Chat with us, powered by LiveChat ISSC362 IT Security: Attack & Defense 3 Semester Hours This course examines the techniques and technologies for penetratio - School Writers

ISSC362 IT Security: Attack & Defense 3 Semester Hours This course examines the techniques and technologies for penetratio

Course Details

ISSC362 IT Security: Attack & Defense 3 Semester Hours

This course examines the techniques and technologies for penetration of networks, detection of attacks, and prevention of attacks. This course addresses the techniques, the technologies, and the methodologies used by cyber intruders (hackers) to select a target and launch an attack. Students will gain insight into the motives and desired goals of hackers as well as effective tools and techniques used as countermeasures ensuring data assets remain secure. This course focuses on techniques and technologies to detect such attacks even while the attack is in progress; early detection enables the administrator to track the movements of the hacker and to discover the intent and goals of the hacker. This course assesses the various countermeasures to keep the system out of the “sights” of the hacker and to keep the hacker out of the perimeter of the target network. This course also explores the laws and the legal considerations in prosecuting computer crime.

For future semesters, email [email protected] to confirm course materials.

20/11/2021, 17:31Discussions List – ISSC362 D002 Summer 2021

Page 1 of 8https://myclassroom.apus.edu/d2l/le/40813/discussions/List

Week 1 Discussion

Discussions

Filter by: Unread Collapse All Forums

MB Marco Tulio Barreto

Course Home Content Discussions Class Progress LibraryCourse Tools Help

Settings Help

Discussions List Subscriptions

Introduction

Topic Threads Posts Last Post

All posts must be a minimum of 250 words. All follow-up posts to your classmates must be a minimum of 150 words for each required post.

This assignment is a formative

assessment for Course

Objective 1.

Part I: Personal Introductions

1) For this assignment create a

new message and introduce

yourself to the class! Please

address the following items in your

introduction…

1) Name you prefer to be called.

2) Your major and year in school.

20/11/2021, 17:31Discussions List – ISSC362 D002 Summer 2021

Page 2 of 8https://myclassroom.apus.edu/d2l/le/40813/discussions/List

Week 2 Discussion

48 16

(46) Carlos Restrepo

September 14 at 7:55 AM

3) Your branch of service and rank

(if military).

4) Your job title and a brief

description of your job.

5) Where you live.

6) Why you are taking this class

and what you hope to learn.

7) Your hobbies.

8) Anything else you would like us

to know about you.

Part II: Hacking – The Way You See It

Instructions:

1.) Express what your current perception or experience is in regards to the topic of hacking.

2.) Do you know what are black hat and white hat hacking? If you do, or do not, explain what they are and how they are different.

3.) Do you consider white hat hacking essential? Why or why not?

Note: This Introduction Discussion is required (serving as your official entry into the course) and students who do not post to this discussion by 11:59 p.m., ET, Sunday will be automatically dropped from the course.

Remember: All posts are due by Sunday, by 11:59 p.m., ET

Topic Threads Posts Last Post

20/11/2021, 17:31Discussions List – ISSC362 D002 Summer 2021

Page 3 of 8https://myclassroom.apus.edu/d2l/le/40813/discussions/List

Week 3 Discussion

W2: Port Scanning –

Optional

73 (7) Christopher Johnson

September 18 at 10:48 PM

This assignment is a formative assessment for Course Objective 2.

Locate a Port Scanning Tool

For this assignment create a new message and address the following items in your posting…

1. Search the internet or our

course lesson/resources for a

tool used to conduct port

scanning.

2. List the tool's name.

3. List the pros and cons

associated with the tool you

found.

4. Locate an incident in which

the tool was used to exploit

an organization.

5. List the URL and describe the

exploit.

6. Provide the outcome, was the

exploit successful or foiled.

