sec 420 perimeter defense techniques full course n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
SEC 420 PERIMETER DEFENSE TECHNIQUES FULL COURSE-STRAYER PowerPoint Presentation
Download Presentation
SEC 420 PERIMETER DEFENSE TECHNIQUES FULL COURSE-STRAYER

Loading in 2 Seconds...

play fullscreen
1 / 15

SEC 420 PERIMETER DEFENSE TECHNIQUES FULL COURSE-STRAYER - PowerPoint PPT Presentation


  • 0 Views
  • Uploaded on

Visit Below Link, To Download This Course:\n\nhttps://www.tutorialsservice.net/product/sec-420-perimeter-defense-techniques-full-course-strayer/\n\nOr \nEmail us on\nSUPPORT@TUTORIALSSERVICE.NET\n\n\nSEC 420 Perimeter Defense Techniques Full Course-Strayer\nSEC420\nSEC420 Perimeter Defense Techniques\nSEC 420 Week 1 DQ Latest-Strayer\n“Ethical Hacking” Select one of the following and discuss in no less than three paragraphs, and have at least one response to another student of at least one paragraph:\n• Suppose a coworker approaches you and asks what an ethical hacker does. She does not understand the role that an ethical hacker plays in the security industry and assumes that such a hacker intentionally causes damage. Explain to your hypothetical coworker what an ethical hacker is and the fundamental manner in which such a hacker differs from a black hat hacker. Justify your response with an example of each type of hacker, and indicate the role each hacker plays in your given example.\n• Explain the main differences between white hat and grey hat hackers. Provide a brief example of a grey hat hacker. Describe the role that you believe grey hat hackers play in the security industry, and indicate whether or not you believe grey hat hacking is equivalent to ethical hacking. Provide a rationale for your response.\n• Any current topic or article related to penetration techniques.\n• The instructor insight.\n

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'SEC 420 PERIMETER DEFENSE TECHNIQUES FULL COURSE-STRAYER' - tutorialsservicesnet


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
sec 420 perimeter defense techniques full course

SEC 420 PERIMETER DEFENSE TECHNIQUES FULL

COURSE-STRAYER

Visit Below Link, To Download This Course:

https://www.tutorialsservice.net/product/sec-420-perimeter-defense-techniques-full-course-strayer/

Or

Email us on

SUPPORT@TUTORIALSSERVICE.NET

SEC 420 Perimeter Defense Techniques Full Course-Strayer

SEC420

SEC420 Perimeter Defense Techniques

SEC 420 Week 1 DQ Latest-Strayer

“Ethical Hacking” Selectone of the following and discuss in no less than three paragraphs, and have at

least one response to another student of at least one paragraph:

Suppose a coworker approaches you and asks what an ethical hacker does. She does not

understand the role that an ethical hacker plays in the security industry and assumes that such a

hacker intentionally causes damage. Explain to your hypothetical coworker what an ethical

hacker is and the fundamental manner in which such a hacker differs from a black hat hacker.

Justify your response with an example of each type of hacker, and indicate the role each hacker

plays in your given example.

Explain the main differences between white hat and grey hat hackers. Provide a brief example of

a grey hat hacker. Describe the role that you believe grey hat hackers play in the security

industry, and indicate whether or not you believe grey hat hacking is equivalent to ethical hacking.

Provide a rationale for your response.

Any current topic or article related to penetration techniques.

The instructor insight.

SEC 420 Week 2 DQ Latest-Strayer

“Scanning for Exploits” Selectone of the following and discuss in no less than three paragraphs, and

have at least one response to another student of at least one paragraph:

Suppose you work as a security analyst and during a weekly meeting your supervisor asks for

your opinion about the ways in which the department could best identify vulnerabilities that a

hacker could potentially exploit on a network

hacker could potentially exploit on a network. Analyze the potential security concerns, and identify

what you believe to be the greatest concerns in terms of vulnerabilities. Describe the method(s)

you would use to identify the related exploit(s). Explain your desired method(s) to perform this

vulnerability analysis.

Suggest the tool(s) that you would use to perform all or a portion of the analysis mentioned in

Part 1 of this discussion. Justify the manner in which such tools could assist with these efforts.

Any current topic or article related to penetration techniques.

The instructor insight.

SEC 420 Week 3 DQ Latest-Strayer

“Viruses and Antivirus Utilities” Selectone of the following and discuss in no less than three paragraphs,

and have at least one response to another student of at least one paragraph:

Go to the web, research new worms or viruses. Analyze the primary manner in which one

particular virus or worm was successful. Summarize the one way in which the virus or worm

avoided defense mechanisms. Suggest at least two ways in which the infected parties could have

protected themselves from the threat.

Identify the antivirus software that you currently use or would prefer to use in order to protect your

organization or personal system(s). Indicate the key features that this application utilizes to assist

in preventing infection from viruses and worms. Provide a rationale for your chosen antivirus

software.

Any current topic or article related to penetration techniques.

The instructor insight.

