Ethical Hacking CISS 301 Orientation Summer 2012
Instructor: Buddy Spisak Office Hours: Office Hours: –Monday’s 6:30 -7:40 p.m. in BS-143 (Jun. 11 to Jul. 30, 2012) –I am also available through or you can chat with me using Microsoft’s Windows Messenger (when I am available). Phone: (916) x14162 or (800) x14162 Phone: (916) x14162 or (800) x (put “CISS 301” in the subject line). The turnaround time for most is about one to two days. Be sure to include your name in each so that I can identify who you are and what the is about. (put “CISS 301” in the subject line). The turnaround time for most is about one to two days. Be sure to include your name in each so that I can identify who you are and what the is Course Web page: Course Web page: Instructor Web page: Instructor Web page: Microsoft Messenger: You can also add me to you contact list for Windows Messenger. You can use my address to find me. Microsoft Messenger: You can also add me to you contact list for Windows Messenger. You can use my address to find me. CISS 301 2
Course Details Class Credits: 2 units Class Credits: 2 units Prerequisite: None Prerequisite: None Advisory: CISC 323, CISC 356, and CISS 300 Advisory: CISC 323, CISC 356, and CISS 300 Lecture: Online Lecture: Online Lab Hours: Lab Hours: –Tuesday 6:00 to 9:10 p.m. in BS-153 Accepted for Credit: CSU Accepted for Credit: CSU CISS 301 3
Required Textbook: Hands-On Ethical Hacking and Network Defense Second Edition Author: Michael T. Simpson Publisher: Thompson Course Technology, 2011 ISBN10: ISBN13: CISS 301 4
Optional Materials: 3-1/2” floppies or a flash drive to store your work for the class. 3-1/2” floppies or a flash drive to store your work for the class. CISS 301 5
Course Description: With the threats of cyber-terrorism and corporate espionage increasing, the need for trained network security professionals continues to grow. This course covers penetration-testing tools and techniques that White Hat Hackers and security testers use to protect computer networks. This course provides a structured knowledge base for preparing security professionals to discover vulnerabilities and recommend solutions for tightening network security and protecting data from potential attackers. The issue of ethics is also discussed. With the threats of cyber-terrorism and corporate espionage increasing, the need for trained network security professionals continues to grow. This course covers penetration-testing tools and techniques that White Hat Hackers and security testers use to protect computer networks. This course provides a structured knowledge base for preparing security professionals to discover vulnerabilities and recommend solutions for tightening network security and protecting data from potential attackers. The issue of ethics is also discussed. CISS 301 6
Student Learning Outcomes and Course Objectives: As a result of completing this course, you will be able to: SLO #01: UNDERSTAND ETHICAL HACKING CONCEPTS, INCLUDING THE TERM "ETHICAL HACKER,” AS WELL AS PENETRATION AND SECURITY TESTING CONCEPTS AND THE DIFFERENCES BETWEEN THEM SLO #01: UNDERSTAND ETHICAL HACKING CONCEPTS, INCLUDING THE TERM "ETHICAL HACKER,” AS WELL AS PENETRATION AND SECURITY TESTING CONCEPTS AND THE DIFFERENCES BETWEEN THEM –Describe the role of an ethical hacker –Differentiate between what you can or cannot do legally as an ethical hacker SLO #02: DESCRIBE MAJOR CONCEPTS AND ASPECTS OF THE TCP/IP PROTOCOL SUITE, INCLUDING EACH OF THE FOUR LAYERS OF THE PROTOCOL STACK: APPLICATION, TRANSPORT, INTERNET, AND NETWORK SLO #02: DESCRIBE MAJOR CONCEPTS AND ASPECTS OF THE TCP/IP PROTOCOL SUITE, INCLUDING EACH OF THE FOUR LAYERS OF THE PROTOCOL STACK: APPLICATION, TRANSPORT, INTERNET, AND NETWORK –Describe the TCP/IP protocol stack and be able to review the addressing schemes and how they relate to TCP/IP protocol and security –Explain the basic concepts of IP addressing –Explain the binary, octal, and hexadecimal numbering systems CISS 301 7
Student Learning Outcomes and Course Objectives - Continued: SLO #03: CATEGORIZE THE DIFFERENT TYPES OF MALICIOUS SOFTWARE AND THEIR EFFECT ON SOFTWARE OR HARDWARE SLO #03: CATEGORIZE THE DIFFERENT TYPES OF MALICIOUS SOFTWARE AND THEIR EFFECT ON SOFTWARE OR HARDWARE –Critique the physical security attacks and their vulnerabilities –Describe the different types of malicious software –Classify the different methods of protecting against malware attacks –Evaluate the different types of network attacks and how they can be prevented SLO #04: EVALUATE THE VARIOUS TOOLS USED FOR PORT SCANNING SLO #04: EVALUATE THE VARIOUS TOOLS USED FOR PORT SCANNING –Research the different types of port scans currently being used, the tools available to most hackers, the tools’ purpose and function –Reason what ping sweeps are used for –Uncover how shell scripting is used to automate security tasks CISS 301 8
