Learn fundamentals of network security, including a deep dive into how networks are attacked by malicious users.
This is a self-paced course that provides an introduction to network security topics. The curriculum focusses on how malicious users attack networks. The material is essential in later classes that will develop ethical hacking skills. Students are introduced to some key concepts in network security. Next, we provide an overview of network reconnaissance strategies.
We move on to the next stage of the network attack methodology, which is exploitation.
Next, we cover standard attack techniques, attacks such as Denial of Service, DNS attacks, and client-side attacks, and the tools used to carry out these exploitations. We conclude by focusing on the steps attackers take after they initially compromise a system.
What will you learn
- Describe how "social engineering" can be used to compromise security
- Define the CIA triad
- Identify and plan to manage risks in common situations
- Define a threat tree and threat matrix and explain how they are used
- Define an attack tree, explain how boolean and continuous node values are used in attack trees, and demonstrate how an attack tree can be used to determine vulnerabilities
- Explain why it is important for network engineers to understand cyber attack strategies.
- List and summarize the stages of network attack methodology
- Identify the information an attacker might collect during network reconnaissance
- Describe at least two "low tech" ways of performing reconnaissance on a target
- Perform a WHOIS query and extract the IP address of a DNS server
- List at least three publicly available tools used for gathering information on targets
- Define port scanning and describe the process used to determine whether a port is open
- Define a proxy server
- Define IP spoofing, ingress filtering, and session hijacking
- Define a Denial of Service attack and explain the difference between a DoS and DDoS attack
- State the relationship between DoS attacks and geopolitical events
- List at least two vulnerability attacks used in DoS attacks
- Define SYN flooding and explain how it can be protected against
- Describe what happens during a standard DDoS attack
- Explain how DNS poisoning can be used in phishing attacks
- Describe how URLs can be obfuscated to make a phishing attack more likely to succeed
- List at least two tools used to assess vulnerabilities in networks
- Summarize the typical goals of post-exploitation activity
- Describe the strategies attackers use to maintain access to a compromised system
- Define trojans, viruses, worms, and blended threats
- List the typical objectives of trojan creators
- Define rootkits
- Give examples of common uses of Netcat
- Define wrappers
- Summarize common data exfiltration methods
- Summarize how attackers can remove evidence of system compromise in Windows and Unix systems