Facts

12.3.13 Evaluate Windows Log Files

12.3.14 Analyze Network Traffic with NetworkMiner

12.3.15 Section Quiz

12.4 Asset and Change Management

12.4.1 Asset Management Overview

12.4.2 Asset Management Facts

12.4.3 Supply Chain Overview

12.4.4 Supply Chain Facts

12.4.5 Change Management Overview

12.4.6 Change Management Facts

12.4.7 Section Quiz

12.5 Virtualization Management

12.5.1 Virtualization Management Overview

12.5.2 Virtualization Management Facts

12.5.3 Section Quiz

PowerPoint :_12_InfrastructureAnalysis
May 01 Monday Final Exam

 
Syllabus Copyright 2015-2025 Angelina A Tzacheva.
No reusage or reproduction without permission.