Student Learning Outcomes and Course Objectives - Continued: SLO #05: ANALYZE SEVERAL NETWORK SECURITY DEVICES THAT SECURITY PROFESSIONALS AND NETWORK ADMINISTRATORS CAN USE TO BETTER PROTECT THEIR NETWORKS SLO #05: ANALYZE SEVERAL NETWORK SECURITY DEVICES THAT SECURITY PROFESSIONALS AND NETWORK ADMINISTRATORS CAN USE TO BETTER PROTECT THEIR NETWORKS –Critique the advantages and disadvantages of different Intrusion Detection (IDS) technology currently available –Critique the advantages and disadvantages of different software firewall technology currently available –Investigate honeypots, their purpose and usefulness in a network security plan CISS 301 9
Student Obligations: It is important that you understand what is expected of you in this course. It is important that you understand what is expected of you in this course. Refer to the syllabus if you have any questions. Refer to the syllabus if you have any questions. CISS
Attendance: Since this course is an online-hybrid class, only attendance at the Final Exam on July 31, 2012 is necessary. There will be weekly lab time on campus, and it is up to you to complete the lab assignments during the lab time or at home. Please note that failure to complete 10% of the total course work by the third week of the class may result in your being dropped from the course. Since this course is an online-hybrid class, only attendance at the Final Exam on July 31, 2012 is necessary. There will be weekly lab time on campus, and it is up to you to complete the lab assignments during the lab time or at home. Please note that failure to complete 10% of the total course work by the third week of the class may result in your being dropped from the course. Doing the labs themselves is not optional, but doing them at the college is. Doing the labs themselves is not optional, but doing them at the college is. I will be giving credit for students attending the lab on-campus. I will be giving credit for students attending the lab on-campus. Typically, each week we will be covering two chapters in your textbook. Typically, each week we will be covering two chapters in your textbook. Attendance for the on-campus final exam is required. Photo identification is required at the time of the exam to verify your identity. Attendance for the on-campus final exam is required. Photo identification is required at the time of the exam to verify your identity. CISS
Quizzes: Each week there will be a quiz that will test you on the material covered. Each week there will be a quiz that will test you on the material covered. –It is open-book and open-notes. –You can take the quiz multiple times to improve your score, but be aware that the questions may change each time you take quiz and that your last quiz score will be the one counted as your grade. Each quiz is worth 30 points. Each quiz is worth 30 points. CISS
Discussions: I want everyone to take a pro-active approach to learning this material. This includes using the Discussions link to ask questions and also answer other students’ questions. I will be posting questions to further your understanding of the material. I want everyone to take a pro-active approach to learning this material. This includes using the Discussions link to ask questions and also answer other students’ questions. I will be posting questions to further your understanding of the material. I expect each student to post two discussions each week unless otherwise noted. I expect each student to post two discussions each week unless otherwise noted. –You can accomplish this task by asking questions about the current discussion topic or by responding to existing questions. –My expectation from you is that you will write at least 2- to 3- sentence responses that add substance to the discussion. Each discussion item is worth 20 points. Each discussion item is worth 20 points. CISS
Labs: We will be spending a lot of time working on lab activities. There will be 7 labs credited for homework for the class. The labs will consist of a combination of end-of-chapter questions review questions, case studies, and activities. We will be spending a lot of time working on lab activities. There will be 7 labs credited for homework for the class. The labs will consist of a combination of end-of-chapter questions review questions, case studies, and activities. Each lab has a set of review questions that you will need to answer in d2l in order for you to receive points for that assignment. Each lab has a set of review questions that you will need to answer in d2l in order for you to receive points for that assignment. You are responsible for making sure that your instructor receives your lab review. You are responsible for making sure that your instructor receives your lab review. Each lab assignment is worth 50 points. Each lab assignment is worth 50 points. CISS
