ISAT 316 - SIUMichael T. Simpson, Kent Backman, James Corley (2011). Hands-on Ethical Hacking and...
Transcript of ISAT 316 - SIUMichael T. Simpson, Kent Backman, James Corley (2011). Hands-on Ethical Hacking and...
-
ISAT 316
Information Assurance I
Fall - 2014
Faculty Information
Instructor: Tom Imboden
Mailbox: ASA School of Information Systems and Applied Technologies Room 106
Mailcode: 6614
Phone: (618) 453-7296
E-mail: [email protected]
Office Location: ASA – C109
Office hours: Tuesday 8:30AM – 12:30AM, Thursday 8:30AM – 10:30AM
Course Information
Credit Hours: 3
Course Location: ASA 113/208
Course Meeting Times: Tuesday & Thursday 12:35PM – 1:50PM (in class section)
Course Prerequisite: ISAT 224
Course Description: This course will provide students with fundamental understanding of a wide range of data
storage devices, techniques, and systems ranging from individual standalone drives to large storage system
clusters. Focus will be placed on enterprise storage systems in conjunction with lab exercises. Methods to
create secure and recoverable storage systems and forensic discovery.
Required Textbook
Michael T. Simpson, Kent Backman, James Corley (2011). Hands-on Ethical Hacking and Network Defense,
(2nd Ed.). Course Technology. ISBN-10: 1435486099 or ISBN-13: 9781435486096
Required Materials
SIU email account – all instructor communication will be directed to this account.
Desire2Learn (D2L) account – all course materials and grades will be posted on D2L.
Access to a computer with Internet access and word processing program. You must be able to install applications and run internet accessing programs on this computer.
Message From Instructor
Welcome to ISAT 316! This course will take students through materials and labs modeled with an ethical
hacking approach to network security. A look at offensive computer and network attacks, with an emphasis on
strategies and methods of mitigating and preventing attack success, will give students a complete view of
modern threats to information systems and data. Hands-on labs will be used in conjunction with interesting
assignments throughout the course.
Course Description
This course will explore the various means that an intruder has available to gain access to computer resources.
We will investigate weaknesses by discussing the theoretical background behind, and whenever possible,
actually performing the attack. We will then discuss methods to prevent/reduce the vulnerability.
-
Course Objectives
Upon successful completion of the course, the student should be able to:
1. Analyze security vulnerabilities of a network and develop a set of solutions for specific networking scenarios.
2. Identify security tools including, but not limited to intrusion detection and firewall software. 3. Exhibit an understanding of the threats posed by viruses to networks through the development of
appropriate protection plans.
4. Find and utilize available online resources as they pertain to developing a secure system. 5. Develop comprehensive plans for network security using a full range of available tools.
Specific topic coverage includes:
Ethical Hacking Overview Desktop and Server OS Vulnerabilities
TCP/IP Concepts Review Embedded Operating Systems
Network and Computer Attacks Hacking Web Servers
Footprinting and Social Engineering Hacking Wireless Networks
Port Scanning Cryptography
Enumeration Network Protection Systems
Programming for Security Professionals
Course Grading Breakdown
Grade Type Quantity and value Total
Quizzes (1 per chapter) 14 @ 20 points 280
Exam1 (Chapter 1 – 7) 1 @ 100 points 100
Exam 2 (Chapter 8 – 13, Access Control) 1 @ 100 points 100
Homework (1 per chapter) 14 @ 20 points 280
Labs 12 @ 20 points 240
COURSE TOTAL 1000
Course Policy and Procedure (not all applicable to distance education students)
Arrive to class on time and prepared.
Laptops can be used to take notes during class lectures and should be used as a learning tool and not an entertainment device during classroom lectures or at other times when course work is expected.
No text messaging in class. If you do this, you will be asked to leave. Turn all cell phones to off, silent.
Points for quizzes, labs, and other in class assignments will be forfeited in the event of an unplanned absence. Instructor must be notified before class start time for an absence to be excused.
Participate in class discussions.
Attend all lab sessions and participate with lab partners.
Turn in homework assignments by due date and time. Late submissions not accepted.
Adhere to the SIUC Student Code of Conduct and any applicable SIU IT acceptable usage policies.
Read, understand, sign and return the Class Computer Usage and Security Tools Usage Agreement by the fourth class period. Failure to do so will prohibit you from participating in class. Distance learning
students can email a statement agreeing to comply.
Participate fully in all group labs and assignments.
Utilize tact and civility in your communication with the instructor and classmates.
Submit assignments in either Microsoft Word (DOC/DOCX) or OpenOffice (ODT) format.
-
Course Grading The student’s final course grade will be determined based on the following scale:
A 100% – 90%
B 89% – 80%
C 79% – 70%
D 69% – 60%
F 59% or lower
Assignment Submission and Due Dates
All assignments must be submitted through Desire2Learn by the given due date and time. If Desire2Learn is
not working, email it to the instructor. Late assignments will not be accepted. The instructor reserves the right
to extend due dates. All labs must be completed during the assigned lab time unless otherwise instructed.
