Syllabus ENPM 808D: Security Tools for Information Security Summer 2015 Instructor: Kevin Shivers Office: 4417 Computer & Space Sciences Building Contact: (301) 405-8836, [email protected] Class hours: Wed, 1 June – 23 Aug, 5:30-8:45 PM Class location: JMP 2121 (DETS) Course objective: This course is designed to give a broad survey of tools which are commonly used by Cybersecurity professionals. Modern OSes (Windows. Linux, OSX) and scripting languages (BASH, Python, PERL, Ruby, Powershell) will be discussed as well as utilities (grep, awk, sed, netstat, nbtstat, tracert, etc.) and technologies that enable them (such as regular expressions.) Topics including securing and hardening installations (Bastille, CIS, Microsoft Baseline Security Analyzer,) incident response and recovery (lsof, Sysinternals, Tripwire) vulnerability assessment and compliance and configuration auditing (Nessus, Metasploit,) and network surveillance (tcpdump, Wireshark, Snort, Bro.) Enterprise tools will also be examined (SIEM tools, Log correlation engines, etc.) In addition to the weekly reading, there will be weekly individual projects (“homework”) and students will complete a final project. Students taking this course do not need to have any previous programming experience, but will find familiarity with the fundamental concepts of programming or scripting very helpful. Grading: The tentative final grade breakdown is as follows: Homework (6x10%) Final Project Class Participation 60% 25% 15% It is the student's responsibility to inform the instructor of any intended absences for religious observances in advance. Notice should be provided as soon as possible but no later than the end of the schedule adjustment period. Academic Integrity: The University's Code of Academic Integrity is designed to ensure that the principle of academic honesty is upheld. All students are expected to adhere to this Code. The Master’s in Cybersecurity Program does not tolerate academic dishonesty. All acts of academic dishonesty will be dealt with in accordance with the provisions of this code. Please visit the following website for more information on the University's Code of Academic Integrity: http://www.studenthonorcouncil.umd.edu/code.html Honor Pledge: All assignments and exams for this course are governed by the Honor Pledge: “I pledge on my honor that I have not given or received any unauthorized assistance on this exam/assignment.” Tentative Syllabus: Week Topics 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Intro Overview of tasks to accomplish, Cybersecurity Domains Linux and OSX OS Tools Utilities Shell scripting (BASH) Windows OS Tools Utilities PowerShell Scripting Introduction to scripting languages Scripting structures Ruby, Python, Perl, PowerShell Task Focus Configuration management, Audit and Compliance Configuration and Patch Management tools Defense in Depth Perimeter defense Firewalls, Proxies, IPS. Oh my! Task focus Securing and hardening Bastille, CIS, MS Baseline, et.al. Vulnerability Assessment tools Nessus, OpenVAS, Nexpose, et. Al. Penetration Testing tools Metasploit et. al. Anatomy of an Attack Or, Why we need all these tools Task Focus Incident Response Investigation Network Tools Flows Tcpdump/wireshark Task Focus Data Recovery Task Focus Forensics and E-discovery Data encryption, decryption and cryptography TBD
© Copyright 2024