Discussion Guidelines

W3: Web and Database

Attacks

Topic Threads Posts Last Post

This assignment is a formative

20/11/2021, 17:31Discussions List – ISSC362 D002 Summer 2021

Page 4 of 8https://myclassroom.apus.edu/d2l/le/40813/discussions/List

Week 4 Discussion

18 6

(8) Marco Tulio Barreto

September 27 at 1:34 AM

assessment for Course Objective 3.

For this week's post please utilize the items described in the lesson/resources or research conducted on the web to ensure your post contains the following;

1. Describe at least three

web server vulnerabilities

and how they are typically

exploited.

Discussion Guidelines

W4: Trojans and Backdoors

15

Topic Threads Posts Last Post

6 (14)

This assignment is a formative assessment for Course Objective 4.

For this week’s post please utilize the items described in the lesson/resources or research conducted on the web to ensure your post contains the following;

1. Describe how an attacker

could use a sniffer in

conjunction with a Trojan

to successfully gain access

to sensitive data.

2. Describe how the attacker

could use the Flaw

Hypothesis Methodology

20/11/2021, 17:31Discussions List – ISSC362 D002 Summer 2021

Page 5 of 8https://myclassroom.apus.edu/d2l/le/40813/discussions/List

Week 5 Discussion

Marco Tulio Barreto

October 3 at 10:08 PM

to potentially gain a

foothold.

1. Some readings:

1. NIST SP 800

Page: F-215-

F217 SI-2

2. NIST(Review but

especially Section

4)

3. Special

Publication

(Review)

Discussion Guidelines

W5: Linux, Live CDs and

Automated Tools

14

Topic Threads Posts Last Post

5 (7)

Marco Tulio Barreto

October 11 at 2:00 AM

This assignment is a formative assessment for Course Objective 5.

For this week’s post please utilize the items described in the lesson/resources or research conducted on the web to ensure your post contains the following;

1. Locate an automated

assessment tool and detail

what attackers use the

tool for, the information it

20/11/2021, 17:31Discussions List – ISSC362 D002 Summer 2021

Page 6 of 8https://myclassroom.apus.edu/d2l/le/40813/discussions/List

Week 6 Discussion

provides, and how

organizations can protect

themselves from it.

Discussion Guidelines

W6: Wireless

Vulnerabilities

12

Topic Threads Posts Last Post

4 (12)

Christopher Johnson

October 16 at 10:26 PM

This assignment is a formative assessment for Course Objective 6.

For this week’s post please utilize the items described in the lesson/resources or research conducted on the web to ensure your post contains the following;

1. Considering that there are

many security concerns

surrounding wireless

networks, and many tools

are freely available, how

does and administrator or

even an individual user go

about ensuring the

security of their wireless

network? List a minimum

of two

methods/techniques, and

explain the rationale for

your decision?

Discussion Guidelines

20/11/2021, 17:31Discussions List – ISSC362 D002 Summer 2021

Page 7 of 8https://myclassroom.apus.edu/d2l/le/40813/discussions/List

Week 7 Discussion

Week 8 Discussion

W7: Incident Response

12

Topic Threads Posts Last Post

4 (12)

Steven Schick

October 24 at 11:45 PM

This assignment is a formative assessment for Course Objective 7.

For this week's post please utilize the items described in the lesson/resources or research conducted on the web to ensure your post contains the following;

Consider the phases of incident response listed below. They follow a certain order, but which one(s) do you consider to be the most crucial to the process and why?

1. Incident Identification

2. Triage

3. Containment

4. Investigation

5. Analysis and Tracking

6. Recovery and Repair

7. Debriefing and feedback

Discussion Guidelines

Topic Threads Posts Last Post

20/11/2021, 17:31Discussions List – ISSC362 D002 Summer 2021

Page 8 of 8https://myclassroom.apus.edu/d2l/le/40813/discussions/List

W8: Defensive

Technologies

93 (9) Berkay Cokcalisir

October 30 at 12:56 AM

This assignment is a formative assessment for Course Objective 8.

