vcc.ca
ITOP 2415: Network Exploits, Vulnerabilities and Penetration Testing
Effective date
September 2021
Department
IT Operations
School
Continuing Studies
Description
This course introduces students to the art of ethical hacking and security testing. The course covers the legality of ethical hacking, TCP/IP, malicious software, security attacks, enumeration, programming concepts, vulnerabilities of operating systems, cryptography basics and network protection systems. Students will learn up-to-date techniques in protecting and defending their networks for internal and external intruders. Students will work in groups to find vulnerabilities in the network and try to exploit that vulnerability using various hacking tools.
Credits
4.5
Year of study
2nd Year Post-secondary
Prerequisites
ITOP 2411; ITOP 2204.
Corequisites
None
Course Learning Outcomes
Upon successful completion of this course, students will be able to:
- Describe the role of an ethical hacker
- Describe methods of protecting against malware attacks
- Explain different types of port scans
- Discuss the enumeration step of security testing
- Use basic tools used to perform attacks on web servers
- Describe intrusion detection systems
Prior Learning Assessment & Recognition (PLAR)
Please see Program Content Guide.
Hours
Lecture, Online, Seminar, Tutorial: 72
Total Hours: 72
Total Hours: 72
Instructional Strategies
Students will engage with the material through a combination of interactive learning methods, such as hands-on activities, case studies, simulations, group work/discussions, demonstration and troubleshooting of problem-based tasks, projects, and exams.
Grading System
Letter Grade (A-F)
Passing grade
C
Evaluation Plan
|
Type |
Percentage |
Assessment activity |
|
Assignments |
50 |
Five to ten assignments (in-class and take home) |
|
Quizzes/Tests |
20 |
Two to four quizzes. |
|
Final Exam |
30 |
|
Course topics
- Introduction to Ethical Hacking Overview of TCP/IP, IP Addressing, numbering system Malicious software and malware/intruder attacks Addressing physical security Using web tools for footprinting Conducting competitive intelligence Using DNS zone transfers Social engineering Port scanning and tools, and ping sweeps Understanding scripting Enumeration - Windows and Unix-like OS Programming concepts Vulnerabilities (OS/web-applications) and tools for identification Hardening an OS Tools for web attackers and security testers Wireless technologies, authentication, war driving and wireless hacking Cryptography basics, algorithms, PKI, and attacks Routers, firewalls, IDS, IPS, and honeypots Security devices Trivial File Transfer Protocol (TFTP) server Password and hashcat cracking Vulnerability testing Password recovery Social-Engineer Toolkit Penetration testing, remediation, and reporting Metasploit framework Attacker techniques and methodologies
Learning resources
Hands-On Ethical Hacking and Network Defense by Michael Simpson and Nicholas Antill
Notes:
- Course contents and descriptions, offerings and schedules are subject to change without notice.
- Students are required to follow all College policies including ones that govern their educational experience at VCC. Policies are available on the VCC website at:
https://www.vcc.ca/about/governance--policies/policies/. - To find out if there are existing transfer agreements for this course, visit the BC Transfer Guide at https://www.bctransferguide.ca.