Skip to main content

Weekly Schedule

Winter 2018

Instructor:

Austin (SAA)
Craig Barretto (craig.barretto@senecacollege.ca)

1 credit

Quiz and Labs ( 4 Quiz, 7 Labs (15%))
- Logbooks due April 10th, 2018
Assignments (2) 20%
- Assignment 1 - Due Date March 9
- Assignment 2 - Due Date TBA
Tests (2) 30%
- Written Test - March 8
- Lab Test - March 15
Final Test 35%

Week 1

Learning Objectives and Tasks	Course Notes / Assigned Reading	Labs/Evaluations
Course Introduction:	Slides (Concepts): [odp] [pdf] [ppt] Course Intro / The "Security Mind"	Lab 1: Set-Up for Labs: Setup Hard Disk Pack for Labs
- SEC520 OER	Reading References:
- Course Outline	- Computer Security Basics (E-book) (Chapter 1: The New Insecurity)
- Course Policies	- Inside the Security Mind, Making the Tough Decisions (E-Book) (Chapters 1 - 3)
- Required Materials	- Penetration Tester's Open Source Toolkit (E-book) (Chapter 2: Reconnaissance)
- Lab Setup	Resources:
	- SEC520 WIKI
	- Course Outline
	- Required Materials are listed in your Supplies Checklist. Other materials and references are noted week by week.

Week 2

Learning Objectives and Tasks	Course Notes / Assigned Reading	Labs/Evaluations
Developing a "Security Mind":	Slides (Concepts): [odp] [pdf] [ppt] Penetration Testing: Reconnaissance	Lab 2: Penetration Testing: Reconnaissance
- 4 Virtues of Internet Security	Reading References:
- 8 Rules of Internet Security	- Inside the Security Mind, Making the Tough Decisions (E-Book) (Chapters 1 - 3)
- Penetration Testing:	- Penetration Tester's Open Source Toolkit (E-book) (Chapter 2: Reconnaissance)
- Reconnaissance:	YouTube Videos: Reconnaissance
- Information Gathering
- Foot-printing
- User Information
- Verification

Week 3

Learning Objectives and Tasks	Course Notes / Assigned Reading	Labs/Evaluations
Scanning, Enumeration, & Vulnerability Testing:	Slides (Concepts): [odp] [pdf] [ppt] Scanning & Enumeration	Lab 3: Penetration Testing Continued: Scanning, Enumeration, & Vulnerability Testing
- Penetration Testing (Continued):	Reading References: Penetration Tester's Open Source Toolkit (E-book) (Chapter 3)
- Scanning	YouTube Videos:
- Enumeration	- Scanning 1, Scanning 2
- Vulnerability Testing	- Enumeration
	- Online Pen-Test Scanner
	- Prep for Metasploit
	Resources: Nmap Reference Guide (How to use nmap utility to scan ports)

Week 4

Learning Objectives and Tasks	Course Notes / Assigned Reading	Labs/Evaluations
Scanning, Enumeration, & Vulnerability Testing:	Slides (Concepts): [odp] [pdf] [ppt] Vulnerability Testing	Lab 3: Continue Working on Lab 3
- Vulnerability Testing	Reading References: Penetration Tester's Open Source Toolkit (E-book) (Chapter 3)
	YouTube Videos:
	- Vulnerability Testing - Overview
	- Nessus
	- Accessing System Via Metasploit (web-browser)
	Resources:
	- Setting up the Metasploit database
	- First Metasploit Payload
	- Using Armitage (Metasploit Framework)

Week 5

Learning Objectives and Tasks	Course Notes / Assigned Reading	Labs/Evaluations
Types of Attacks:	Slides (Concepts): [odp] [pdf] [ppt] Types of Attacks	Lab 4: Attack Categories: Types of Attacks
- Client-side Attacks:	Reading References: Penetration Tester's Open Source Toolkit (E-book) (Chapter 4,5,6)	WARNINGS!
- Phishing	YouTube Videos:	1. Scanning ports must require the permission of Server Owner (preferably in writing). Student must either work in Security lab to scan each others' ports, or sign an agreement to scan any server.
- Webbrowser - Malicious Payloads	- Phishing
- IP Spoofing (Man in the Middle) / Password	- Malicious Payload
- Server-side Attacks:	- IP Spoofing
- Out-dated Software Patches	- Database Injection
- Database Injection	- Password Cracking
- Password Cracking	Resources:
	- ATLAS Web-page (Active Threat Level Analysis System)
	- Top Security Risks 2009 (SANS Institute)
	- Webgoat

Week 6

Learning Objectives and Tasks	Course Notes / Assigned Reading	Labs/Evaluations
Moved until after the break	Slides (Concepts):	Assignment #1: Assignment Instructions
Hardening Windows 7/8/10:	- [odp] [pdf] [ppt] Hardening - Basic Concepts	Continue working on Lab 4 and install Webgoat
- Installing and Configuring Security Configuration Wizard	- [odp] [pdf] [ppt] Hardening Windows	Quiz 2 (February 22)
- Using New Technology File System (NTSF)	Reading References:
- Configuring Automatic Updates	- Intrusion Discovery - Windows
Test #1: Details, March 6th	- Hardening Windows, 2nd Edition (Chapter 5 - Pages:)
	- "Know Your Enemy: The Script Kiddie"
	YouTube Videos: Blind MySQL injection video
	Resources:

Week 7

Learning Objectives and Tasks	Course Notes / Assigned Reading	Labs/Evaluations
Midterm (Test #1 March 6th):		Lab 5: Hardening Windows 7/8/10
- (Check course announcements for test details)		Work on Assignment #1

Study Week

Learning Objectives and Tasks	Course Notes / Assigned Reading	Labs/Evaluations

Week 8

Learning Objectives and Tasks	Course Notes / Assigned Reading	Labs/Evaluations
Types of Penetration Testing:	Slides (Concepts): See Blackboard	Lab 6: Work on vulnerable Windows 7 VM CTF
- Network		Assignment #1 Due
- Access Control
- Infrastructure / Patching
- Physical/Building Security
- Social Engineering

Week 9

Learning Objectives and Tasks	Course Notes / Assigned Reading	Labs/Evaluations
Passwords, Pwn'ing, & Pillaging	Slides (Concepts): See Blackboard	Lab 7: Continue to work on vulnerable Windows 7 VM CTF

Week 10

Learning Objectives and Tasks	Course Notes / Assigned Reading	Labs/Evaluations
Metasploit and Metasploitable 2		Labs:

Week 11

Learning Objectives and Tasks	Course Notes / Assigned Reading	Labs/Evaluations
		Lab 8:

Week 12

Learning Objectives and Tasks	Course Notes / Assigned Reading	Labs/Evaluations
Work on Assignment #2: Complete Report		Assignment #2 Due:

Week 13

Learning Objectives and Tasks	Course Notes / Assigned Reading	Labs/Evaluations
Final Exam Review: Details

Exam Week

Learning Objectives and Tasks	Course Notes / Assigned Reading	Labs/Evaluations

Winter 2018
Week 1
Week 2
Week 3
Week 4
Week 5
Week 6
Week 7
Study Week
Week 8
Week 9
Week 10
Week 11
Week 12
Week 13
Exam Week