For this week’s post please utilize the items described in the lesson/resources or research conducted on the web to ensure your post contains the following;

1. Provide examples of the

three types of controls and

how they could be used to

prevent (or slow down)

attackers.

Discussion Guidelines

,

ISSC362

Course Summary Course : ISSC362 Title : IT Security: Attack & Defense Length of Course : 8 Faculty : Prerequisites : N/A Credit Hours : 3

Description Course Description:

This course examines the techniques and technologies for penetration of networks, detection of attacks, and prevention of attacks. This course addresses the techniques, the technologies, and the methodologies used by cyber intruders (hackers) to select a target and launch an attack. Students will gain insight into the motives and desired goals of hackers as well as effective tools and techniques used as countermeasures ensuring data assets remain secure. This course focuses on techniques and technologies to detect such attacks even while the attack is in progress; early detection enables the administrator to track the movements of the hacker and to discover the intent and goals of the hacker. This course assesses the various countermeasures to keep the system out of the “sights” of the hacker and to keep the hacker out of the perimeter of the target network. This course also explores the laws and the legal considerations in prosecuting computer crime.

Course Scope:

This course will allow students to see how attacks target networks and the methodology they follow. Students will also learn how to respond to hacking attacks and how to fend them off. With the help of the experts in the Information Systems Security and Assurance Series, the book will provide examples of information security concepts and procedures are presented throughout the course.

Page: 1 of 8 Date: 6/21/2020 3:01:15 AM

Objectives After successfully completing this course, you will be able to:

1. Show how attackers map organizations 2. Describe common port scanning techniques 3. Identify some of the tools used to perform enumeration 4. Explain the significance of wireless security 5. List the issues facing Web servers 6. Describe the characteristics of malware 7. List the ways of detecting Trojans 8. Describe the process of DoS attacks 9. Describe the benefits of automated assessment tools

10. List the components of incident response 11. List the detective methods of IDS

Outline Week 1: Course Overview Getting Started Introduction to Ethical Hacking

Activities

Reading: Chapters 1, 2, 3 and 4

PPT Review: Lessons 1, 2 and 3 (Physical Security)

Week 1 Discussion

Lab

Week 2: Footprinting, Port Scanning and Enumeration

Activities

Reading: Chapters 5, 6, and 7

PPT Review: Lessons 3 (Footprinting) and 4

Week 2 Discussion

Lab

Week 3: Web and Database Attacks

Activities

Reading: Chapter 9

PPT Review: Lesson 6

Week 3 Discussion

Lab

Page: 2 of 8 Date: 6/21/2020 3:01:15 AM

Week 4: Malware, Worms, Viruses, Trojans and Backdoors

Activities

Reading: Chapters 10 and 11

PPT Review: Lesson 7

Week 4 Discussion

Lab

Week 5: Network Traffic Analysis

Activities

Reading: Chapters 12 and 13

PPT Review: Lesson 8

Week 5 Discussion

Midterm

Lab

Week 6: Wireless Vulnerabilities

Activities

Reading: Chapter 8

PPT Review: Lesson 5

Week 6 Discussion

Lab

Week 7: Incident Response

Activities

Reading: Chapter 14

PPT Review: Lesson 9 (Incident Response)

Week 7 Discussion

Week 7 Research Paper Due

Lab

Week 8: Defensive Technologies

Activities

Page: 3 of 8 Date: 6/21/2020 3:01:15 AM

Reading: Chapter 15

PPT Review: Lesson 9 (Defense Technologies)

Week 8 Discussion

Final Exam

Lab

Evaluation Grading will be based on weekly assignments: discussions labs, quizzes, an individual project paper (topic selection, outline and paper) and a case study.

There will be eight discussions (3.13% each) counting a total of 25% of the final grade. Answers should restate the question with supporting sentences using the terms, concepts, and theories from the required readings. The key requirement is to express your idea and then support your position to demonstrate that you understand the material.