Final Exam: The final exam will consist of two parts. One part will be a hands-on practical demonstration of assigned tasks, and the other part will be an exam taken in d2l. The final exam will consist of two parts. One part will be a hands-on practical demonstration of assigned tasks, and the other part will be an exam taken in d2l. The final exam will be on Tuesday, July 31, The final exam will be on Tuesday, July 31, –I will be having a review session the week before to help you. CISS
Due Dates: Unless noted, all assignments will be submitted in d2l under the Dropbox link. Unless noted, all assignments will be submitted in d2l under the Dropbox link. –If, for any reason, you cannot access d2l or are unable to submit the assignment on time, please it to me instead so that you are not penalized for being late. Quizzes and the discussions items cannot be taken past their due date. Quizzes and the discussions items cannot be taken past their due date. –If you miss a quiz and you want to make up points, you can take advantage of the extra credit assignments posted in d2l. –Everyone is welcome to work on the extra credit assignments. Typically, they are 5 to 10 points each, depending on the difficulty of the assignment. CISS
Late Work: Unless noted, all assignments are due on Tuesday by midnight each week. Unless noted, all assignments are due on Tuesday by midnight each week. –I have identified the due dates in the course schedule. –Late work will be accepted ONLY if you have contacted me prior to the due date either by or voice mail. –In general, late work is due the next week, and no late assignments may be turned in after one week from the original due date regardless of the reason. –For every day an assignment is late, you will lose 10% of its grade. CISS
Plagiarism Policy/Cheating: Plagiarism: It is inappropriate, and a violation of academic policy, to copy information from any source (including, but not limited to, textbooks, magazine articles, newspaper articles and internet articles) without giving proper credit to the author by using standard quotation procedures such as in-line quotes, footnotes, endnotes, etc. Quotes may not exceed 25% of the assignment's total length. You will receive no credit (0 points) for any assignment that copies any material from any other source without giving proper credit to the author(s). Repeat offenders of this policy are subject to academic discipline as outlined in the policies published by the college. It is inappropriate, and a violation of academic policy, to copy information from any source (including, but not limited to, textbooks, magazine articles, newspaper articles and internet articles) without giving proper credit to the author by using standard quotation procedures such as in-line quotes, footnotes, endnotes, etc. Quotes may not exceed 25% of the assignment's total length. You will receive no credit (0 points) for any assignment that copies any material from any other source without giving proper credit to the author(s). Repeat offenders of this policy are subject to academic discipline as outlined in the policies published by the college.Cheating: Students who cheat will receive a failing grade for the course. See the Student Behavior and Academic Integrity page of the college website ( Behavior_and_Academic_Integrity.htm). Students who cheat will receive a failing grade for the course. See the Student Behavior and Academic Integrity page of the college website ( Behavior_and_Academic_Integrity.htm). CISS
CRC Honor Code: Academic integrity requires honesty, fairness, respect and responsibility. See the Cosumnes River College Honor Code posted on the college website ( guide/CRC-HonorCodeForm.pdf). Academic integrity requires honesty, fairness, respect and responsibility. See the Cosumnes River College Honor Code posted on the college website ( guide/CRC-HonorCodeForm.pdf). CISS 30119
Dropping: Students are responsible for dropping the course. Students are responsible for dropping the course. CISS
/Discussions Etiquette: Every student will be required to have an account. If you do not have an account, the college provides free accounts for all current students. To activate your account, go to and follow the directions provided. Every student will be required to have an account. If you do not have an account, the college provides free accounts for all current students. To activate your account, go to and follow the directions provided. I will not tolerate rude and demeaning comments or s to anyone in this class. Please keep your comments and s topic-related. If I determine that a comment or to anyone else in the class is rude or demeaning, I will warn you once. If your behavior continues to be unacceptable, I will refer you to the administration of the college for disciplinary action. I will not tolerate rude and demeaning comments or s to anyone in this class. Please keep your comments and s topic-related. If I determine that a comment or to anyone else in the class is rude or demeaning, I will warn you once. If your behavior continues to be unacceptable, I will refer you to the administration of the college for disciplinary action. CISS