Students' final exams/labs must be attended and completed by students during the assigned time.
Syllabus Modification
The professor reserves the right to make changes as may be required to the course syllabus and the online
version. Students will be notified of syllabus changes by posting a notice on the course Desire2Learn.
Instructor Communication
The SIUC Desire2Learn system will be used by the instructor to provide all class documents, assignments,
announcements and other information relevant to the class. Email communication from the instructor to
individual student email accounts will only be sent to SIU email accounts that are registered in the D2L system.
The instructor does not check email 24x7, typically only during regular business hours. All assignments unless
otherwise directed should be submitted through Desire2Learn.
Plagiarism Policy
Suspected incidents of plagiarism, whether intentional or unintentional, will be forwarded to the appropriate
administrator. Directly copying from resources without proper citation is never acceptable. The instructor
reserves the right to assign the student an “F” for the course for instances of plagiarism.
Final Exam Schedule
The final exam will be available during the university scheduled final exam week for distance learning students.
In class students will take the exam on Tuesday, December 9th from 12:00PM to 1:45PM.
Useful Resources
Desire2Learn - http://online.siu.edu
MSDNAA – http://goo.gl/VXeo29
VMware Academic Program – http://goo.gl/s7oCp5
http://online.siu.edu/http://goo.gl/VXeo29http://goo.gl/s7oCp5
-
ISAT 316 Class Computer Usage and Security Tools Usage Agreement
During the course of SIUC's ISAT 316 classes, instructed by Tom Imboden, students will be exposed to
principles and knowledge directly relating to computer, information systems, and network security. This
includes the introduction of the students to tools and techniques which have valid purposes and applications in
specific security or auditing instances, but could be considered harmful to said networks or systems, or even
illegal if used under incorrect or inappropriate situations. Assistant Professor Tom Imboden provides this
information as part of coursework aimed at improving a student's ability to understand security of computer
networks and systems in order for students to use this knowledge and skills in situations that are legal and
authorized.
In order to attend and participate in these courses, students are required to agree to the terms outlined in this
document and corresponding course syllabi. Students who do not agree to these terms and sign and return this
document to Tom Imboden will not be able to participate in class.
I have read and understand the information in the course syllabi as provided to me in class or through the SIU
Desire2Learn system.
I agree that I will not use any knowledge or tools gained in class for criminal activity.
I agree that I will only perform class labs or apply knowledge learned in class on the equipment that is designated by
the instructor for these purposes.
I agree that I will not use any of the tools or security knowledge on computer systems or networks that I do not own or
have written authorization by the owner to do so.
I agree to abide by all SIU student codes of conduct and Information Technology and network usage agreements.
I agree that all information gained in SIUC courses is for educational purposes only.
I agree that I will not participate in any activities that may be illegal or unethical.
I agree that I will not perform any activities that may cause degraded computer or network performance, either
intentionally or unintentionally, on any network that I do not own completely and is isolated from other networks.
I agree that I will not hold SIUC or Tom Imboden liable for any lawsuits, either criminal or civil, that may result from
my intentional or unintentional use of security or computer network skills or tools.
Name of Student Signature and Date
-
¹ Southern Illinois University Carbondale. (2013). Pathways to Excellence: A Strategic Plan. Fall 2014 R.O’Rourke Retrieved from http://chancellor.siu.edu/_common/docs/A_Strategic_Plan.pdf
Syllabus Attachment Fall 2014
IMPORTANT DATES * Semester Class Begins …………………………………………….08/18/2014
Last day to add a class (without instructor permission): ………….08/24/2014
Last day to withdraw completely and receive a 100% refund: ….08/31/2014
Last day to drop a course using SalukiNet: ……………………….10/26/2014
Last day to file diploma application (for name to appear in Commencement
program): ………………...………………………………………..10/31/2014
Final examinations: …………………………………………12/8–12/12/2014
Note: For outreach, internet, and short course drop/add dates, visit
Registrar’s Academic webpage http://registrar.siu.edu/
FALL SEMESTER HOLIDAYS
Labor Day 09/01/2014
Fall Break 10/11—10/14/2014
Veterans Day 11/11/2014
Thanksgiving Vacation 11/26—11/30/2014
WITHDRAWAL POLICY ~ Undergraduate only
Students who officially register for a session may not withdraw merely by the
stopping of attendance. An official withdrawal form needs to be initiated by the
student and processed by the University. For the proper procedures to follow
when dropping courses and when withdrawing from the University, please visit
http://registrar.siu.edu/pdf/ugradcatalog1314.pdf
INCOMPLETE POLICY~ Undergraduate only
An INC is assigned when, for reasons beyond their control, students engaged in
passing work are unable to complete all class assignments. An INC must be
changed to a completed grade within one semester following the term in which
the course was taken, or graduation, whichever occurs first. Should the student
fail to complete the course within the time period designated, that is, by no
later than the end of the semester following the term in which the course was
taken, or graduation, whichever occurs first, the incomplete will be converted
to a grade of F and the grade will be computed in the student's grade point
average. For more information please visit:
http://registrar.siu.edu/grades/incomplete.html
REPEAT POLICY
An undergraduate student may, for the purpose of raising a grade, enroll in a
course for credit no more than two times (two total enrollments) unless
otherwise noted in the course description. For students receiving a letter grade
of A,B,C,D, or F, the course repetition must occur at Southern Illinois
University Carbondale. Only the most recent (last) grade will be calculated in
the overall GPA and count toward hours earned. See full policy at
http://registrar.siu.edu/pdf/ugradcatalog1314.pdf
GRADUATE POLICIES
Graduate policies often vary from Undergraduate policies. To view the
applicable policies for graduate students, please visit
http://gradschool.siu.edu/about-us/grad-catalog/index.html
DISABILITY POLICY
Disability Support Services provides the required academic and programmatic
support services to students with permanent and temporary disabilities. DSS
provides centralized coordination and referral services. To utilize DSS
services, students must come to the DSS to open cases. The process involves
interviews, reviews of student-supplied documentation, and completion of
Disability Accommodation Agreements.