In addition, you are to respond to at least two of your classmates’ postings by critiquing, supporting or supplementing the other students’ answers. All responses should be courteous with sound supporting sentences. You may respond multiple times within a continuous discussion with points and counter points. Duplicate responses will not receive credit.

There will be eight labs (2.5% for each) counting a total of 25% of the final grade. You can access labs by selection on Online Labs. Step-by-Step instructions for each lab are available, and you can access these files within Lessons. Submit deliverables through the Assignments link within your course.

There will be one final exam (25 questions worth 4 points per question) and one Midterm exam (25 questions worth 4 points per question) accounting for a total of 25% of the final grade. Each exam will consist of 25 multiple choice questions pulled from chapters covered from week 1 through 5 for the Midterm and Weeks 1 through 8 for the Final exam.

There will be three exercises during this term counting a total of 25% of the final grade, completed as follows:

a. Week 2 Topic Selection – selection of topic for the Week 7 Research Paper. b. Week 4 Outline – outline of topics and subtopics for the Week 7 Research Paper. c. Week 7 Research Paper – present research paper on your chosen topic.

Below is a list of pre-approved topics for the Week 7 Research Paper:

Protecting IT: A Roadmap for Securing the Enterprise Best Practices for Network Security Firewalls: Great Network Security Devices, but Not a "Silver Bullet" Solution Modern Day Attacks Against Firewalls and VPNs VPN Security Vulnerabilities Exposed

The key to the research assignment is to demonstrate your understanding of the topics, not to re-word the text or reference material.

The paper will follow a conventional report format (introduction, body, conclusion, references). The paper is to follow the APA style guide, Sixth Edition (available via bookstores). Also refer to APA’s online resources: and the APUS web site:

Page: 4 of 8 Date: 6/21/2020 3:01:15 AM

Note: Review Announcements and Lessons for additional instructions and course materials.

Each week you will also have chapter readings assigned, and PowerPoint presentations to review.

All assignments, labs, discussion questions and quizzes are required by 11:59 PM Eastern Standard Time of the Sunday of the week assigned.

Grading: Name Grade % Discussions 25.00 %

3.13 % 3.13 % 3.13 % 3.13 % 3.13 % 3.13 % 3.13 % 3.13 %

Week 1 Discussion Week 2 Discussion Week 3 Discussion Week 4 Discussion Week 5 Discussion Week 6 Discussion Week 7 Discussion Week 8 Discussion Labs 25.00 % Week 1 Lab 3.13 % Week 2 Lab 3.13 % Week 3 Lab 3.13 % Week 4 Lab 3.13 % Week 5 Lab 3.13 % Week 6 Lab 3.13 % Week 7 Lab 3.13 % Week 8 Lab 3.13 % Quizzes/Exams 25.00 % ISSC362 Final Exam 12.50 % ISSC362 Midterm Exam 12.50 % Exercises 25.00 % Week 2 Topic Selection 2.50 % Week 4 Outline 7.50 % Week 7 Research Paper 15.00 %

Page: 5 of 8 Date: 6/21/2020 3:01:15 AM

Materials Book Title: Requires CITRIX CLIENT SOFTWARE INSTALLATION FOR ONLINE VIRTUAL LABS accessibility – instructions provided inside the classroom.

Author: No Author Specified Publication Info: ISBN: N/A Book Title: Hacker Techniques, Tools, And Incident Handling, 2nd ed. – the VitalSource e-book is provided inside the classroom

Author: Oriyano Publication Info: VS-Jones & Bartlett ISBN: 9781284031713 Book Title: ISSC362 virtual lab manual provided inside the classroom Author: Publication Info: CLASS-Jones & Bartlett ISBN: 9781284064100

Starting April 2016 this title & edition has moved to VitalSource. The VitalSource e-book is provided via the APUS Bookstore. Please visit for more information.

