Exams
We will have 3 multiple choice question exams. The first one will cover MetaSploit and will comprise 15% of your final grade. The second exam will cover Web Application Hacking Techniques and will comprise 15% of your final grade. The third exam will cover wireless security and include some comprehensive questions from earlier tests and is weighted 20% of your final grade.
There will be both a midterm exam final exam for this course. Both exams will be comprised of short-answer and/or longer open-ended questions. Check the schedule for dates.
A missed exam can only be made up in the case of documented and verifiable extreme emergency situations.
Schedule
Week | Topic | Quiz/Test |
1
Full |
Course Introduction, Introduction to the Metasploit Framework including Basics, Intelligence Gathering, Vulnerability Scanning, and Exploitation | |
2
1 hr |
Meterpreter, Avoiding Detection, Client Side Attacks, and Auxiliary Modules | Quiz |
3
1 hr |
Social Engineering Toolkit, SQL Injection, Karmetasploit, Building Modules in Metasploit, and Creating Exploits | Quiz |
4
1 hr |
Porting Exploits, Scripting, and Simulating Penetration Testing
Ettercap |
Quiz |
5
Full |
Test 1, Introduction to OWASP’s WebGoat application | Test 1 |
6
Independent Study |
Unvalidated Parameters, Broken Access Control, and Broken Authentication | Quiz
Analysis Report: Learnings from Metasploit run against a publically available VM the student chooses |
7
1 hr |
Cross Site Scripting, Injection Flaws, Error Handling, and Insecure Storage | Quiz |
8
1 hr |
Denial of Service, Configuration Management, and Web Services | Quiz |
9
1 hr |
Ajax Security and an Introduction to the WebGoat Challenge
Wireshark |
Quiz |
10
1 hr |
Test 2, Introduction to Wireless Security | Test 2 |
11
Full |
Wireless Recon, WEP, and WPA2 | Quiz
Analysis Report: Learnings from the WebGoat Challenge |
12
1 hr |
WPA2 Enterprise, Wireless beyond WiFi | Quiz |
13
Full |
Cain and Able | Quiz |
14
Full |
Review of all topics and wrap up discussion | Test 3 |