Textbook: Simpson, Michael T. Hands-On Ethical Hacking and Network Defense. Thomson Course Technology, 2006.
Reading:
Textbook – Chapter 9, pp. 195–227
Assignments:
Review Questions (RQ):
Chapter 9, pp. 228–230
Hard Drives Required for LAB.
Lab(s):
LAB 1: LINUX PROGRAMMING
Refer to emailed handout.
LAB 2: FINDING LINUX ROOTKITS ON THE INTERNET
Perform activity 9-6, Chapter 9, pp.215 of your text book. After completing the activity, answer the following questions:
1. What can be the impact of rooting the commands that you listed?
2. If you visit the Web site http://www.securityfocus.com/infocus/1539, it demonstrates several tasks that you can do to harden Linux against attacks. Which of these can help prevent rootkit installs?
Evaluation Criteria:
1. Did the students recognize that the rooting of many of these commands gives up monitoring and control of their system?
2. Were the students able to relate the rooting with the methods that could have prevented the rooting of the system?
Deliverables and format: Assignment due at the end of class.
Submit your answer in a Microsoft Word document.
Font: Arial; 11
Line Spacing: Double
Graded Research Assignment 1 (RA1)
Title: Securing Linux Server against Unauthorized Intrusion
Introduction: Whether it is a Linux server or Microsoft server, within its defined role, it is essential to secure that resource. It is important to understand how the server roles relate to the methods that help secure these devices. This assignment will assist you in making those connections. Visit the URL http://www.aboutdebian.com/security.htm, and read about network security in Linux server. Next, in a Word document:
1. Describe the four types of Linux servers.
2. Describe the broad security categories according to Debian.
3. For each security category, list two techniques that can assist in securing a Linux system and why you think that technique is of assistance.
Evaluation Criteria:
1. Did the student describe four types of servers:
a. Application Servers
b. File Servers
c. Network Security Servers
d. Firewall servers and Web servers
2. Did the student describe the four categories of security?
3. Did the student list two techniques for each security category and explained how these techniques can help?
Deliverables and format: Assignment due at the end of class.
Submit your answer in a Microsoft Word document.
Font: Arial; 11
Line Spacing: Double
Submit each assignment type as a separate attachment (CA1, LABs, RQ)
Refer to General Course Information for Email and Assignment Instructions.
Wednesday, January 28, 2009
Wednesday, January 21, 2009
IS317 Unit 6 Microsoft Operating System Vulnerabilities
Textbook: Simpson, Michael T. Hands-On Ethical Hacking and Network Defense. Thomson Course Technology, 2006.
Reading:
Textbook –
Chapter 8, pp. 167–189
Quiz on Chapter 8 Reading Assignment.
Check your email for quiz.
Assignments:
Review Questions (RQ):
Chapter 8, pp. 190–192
Hard Drives Required for LAB.
Lab(s):
LAB 1: DOWNLOADING AND INSTALLING MBSA
Complete Activity 8-1, Chapter 8, pp. 175 from your textbook Hands-On Ethical Hacking and
Network Defense
Submit a screen shot showing the Microsoft Baseine Security Analyzer Setup
LAB 2: USING MBSA TO SCAN LOCAL COMPUTER Evaluation Criteria
Complete Activity 8-4, Chapter 8, pp.182 from your textbook Hands-On Ethical Hacking and
Network Defense.
Submit a Microsoft Word document for step 4.
Deliverables and format: Assignment due at the beginning of the next class.
Submit your answer in a Microsoft Word document.
Font: Arial; 11
Line Spacing: Double
Submit each assignment type as a separate attachment (CA1, LABs, RQ)
Refer to General Course Information for Email and Assignment Instructions.
Reading:
Textbook –
Chapter 8, pp. 167–189
Quiz on Chapter 8 Reading Assignment.
Check your email for quiz.
Assignments:
Review Questions (RQ):
Chapter 8, pp. 190–192
Hard Drives Required for LAB.
Lab(s):
LAB 1: DOWNLOADING AND INSTALLING MBSA
Complete Activity 8-1, Chapter 8, pp. 175 from your textbook Hands-On Ethical Hacking and
Network Defense
Submit a screen shot showing the Microsoft Baseine Security Analyzer Setup
LAB 2: USING MBSA TO SCAN LOCAL COMPUTER Evaluation Criteria
Complete Activity 8-4, Chapter 8, pp.182 from your textbook Hands-On Ethical Hacking and
Network Defense.
Submit a Microsoft Word document for step 4.
Deliverables and format: Assignment due at the beginning of the next class.
Submit your answer in a Microsoft Word document.
Font: Arial; 11
Line Spacing: Double
Submit each assignment type as a separate attachment (CA1, LABs, RQ)
Refer to General Course Information for Email and Assignment Instructions.