Personal Belongings: No food or drinks are allowed in the classroom. No food or drinks are allowed in the classroom. All cell phones, beepers, pagers, etc. should be turned off or set to vibrate. All cell phones, beepers, pagers, etc. should be turned off or set to vibrate. –Any telephone calls need to be taken outside. CISS
Disabilities: If you have a documented disability and wish to discuss academic accommodations, please contact me after class or contact the Office of Disabled Student Programs and Services (DSPS) at as soon as possible. If you have a documented disability and wish to discuss academic accommodations, please contact me after class or contact the Office of Disabled Student Programs and Services (DSPS) at as soon as possible. CISS
Campus Police You can call to request a safety escort. You can call to request a safety escort. CISS
Online Course Responsibilities: This course requires significant self-motivation. You must not get behind. Labs and weekly assignments can take up to 8 hours to finish. Please don’t try to finish them in one day. Not all activities are created equal. Some may take a bit longer than others. This course requires significant self-motivation. You must not get behind. Labs and weekly assignments can take up to 8 hours to finish. Please don’t try to finish them in one day. Not all activities are created equal. Some may take a bit longer than others. You would normally spend 4 hours per week in class for this course: total of 54 hours. Allow yourself at least 8 hours per week to complete the activities online, including the time spent writing for the postings to the class discussions. You should plan additional time to read the textbook and study for the quizzes. You would normally spend 4 hours per week in class for this course: total of 54 hours. Allow yourself at least 8 hours per week to complete the activities online, including the time spent writing for the postings to the class discussions. You should plan additional time to read the textbook and study for the quizzes. Some people believe this is a much easier way to study this subject than an on-campus framework because they love to read and avoid the parking problems. Others feel very intimidated at first. Be patient as you work your way through the activities. Some people believe this is a much easier way to study this subject than an on-campus framework because they love to read and avoid the parking problems. Others feel very intimidated at first. Be patient as you work your way through the activities. CISS
Using Desire 2 Learn (d2l): How to log in: How to log in: –You will not be able to participate in the online portion of your class using Los Rios Online until you have enrolled in your course through your college's registration system. –Students registered as of the first day of the term should already have Los Rios Online accounts and be linked to the classes in which they are enrolled. To log on to your d2l account, open your web browser and go to the following URL: To log on to your d2l account, open your web browser and go to the following URL: Your User Name is the letter w followed by your Student ID number. Example: w Your User Name is the letter w followed by your Student ID number. Example: w Your password is your eServices password. Your password is your eServices password. CISS
Grading: Course Topic PointsTotal Approximate % the of Grade Labs (6) Orientation Quiz (1) 10 1 Quizzes (4) Discussions (6) Final Exam (1) Point System: There are 750 total assigned points. Grade Ranges: A= , B= , C= , D= , F=0-449 CISS
Sample Schedule: Day: Lecture/Lab Schedule: Assignment Due: Due Date (By Midnight): Week 1Tues.6/12 Orientation and Introductions Orientation Disc. Orientation Quiz Mon., 6/18 Ch 1: Ethical Hacking Overview View the Online Orientation Ch 2: TCP/IP Concepts Review Lab #1 Week 2Tues.6/19 Ch 3: Network and Computer Attacks Disc. #1 (Ch 1-2)Mon., 6/25 Ch4: Footprinting and Social Engineering Lab Review #1 Lab #2 CISS
Conclusion: Log into d2l and take the Orientation Quiz. It is due on Monday, June 18, Log into d2l and take the Orientation Quiz. It is due on Monday, June 18, Go to the Orientation Discussion and introduce yourself to the class. Go to the Orientation Discussion and introduce yourself to the class. Registered students for the class have access to d2l and can log into the campus network. Registered students for the class have access to d2l and can log into the campus network. any questions you might have to me. any questions you might have to me. CISS