This "Defense-in-Depth" course provides the student detailed understanding of the need for internal and external vulnerability assessment. An integral technical part of any risk management program, this course goes hand-in-hand with the more analytical practices in IAE-674.
Learning Objectives
- Differentiate among different types of hackers
- Articulate the difference between hackers and security professionals
- Understand security vulnerabilities, exposures and risks
- Understand what social engineering is and how it is done
- Identify UNIX/Linux and Windows vulnerabilities specifically
- Understand where firewalls fit in defenses against hackers
- Have an opportunity to use hacking tools and understand what it is hackers do
- Understand denial of service attacks and what effect they can have
- Understand the importance of both vulnerability assessment and penetration testing in assessing the overall security of the system
- Understand the importance of research methods when applied to vulnerability analysis and mitigation techniques
- Understand the importance of collaboration and report writing in the conveyance of threat, vulnerability, and impact considerations
- Understand the basics of the System Security Authorization Agreement (SSAA) process
- Be competent with tools for network security evaluation.