University of Baltimore
Merrick School of Business
|office||BC 468||v-mail||(410) 837-5272|
Topics include security framework overview, footprinting, scanning, enumeration, hacking framework, backdoor servers and Trojans, rootkits, Windows (7, 8, 10) and Linux vulnerabilities, dialup, VPN and network devices vulnerabilities, firewalls, Intrusion Detection System (IDS), Denial of Service (DoS) and DDoS, buffer overflows, spyware, phishing, social engineering and protecting the Web end-user. This is a project-oriented course using a restricted access UB Lab to practice the use of hacking and security tools.
Class meetings: we will meet in class or in the MIS Lab every
other week , and on the Web in the other weeks.
All software used in the course is free so that students can install the software in their PCs. Students will also have accounts in the MIS Lab and will be able to install the software in the Lab machines and use the Windows 10 and Linux versions of the software when available.
Special note: Do not use the tools discussed in class outside of the MIS Lab, unless I specifically say so.
The course pre-requisite is INSS300 basic knowledge of
Information Technology and Networking.
The review project objective is to make each group familiar with the
MIS Lab machine they will use during the semester and review
basic network commands seen in chapter 2 of the textbook and
prior courses as INSS427, e.g. ipconfig, ping, tracert, nslookup,
arp, net commands, etc.
The projects are hands-on exercises in a given security aspect. Your grade in the projects will depend upon the content and structure of the final written report. The projects are to be made in groups of three to four students. Each group will be assigned to work in a MIS Lab machine throughout the semester, and will have administrative privileges in their respective machine. Each group will create a report with screen capture of what you did and post the report in the Assignments area of SAKAI. If the files become too large, please zip them before posting.
The mid-term exam is an in-class, online, multiple-choice, open book
exam on October 12covering
class materials and textbook chapters 1,2,5,6,8,11 and 13. The exam
will be comprised of forty or fifty questions. The
grades will be posted immediately in SAKAI, but the comments will
only be available the next day. There will be a sign up page in
class and be sure that you sign it.
The final exam is an in-class, online, multiple-choice, open book exam on December 14 covering class materials and textbook chapters 3,4,7,9,10,12 and 14. The exam will be comprised of forty or fifty questions. The grades will be posted immediately in SAKAI, but the comments will only be available the next day. There will be a sign up page in class and be sure that you sign it.
Suplemental reading (on reserve in
the Library) Content not included in course exams, will
help in the group projects.
Scambray,J., McClure,S., and Kurtz, G. Hacking Exposed, 7th ed, McGraw-Hill Professional Publishing, 2012. ISBN 0071780289.
|Day||5:30 - 6:50||7:00 - 8:00||Assignments|
|08/31||Course overview, Security
overview , Encryption.
|Windows security mechanisms. SAM vulnerabilities||Introduce yourself and select group in SAKAI|
Communications Model and Ethernet LANs, Other Ethernet Technologies. 
Meet in MIS Lab
| Microsoft Enterprise Concepts, TCP/IP
in Windows and Netbios
||Review project: MIS Lab acquaintance,
basic network tools due 09/13
|09/14||Malware [5:1-17] Windows Defender role change. Windows Defender vulnerability and Microsoft fix. Ransomware overview and as a business. Microsoft OneDrive and Dropbox Ransomware recovery.||Ransomware and SMB SMB levels and SMB Vulnerability severity. Disable SMBv1. Hackers Playbook: Ransomware special edition.||Project 1: Fix SAM and SMB vulnerabilities due
|09/21||Hacking Framework , Footprinting and Scanning. Enumeration. Tools for footprinting and scanning, and tools for enumeration (1,2,3) Meet in MIS Lab||Techniques Used by Hackers [6:1-14] , Google Hacking , Cyber Detective ||Project 2 - footprinting, scanning and enumeration. due 10/04|
Windows (4). Network and Vulnerability Scanning  using MSBA and Nessus.
||Readings on security in Windows Pwned Passwords||Finish working on Project 2
of Linux, and SSH
in Linux and Windows. Installing Ubuntu bash shell in Windows 10.
Meet in MIS Lab
|Information in Linux , Handy Commands and Networking in Linux. More in bash in Windows.||Project 3 - testing Windows security due 10/18|
|Midterm Exam||Finish working on Project 3|
|More in Linux security||Project 4 - testing UNIX/Linux security
|10/26||Wireless hacking (8) Readings in wireless security||Remote Connectivity, VPN and Network devices (7) and Readings in VPN and Network devices security||Finish working on Project 4
attacks  Other articles
|Firewalls and Intrusion Detection Systems ||Project 5 - testing network and wireless
devices due 11/18
||Hacking Hardware (9) and Web hacking and the Internet user (10)||Mobile Hacking (11)||Finish working on Project 5
||Remote Control and Advanced Techniques and
More in Advanced Techniques. [5:18-34] Other resources on hacking code: packetstorm and bugtraq
|Techniques Used by Hackers [6:15-22], Exploitation:
Buffer Overflow,SQL injection, Adobe files and Kali Linux DB testing tools.
||Project 6 - Setup of firewalls and IDS due 12/2|
||Finish working on Project 6
||Security Policies  Introduction to
Forensics  and Kali Linux tools for forensics.
|Cyber terrorism and Information warfare  and Final Exam review|| Project 7 - Scanning for remote control,
Trojans and rootkits due 12/14
||Cyber Stalking and Crime , Tech Support Scams,||Industrial Espionage in Cyberspace ||Finish working on Project 7|
|Final Exam||last day to re-submit projects.|
Note: [ ] chapters in Easttom Book and ( ) chapters in McClure Book
This page is maintained by Al Bento who can be reached at firstname.lastname@example.org. This page was last updated on August 13, 2017. Although we will attempt to keep this information accurate, we can not guarantee the accuracy of the information provided.