Software Requirements

1. Microsoft Office (MS Word, MS Excel, MS PowerPoint) 2. Mozilla Firefox (recommended browser)

Course Guidelines Citation and Reference Style

Attention Please: Students will follow the APA Format as the sole citation and reference style used in written work submitted as part of coursework to the University. Assignments completed in a narrative essay or composition format must follow the citation style cited in the APA Format.

Tutoring

Tutor.com offers online homework help and learning resources by connecting students to certified tutors for one-on-one help. AMU and APU students are eligible for 10 free hours* of tutoring provided by APUS. Tutors are available 24/7 unless otherwise noted. Tutor.com also has a SkillCenter Resource Library offering educational resources, worksheets, videos, websites and career help. Accessing these resources does not count against tutoring hours and is also available 24/7. Please visit the APUS Library and search for 'Tutor' to create an account.

Late Assignments

Students are expected to submit classroom assignments by the posted due date and to complete the course according to the published class schedule. The due date for each assignment is listed under

Page: 6 of 8 Date: 6/21/2020 3:01:15 AM

each Assignment. Generally speaking, late work may result in a deduction up to 15% of the grade for each day late, not to exceed 5 days. As a working adult I know your time is limited and often out of your control. Faculty may be more flexible if they know ahead of time of any potential late assignments.

Turn It In

Faculty may require assignments be submitted to Turnitin.com. Turnitin.com will analyze a paper and report instances of potential plagiarism for the student to edit before submitting it for a grade. In some cases professors may require students to use Turnitin.com. This is automatically processed through the Assignments area of the course.

Academic Dishonesty

Academic Dishonesty incorporates more than plagiarism, which is using the work of others without citation. Academic dishonesty includes any use of content purchased or retrieved from web services such as CourseHero.com. Additionally, allowing your work to be placed on such web services is academic dishonesty, as it is enabling the dishonesty of others. The copy and pasting of content from any web page, without citation as a direct quote, is academic dishonesty. When in doubt, do not copy/paste, and always cite.

Submission Guidelines

Some assignments may have very specific requirements for formatting (such as font, margins, etc) and submission file type (such as .docx, .pdf, etc) See the assignment instructions for details. In general, standard file types such as those associated with Microsoft Office are preferred, unless otherwise specified.

Disclaimer Statement

Course content may vary from the outline to meet the needs of this particular group.

Communicating on the Discussion

Discussions are the heart of the interaction in this course. The more engaged and lively the exchanges, the more interesting and fun the course will be. Only substantive comments will receive credit. Although there is a final posting time after which the instructor will grade comments, it is not sufficient to wait until the last day to contribute your comments/questions on the discussion. The purpose of the discussions is to actively participate in an on-going discussion about the assigned content. “Substantive” means comments that contribute something new and hopefully important to the discussion. Thus a message that simply says “I agree” is not substantive. A substantive comment contributes a new idea or perspective, a good follow-up question to a point made, offers a response to a question, provides an example or illustration of a key point, points out an inconsistency in an argument, etc. As a class, if we run into conflicting view points, we must respect each individual's own opinion. Hateful and hurtful comments towards other individuals, students, groups, peoples, and/or societies will not be tolerated.

Identity Verification & Live Proctoring

Faculty may require students to provide proof of identity when submitting assignments or completing assessments in this course. Verification may be in the form of a photograph and/or video of the student’s face together with a valid photo ID, depending on the assignment format. Faculty may require live proctoring when completing assessments in this course. Proctoring may include identity verification and continuous monitoring of the student by webcam and microphone during testing.

Page: 7 of 8 Date: 6/21/2020 3:01:15 AM

University Policies Student Handbook

Drop/Withdrawal policy

Extension Requests

Academic Probation

Appeals

Disability Accommodations

The mission of American Public University System is to provide high quality higher education with emphasis on educating the nation’s military and public service communities by offering respected, relevant, accessible, affordable, and student-focused online programs that prepare students for service and leadership in a diverse, global society.

Page: 8 of 8 Date: 6/21/2020 3:01:15 AM