EC-Council University














Home
Login
myECCUNI
Classes
RSS
Contact Us
  • Home
    • Resources
      • CodeRed Center
      • Hacker Halted
      • Hacker Journals Links
      • HackerJournals White papers
      • HackerJournals Central
      • HackerJournals Tools
      • HackerJournals Videos
      • HackerJournals Blogs
      • HackerJournals Vulnerabilities
      • HackerJournals Newpaper
      • HackerJournals Magazine
      • Security Videos
      • Industry News
      • Newsletters
      • CEHBLOG
  • About ECU
    • President Message
    • University History
    • Mission Statement
    • Pressroom
    • Licensure
    • Administration & Faculty
  • Academics
    • Graduate Certificates
      • Information Security Professional
      • IT Analyst
      • Disaster Recovery
      • Digital Forensics
      • Executive Information Assurance
    • Master of Security Science
    • MSS Course Description
      • Ethical Hacking and Countermeasures
      • Investigating Network Intrusions and Computer Fore
      • Disaster Recovery
      • Securing Wireless Networks
      • Managing Secure Network Systems
      • Linux Networking and Security
      • Security Analysis and Vulnerability Assessment
      • Conducting Penetration and Security Tests
      • Secure Programming
      • Project Management in IT Security
    • Transfer Credits
  • Admissions
    • Application Procedure
    • Refund Policy
  • Pay for College
    • Cost Estimate
    • Cyber Security Fellowship
  • Current Student
    • Class Schedules
  • myECCUNI
  • Contact Us
 

Course: ECU 506 Conducting Penetration and Security Tests

Purpose of Class:

This course focuses on the mastery of the international standard for penetration testing. Topics include customers and legal agreements, penetration testing planning and scheduling, information gathering, external and internal network penetration testing, router penetration testing, firewalls penetration testing, intrusion detection system penetration testing, wireless networks penetration testing; password cracking penetration testing, social engineering penetration testing, PDA and cell phone penetration testing, and penetration testing report and documentation writing.

Course Learning Outcomes:
Students who successfully complete this class will be able to:

  • Examine various penetration testing mechanisms, and choose suitable set of tests that balance cost and benefits.
  • Examine the penetration testing techniques that perform the intensive assessments required to effectively identify and mitigate risks to the security of your infrastructure.
  • Demonstrate the compliance of the information system (BS7799, HIPAA etc) and adopt best practices by conforming to legal and industry regulations.
  •  Examine various network security devices, test for vulnerabilities and analyze the reports.
  • Identify vulnerabilities that could be exploited and predict the effectiveness of additional security measures in protecting information resources from attack.
  • Perform internal and external penetration test audits on network infrastructure components and analyze the result.
  • Analyze the techniques involved in gathering sensitive information and choose the best way to find the target company’s’ information.
  • Discover any unauthorized access points and check for any services running on the wireless network.
  • Examine various password cracking techniques, analyze the sensitive information and predict the implications.
  • Examine the post penetration testing actions, analyze the results and present the findings clearly in the final report.

Required Reading:

Book: Penetration Testing: Procedures & Methodologies, 1st Edition” by EC-Council, ISBN-10: 1435483677
Book: Penetration Testing: Network & Perimeter Testing, 1st Edition” by EC-Council, ISBN-10: 1435483685
Book: Penetration Testing: Communication Media Testing, 1st Edition” by EC-Council, ISBN-10: 1435483693
Book: Penetration Testing: Network Threat Testing, 1st Edition” by EC-Council, ISBN-10: 1435483707

Week One:
Modules Covered:

  • Module 01 - Penetration Testing Methodologies
  • Module 02 - Customers and Legal Agreements
  • Module 03 - Rules Of Engagement
  • Module 04 - Penetration Testing Planning and Scheduling
  • Module 05 - Pre Penetration Testing Checklist

Learning Outcomes:

  • Examine various penetration testing mechanisms, and choose suitable set of tests that balance cost and benefits.
  • Examine the penetration testing techniques that perform the intensive assessments required to effectively identify and mitigate risks to the security of your infrastructure.
  • Demonstrate the compliance of the information system (BS7799, HIPAA etc) and adopt best practices by conforming to legal and industry regulations.

Week Two:
Modules Covered:

  • Module 06 - Information Gathering,
  • Module 07 - Vulnerability Analysis,
  • Module 08 - External Penetration Testing
  • Module 09 - Internal Network Penetration Testing

Learning Outcomes:

  • Identify vulnerabilities that could be exploited and predict the effectiveness of additional security measures in protecting information resources from attack.
  • Perform internal and external penetration test audits on network infrastructure components and analyze the result.
  • Analyze the techniques involved in gathering sensitive information and choose the best way to find the target company’s’ information.

Week Three:
Modules Covered:

  • Module 10 - Router and Switches Penetration Testing
  • Module 11 - Firewall Penetration Testing
  • Module 12 - IDS Penetration Testing
  • Module 13 - Wireless Network Penetration Testing

Learning Outcomes:

  • Examine various network security devices, test for vulnerabilities and analyze the reports.
  • Identify vulnerabilities that could be exploited and predict the effectiveness of additional security measures in protecting information resources from attack.
  • Discover any unauthorized access points and check for any services running on the wireless network.

Week Four:
Modules Covered:

  • Module 14 - Denial of Service Penetration Testing
  • Module 15 - Password Cracking Penetration Testing
  • Module 16 - Social Engineering Penetration Testing
  • Module 17 - Stolen Laptop, PDAs and Cell Phones Penetration Testing
  • Module 18 - Application Penetration Testing

Learning Outcomes:

  • Examine various network security devices, test for vulnerabilities and analyze the reports.
  • Identify vulnerabilities that could be exploited and predict the effectiveness of additional security measures in protecting information resources from attack.
  • Analyze the techniques involved in gathering sensitive information and choose the best way to find the target company’s’ information.
  • Examine various password cracking techniques, analyze the sensitive information and predict the implications.

Week Five:
Modules Covered:

  • Module 19 - Physical Security Penetration Testing
  • Module 20 - Database Penetration Testing
  • Module 21 - VoIP Penetration Testing
  • Module 22 - VPN Penetration Testing
  • Module 23 - Email Security Penetration Testing
  • Module 24 - Security Patches Penetration Testing

Learning Outcomes:

  • Examine various network security devices, test for vulnerabilities and analyze the reports.
  • Identify vulnerabilities that could be exploited and predict the effectiveness of additional security measures in protecting information resources from attack.
  • Analyze the techniques involved in gathering sensitive information and choose the best way to find the target company’s’ information.

Week Six:
Modules Covered:

  • Module 25 - Penetration Testing Deliverables and Conclusion
  • Module 26 - Penetration Testing Report and Documentation Writing
  • Module 27 - Penetration Testing Report Analysis
  • Module 28 - Post Testing Actions
  • Module 29 - Ethics of a Licensed Penetration Tester
  • Module 30 - Standards and Compliance

Learning Outcomes:

  • Demonstrate the compliance of the information system (BS7799, HIPAA etc) and adopt best practices by conforming to legal and industry regulations.
  • Examine the post penetration testing actions, analyze the results and present the findings clearly in the final report.

Weeks Seven and Eight: Summative Experiences

Introduction to Weeks: Weeks seven and eight are designed to provide cumulative experience while
faculty and students are given the opportunity to finalize uncompleted work. For this course,
students will engage in two summative assessments, a research paper and final examination.

© 2011 EC-Council University | | Login