Many businesses operate networked infrastructure without any idea of the vulnerabilities they are exposing that can be exploited to gain unauthorized access to corporate information resources. One way for businesses to protect themselves is to regularly check their networks and systems as though they were bad guys. These vulnerabilities are related to configuration problems, bad software development processes and a variety of other common issues. The process of checking your own infrastructure is called ethical hacking. Students will learn the importance of ethical hacking and practice common methodologies for performing a penetration test against systems in order to expose vulnerabilities. This will include common attacks against Web services and vulnerable systems using a variety of professional tools.
- Describe ways to incorporate security into the design of software systems and Web server and e-commerce applications.
- Articulate best practices and user policies related to developing software systems and installing Internet server applications.
- Determine the security vulnerabilities of various software tools as well as various Web (and other) server applications software, and design mechanisms to mitigate those vulnerabilities.
- Describe the process for maintaining secure software and Internet server systems.
- Apply best information security practices for software systems to the specific needs of an organization.
- Select the optimal tools for implementing software systems and server-based Internet applications given project constraints.
- Document the impact and management of secure software and server systems, and the impact on the organization, for both professional peers and managers (technical and non-technical).
- Understand and use cryptography used on the web and the mechanisms for deploying a public key system.