Wednesday, January 14, 2009
Unit 5 - Port Scanning and Enumeration
Textbook: Simpson, Michael T. Hands-On Ethical Hacking and Network Defense. Thomson Course Technology, 2006.
Reading:
Textbook –
Chapter 5, pp. 89–104
Chapter 6, pp. 109–133
Assignments:
Review Questions (RQ):
Chapter 5, pp. 105–107,
Chapter 6, pp. 133–136
Lab(s):
LAB 1: ENUMERATING A WINDOWS OPERATING SYSTEM
Complete Activity 6.2, Chapter 6, pp.117 from your textbook. This activity will help you examine several tools required to enumerate a Windows operating system.
To complete the activity, use the IP address of your computer rather than that of your partner’s computer. Following are the steps to find out the IP address of your computer. Perform these steps before you start the activity so that you have all the information required to complete it:
1. On the desktop, click Start.
2. Click All Programs.
3. Click Accessories.
4. Click Command Prompt.
5. Type IPCONFIG /ALL in the Command Prompt window.
6. Note the current IP address and host name of your computer. The host name is the same
as your computer name.
For this activity, you will also need to share files and folders. If you are running Windows XP with service pack 2, you need to enable file and print sharing to share your files. You can do this with the Windows XP Network Setup Wizard. To enable file and print sharing, you need to perform the following steps:
1. Click Start on the desktop.
2. Click All Programs.
3. Click Communications.
4. Click Windows XP Network Setup Wizard.
5. Complete the steps for enabling file and print sharing in this wizard.
6. Restart your computer. Ensure that you save all relevant work before restarting your computer.
After you complete Activity 6.2, answer the following questions:
1. What information can you obtain by using the Net View command on your PC?
2. What information can you obtain by using these tools on a corporate network?
3. What are the risks involved in file sharing?
Evaluation Criteria:
1. Did the students describe the shares observed on their computers?
2. Did the students observe that they could look at or use others’ shares on the same network?
3. Did the students describe the risks of file sharing?
4. Did the students describe the use of file sharing networks such as Kazaa or Morpheus?
Deliverables and format: Assignment due in class.
Submit a Microsoft Word document in not more than 150 words.
Font: Arial; 11 Line Spacing: Double
Case Assignment 1 (CA1)
Title: Windows Server 2003 Server Roles and Audit Events
Introduction:
Servers in an enterprise or organizational setting, in general, play a defined role. This role is based on the needs of the organization. Often, these needs conflict with the most effective methodology for securing these esources. A web server must be open to port 80 traffic if it is to serve public Web pages. This assignment helps identify the functional role of these resources and how to track potentially intrusive events.
This assignment has two parts:
Part A
In Table 3.1, describe the server roles and the functions that each type of server performs.
Audit account logon events
Table 3.1 Windows Server 2003 Server Roles
To be emailed to students
Part B
Using Table 3.2, write a paragraph on any four audit security settings and why Microsoft recommended that setting, based on the category of the illustrated server role:
Legacy Client—LC , Enterprise Client—EC, or Specialized Security-Limited Functionality—SS
Table 3.2: Audit Events Recommended By Microsoft
To be emailed to students
Evaluation Criteria:
• Did student fill in chart with all nine role/function information?
• Is the provided description sufficient for 100%, 50%, or 0 % credit for each server role?
• Did the student provide the following for each of the audit category
1 Description of the event
2 Opinion on why Microsoft recommended a particular setting
Deliverables and format: Assignment due at the beginning of the next class.
Submit your answer in a Microsoft Word document in not more than 500 words.
Font: Arial; 11
Line Spacing: Double
Submit each assignment type as a separate attachment (CA1, LABs, RQ)
Refer to General Course Information for Email and Assignment Instructions.
Reading:
Textbook –
Chapter 5, pp. 89–104
Chapter 6, pp. 109–133
Assignments:
Review Questions (RQ):
Chapter 5, pp. 105–107,
Chapter 6, pp. 133–136
Lab(s):
LAB 1: ENUMERATING A WINDOWS OPERATING SYSTEM
Complete Activity 6.2, Chapter 6, pp.117 from your textbook. This activity will help you examine several tools required to enumerate a Windows operating system.
To complete the activity, use the IP address of your computer rather than that of your partner’s computer. Following are the steps to find out the IP address of your computer. Perform these steps before you start the activity so that you have all the information required to complete it:
1. On the desktop, click Start.
2. Click All Programs.
3. Click Accessories.
4. Click Command Prompt.
5. Type IPCONFIG /ALL in the Command Prompt window.
6. Note the current IP address and host name of your computer. The host name is the same
as your computer name.