http://disabilityservices.siu.edu/
PLAGIARISM CODE http://pvcaa.siu.edu/_common/documents/Plagiarism/Guide%20to%20Preventing%20Plagiarism.pdf
SALUKI CARES
The purpose of Saluki Cares is to develop, facilitate and coordinate a
university-wide program of care and support for students in any type of
distress—physical, emotional, financial, or personal. By working
closely with faculty, staff, students and their families, SIU will continue
to display a culture of care and demonstrate to our students and their
families that they are an important part of the community. For
Information on Saluki Cares: (618) 453-5714, or [email protected],
http://salukicares.siu.edu/index.html
EMERGENCY PROCEDURES
Southern Illinois University Carbondale is committed to providing a
safe and healthy environment for study and work. We ask that you
become familiar with the SIU Emergency Response Plan and Build-
ing Emergency Response Team (BERT) programs. Emergency re-
sponse information is available on posters in buildings on campus,
available on BERT’s website at www.bert.siu.edu, Department of Safe-
ty’s website at www.dps.siu.edu (disaster drop down) and the Emergen-
cy Response Guideline pamphlet. Instructors will provide guidance and
direction to students in the classroom in the event of an emergency af-
fecting your location. It is important that you follow these instructions
and stay with your instructor during an evacuation or sheltering
emergency.
INCLUSIVE EXCELLENCE
SIU contains people from all walks of life, from many different
cultures and sub-cultures, and representing all strata of society,
nationalities, ethnicities, lifestyles, and affiliations. Learning from and
working with people who differ is an important part of education as well
an essential preparation for any career. For more information please
visit: http://www.inclusiveexcellence.siu.edu/
MORRIS LIBRARY HOURS
http://www.lib.siu.edu/about
LEARNING AND SUPPORT SERVICES
Help is within reach. Learning support services offers free tutoring on
campus and math labs. To find more information please visit the Center
for Learning and Support Services website:
Tutoring : http://tutoring.siu.edu/
Math Labs http://tutoring.siu.edu/math_tutoring/index.html
WRITING CENTER
The Writing Center offers free tutoring services to all SIU students and
faculty. To find a Center or Schedule an appointment please visit
http://write.siu.edu/
AFFIRMATIVE ACTION & EQUAL OPPORTUNITY
Our office's main focus is to ensure that the university complies with
federal and state equity policies and handles reporting and investigating
of discrimination cases. For more information visit:
http://diversity.siu.edu/#
Additional Resources Available: SALUKINET: https://salukinet.siu.edu/cp/home/displaylogin
ADVISEMENT: http://advisement.siu.edu/
“We emphasize student achievement and success because achievement and
success are essential if we are to shape future leaders and transform lives.” ¹ http://pvcaa.siu.edu/
http://chancellor.siu.edu/_common/docs/A_Strategic_Plan.pdfhttp://registrar.siu.edu/http://registrar.siu.edu/pdf/ugradcatalog1314.pdfhttp://registrar.siu.edu/grades/incomplete.htmlhttp://registrar.siu.edu/pdf/ugradcatalog1314.pdfhttp://gradschool.siu.edu/about-us/grad-catalog/index.htmlhttp://disabilityservices.siu.edu/http://salukicares.siu.edu/index.htmlhttp://tutoring.siu.edu/http://www.lib.siu.edu/abouthttp://tutoring.siu.edu/http://tutoring.siu.edu/math_tutoring/index.htmlhttp://write.siu.edu/http://diversity.siu.edu/#https://salukinet.siu.edu/cp/home/displayloginhttp://advisement.siu.edu/