Professional Documents
Culture Documents
Course Overview
This is a hands on, laboratory based applied security course in which students will work
in teams, defend against cyber attacks, and implement services in a hostile cyber
environment. Most activities will be derived from Cyber Defense and Cyber league
competitions and will prepare students to participate and excel in these competitions.
This course is open to all students, including inexperienced ones in Cyber Defense
competitions. Repeat enrollment is encouraged.
Notice: This syllabus is fluid and WILL change. All changes will be announced.
As part of this course, all students (except for unusual circumstances approved by the
instructor) will be required to register and participate in the Fall season of the National
Cyber League competition.
http://www.nationalcyberleague.org/index.shtml
http://www.nationalcyberleague.org/schedule.shtml
Registration is now open and the sooner you register, the sooner you can start getting
used to the environment.
http://www.nationalcyberleague.org/registration.shtml
You will be required to participate in the pre-season as well as the 2 live regular season
games on 10/31 and 11/14
Some of you may fall into the "unusual circumstance" and may not be able to participate
or qualify to participate in the NCL. If this is the case, please contact me and I will
discuss with you alternate assignments.
The Web Application Hacker's Handbook 2nd edition - Dafydd Stuttard - Marcus Pinto
ModSecurity Handbook: The Complete Guide to the Popular Open Source Web
Application Firewall - Ivan Ristic
Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort – M.
Rash
Grading
Each class missed beyond the first will lead to -10% on the final grade
● National Cyber league participation and ranking: 30% (plus possible extra 30%)
Students will receive 30% credit based on participation in the pre-season and 2
regular season games. Additional (extra credit) % points will be granted based on
the student performance and ranking during that competition.
● Individual Checklists: 5%
A 93-100%
A- 90 – 92%
B+ 87-89%
B 84-86%
B- 80-83%
C+ 77-79%
C 74-76%
C- 70-73%
D+ 67-69%
D 61-66%
F £ 60%
IMPORTANT:
Students Roles
Class Intros
Introduce Checklists.
Windows Intro
Assignment of teams.
Team discussion and possible assignment of roles. (Roles may change, need redundancy
also)
Server Administration
Active Directory
DNS
DFS
SMB
IIS
FTP
Password Hashes
SID/GID
Powershell
VBS
Logs
Mandatory Reading:
Introduction to Linux:
http://linuxcommand.org/lc3_learning_the_shell.php (Chapters 1 - 10)
Optional Reading:
CentOS Project: http://www.centos.org/about/
FHS in CentOS:
http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-filesystem-fhs.html
Resources:
FreeBSD Emulator: http://cb.vu/
Linux Emulator: http://bellard.org/jslinux/
Commands: http://cb.vu/unixtoolbox.xhtml
Topics in class:
Linux Filesystem
CLI Basics
File Manipulation
Permissions
Networking
Advanced IPtables
Package Management System
Challenges
Resources:
CentOS HowTos: http://wiki.centos.org/HowTos
Topics in class:
Linux Security
Source Code
Apache
PHP
MySQL
SSH
Extra Challenges
Exploit Research
exploit-db
cvedetails
osvdb
nvd
bugtraq
Mitigation Tech
Persistence
Windows persistence points
Linux persistence points
0-days
Custom Exploits
DNS
Bro IDS
Wireshark, tcpdump
Resources:
https://www.splunk.com/web_assets/v5/book/Exploring_Splunk.pdf
http://www.sans.org/reading-room/whitepapers/detection/practical-ossec-33699
Incident Response
What to monitor - logs, network, file integrity
How to determine if a breach has happened
OSSEC/SPLUNK/Tripwire
Securing Your System
Real Life / vs competitions
Authentication
Session management
access control
HTTP Methods
TLS & SSL
Proxy
Cookies
OWASP Top 10
Database Review
Code Review
Server & Client side vulnerabilities
Week 10: Final Lab
Week 11: Final exam (if necessary) or Mandatory Final Lab review
Changes to Syllabus
This syllabus is subject to change as necessary during the quarter. If a change occurs, it
will be thoroughly addressed during class, posted under Announcements in D2L and sent
via email.
Depaul Policies
Evaluations are a way for students to provide valuable feedback regarding their instructor
and the course. Detailed feedback will enable the instructor to continuously tailor
teaching methods and course content to meet the learning goals of the course and the
academic needs of the students. They are a requirement of the course and are key to
continue to provide you with the highest quality of teaching. The evaluations are
anonymous; the instructor and administration do not track who entered what responses. A
program is used to check if the student completed the evaluations, but the evaluation is
completely separate from the student’s identity. Since 100% participation is our goal,
students are sent periodic reminders over three weeks. Students do not receive reminders
once they complete the evaluation. Students complete the evaluation online
in CampusConnect.
This course will be subject to the university's academic integrity policy. More
information can be found at http://academicintegrity.depaul.edu/. If you have any
questions be sure to consult with your professor.
Academic Policies
All students are required to manage their class schedules each term in accordance with
the deadlines for enrolling and withdrawing as indicated in the University Academic
Calendar. Information on enrollment, withdrawal, grading and incompletes can be found
at: cdm.depaul.edu/enrollment.
Students who feel they may need an accommodation based on the impact of a disability
should contact the instructor privately to discuss their specific needs. All discussions will
remain confidential.
To ensure that you receive the most appropriate accommodation based on your needs,
contact the instructor as early as possible in the quarter (preferably within the first week
of class), and make sure that you have contacted the Center for Students with Disabilities
(CSD) at: csd@depaul.edu.