For this activity, you will also need to share files and folders. If you are running Windows XP with service pack 2, you need to enable file and print sharing to share your files. You can do this with the Windows XP Network Setup Wizard. To enable file and print sharing, you need to perform the following steps:
1. Click Start on the desktop.
2. Click All Programs.
3. Click Communications.
4. Click Windows XP Network Setup Wizard.
5. Complete the steps for enabling file and print sharing in this wizard.
6. Restart your computer. Ensure that you save all relevant work before restarting your computer.
After you complete Activity 6.2, answer the following questions:
1. What information can you obtain by using the Net View command on your PC?
2. What information can you obtain by using these tools on a corporate network?
3. What are the risks involved in file sharing?
Evaluation Criteria:
1. Did the students describe the shares observed on their computers?
2. Did the students observe that they could look at or use others’ shares on the same network?
3. Did the students describe the risks of file sharing?
4. Did the students describe the use of file sharing networks such as Kazaa or Morpheus?
Deliverables and format: Assignment due in class.
Submit a Microsoft Word document in not more than 150 words.
Font: Arial; 11 Line Spacing: Double
Case Assignment 1 (CA1)
Title: Windows Server 2003 Server Roles and Audit Events
Introduction:
Servers in an enterprise or organizational setting, in general, play a defined role. This role is based on the needs of the organization. Often, these needs conflict with the most effective methodology for securing these esources. A web server must be open to port 80 traffic if it is to serve public Web pages. This assignment helps identify the functional role of these resources and how to track potentially intrusive events.
This assignment has two parts:
Part A
In Table 3.1, describe the server roles and the functions that each type of server performs.
Audit account logon events
Table 3.1 Windows Server 2003 Server Roles
To be emailed to students
Part B
Using Table 3.2, write a paragraph on any four audit security settings and why Microsoft recommended that setting, based on the category of the illustrated server role:
Legacy Client—LC , Enterprise Client—EC, or Specialized Security-Limited Functionality—SS
Table 3.2: Audit Events Recommended By Microsoft
To be emailed to students
Evaluation Criteria:
• Did student fill in chart with all nine role/function information?
• Is the provided description sufficient for 100%, 50%, or 0 % credit for each server role?
• Did the student provide the following for each of the audit category
1 Description of the event
2 Opinion on why Microsoft recommended a particular setting
Deliverables and format: Assignment due at the beginning of the next class.
Submit your answer in a Microsoft Word document in not more than 500 words.
Font: Arial; 11
Line Spacing: Double
Submit each assignment type as a separate attachment (CA1, LABs, RQ)
Refer to General Course Information for Email and Assignment Instructions.
Tuesday, January 6, 2009
Unit 4 - Footprinting and Social Engineering
Textbook: Simpson, Michael T. Hands-On Ethical Hacking and Network Defense. Thomson Course Technology, 2006.
Reading:
Textbook - Chapter 4, pp. 61–83
Assignments:
Review Questions (RQ): Chapter 4, pp. 84–86 Assignment due in class.
Lab(s):
LAB 1: Discovering Cookies on Web Browsers
Complete Activity 4-4, Chapter 4, pp. 73 from your textbook. After viewing these demonstrations, answer the following questions:
Deliverables and format: Assignment due in class.
Submit screenshots in a Microsoft Word document.
Font: Arial; 11 Line Spacing: Double
Case Assignment 1 (CA1): Using an E-mail Address to Determine the Operating system
Title: Network FootPrinting
Complete the exercise Case 4-1 on page 86 from Chapter 4 of your textbook. To understand the scenario for this exercise, read case 1-1 on page 17 of the textbook.
Deliverables and format: Assignment due at the beginning of the next class.
Submit your answer in a Microsoft Word document.
Font: Arial; 11
Line Spacing: Double
Submit each assignment type as a separate attachment (CA1, LABs, RQ)
Refer to General Course Information for Email and Assignment Instructions.
Reading:
Textbook - Chapter 4, pp. 61–83
Assignments:
Review Questions (RQ): Chapter 4, pp. 84–86 Assignment due in class.
Lab(s):
LAB 1: Discovering Cookies on Web Browsers
Complete Activity 4-4, Chapter 4, pp. 73 from your textbook. After viewing these demonstrations, answer the following questions:
Deliverables and format: Assignment due in class.
Submit screenshots in a Microsoft Word document.
Font: Arial; 11 Line Spacing: Double
Case Assignment 1 (CA1): Using an E-mail Address to Determine the Operating system
Title: Network FootPrinting
Complete the exercise Case 4-1 on page 86 from Chapter 4 of your textbook. To understand the scenario for this exercise, read case 1-1 on page 17 of the textbook.
Deliverables and format: Assignment due at the beginning of the next class.
Submit your answer in a Microsoft Word document.
Font: Arial; 11
Line Spacing: Double
Submit each assignment type as a separate attachment (CA1, LABs, RQ)
Refer to General Course Information for Email and Assignment Instructions.
Subscribe to:
Posts (Atom)