SEC 420 Week 4 DQ Latest-Strayer

“What If?” Select one of the following and discuss in no less than three paragraphs, and have at least

one response to another student of at least one paragraph:

Review the “What if” case in Chapter 4 from the Book:Attack Phases. Discuss the ethical

concerns of Doug’s actions. What might the ramifications or consequences of his actions

be? Why?

If you were Doug in the case above, what would you do to practice the new skills, and why?

Any current topic or article related to penetration techniques.

The instructor insight.

SEC 420 Week 5 DQ Latest-Strayer

“What If?” Selectone of the following and discuss in no less than three paragraphs, and have at least one

response to another student of at least one paragraph:

Review the “What if” case in Chapter 5 fromAttack Phases. Discuss the ethical and legal

concerns of Brian’s actions. What might the ramifications or consequences of his actions be?

Why?

Discuss the ethics of revenge and its relationship to ethical hacking. Is revenge ever justified in

situations where one may have issues with bosses and/or co-workers? Explain your rationale.

Any current topic or article related to penetration techniques.

The instructor insight.

sec 420 week 6 dq latest strayer

SEC 420 Week 6 DQ Latest-Strayer

“Internet Security” Selectone of the following and discuss in no less than three paragraphs, and have at

least one response to another student of at least one paragraph:

Review the source below. Pay particular attention to the viruses and worms mentioned and the

details surrounding its attack. Provide a brief summary, and discuss your thoughts on the severity

of the threat, and how you would have dealt with the problem.

o

Original Source: Rowen, Beth. (2015) Cyberwar Timeline: The roots of this increasingly

menacing challenge facing nations and businesses. Retrieved

from http://www.infoplease.com/world/events/cyberwar-timeline.html

Any current topic or article related to penetration techniques.

The instructor insight.

SEC 420 Week 7 DQ Latest-Strayer

“System Upgrade” Selectone of the following and discuss in no less than three paragraphs, and have at

least one response to another student of at least one paragraph:

Imagine a scenario where Jane, an administrative employee of a company, receives a call from

James, the company’s security administrator. He announces that he is calling everyone to inform

them about this coming weekend’s upgrade to the accounting system. James adds that he does

not need anyone’s password to the system, which Jane believes is a secure option. Instead,

James will provide a batch file to complete the update. As an outsider looking into this scenario,

explain the social engineering concerns that Jane should consider. Include the major signs that

would indicate James’s request is either a valid one or one that represents a potential attack on

Jane’s system.

Suggest one strategy that a security department could use in order to raise awareness of social

engineering concerns in an organization. Describe an original scenario similar to the one in the

first portion of this question that brings to light a social engineering attack or concern and the

manner in which the user(s) should react to such an attack.

Any current topic or article related to penetration techniques.

The instructor insight.

SEC 420 Week 8 DQ Latest-Strayer

“Phishing” Selectone of the following and discuss in no less than three paragraphs, and have at least

one response to another student of at least one paragraph:

Research phishing schemes on the web. Find a recent scheme and summarize and discuss why

it may have been successful. What are the red flags that one should look out for to avoid

becoming a victim, and what should one do if one encounters such schemes?

As a security manager what actions might you take to assure your company does not fall victim to

phishing? Include any training or simulation/white hat hacking you might consider.

Any current topic or article related to penetration techniques.

The instructor insight.

SEC 420 Week 9 DQ Latest-Strayer

what if select one of the following and discuss

“What If?” Selectone of the following and discuss in no less than three paragraphs, and have at least one

response to another student of at least one paragraph:

Consider the “what if” case in Chapter 6 ofThreats and Defense Mechanisms. Why was

the Distributed Denial of Service (DDOS) attack successful? What could have been done to

protect one’s company from the attack?

Discuss any DDOS countermeasure, and why you would employ it.

Any current topic or article related to penetration techniques.

The instructor insight.

SEC 420 Week 10 DQ Latest-Strayer

“Buffer Overflow” Selectone of the following and discuss in no less than three paragraphs, and have at

least one response to another student of at least one paragraph:

Explain one of the challenges that a hacker faces when attempting to cause a segmentation fault

by overflowing a buffer. Further, discuss the main ways in which an attacker can avoid detection

of No Operations (NOPs) by an intrusion detection system, and examine the primary reasons why

avoiding such detection is beneficial for executing the attack.

Any current topic or article related to penetration techniques.

The instructor insight.

SEC 420 Week 11 DQ Latest-Strayer

“Security in the Future” Discuss in no less than three paragraphs, and have at least one response to

another student of at least one paragraph:

Based on what you’ve learned in this course, give your opinion on the current state of the security

industry. Take a position on whether you believe that hackers or security personnel have the

greater advantage in the real world. Provide a rationale for your response.

SEC 420 Week 1 Certification Readiness Assessment 1-Strayer

Certification Readiness Assessment 1: Pre-assessment Submission

Click the link above to submit your assignment.

Students, please view the “Submit a Clickable Rubric Assignment” video in the Student Center.

Instructors, training on how to grade is within the Instructor Center.

Certification Readiness Assessment 1: Pre-assessment

Week Due

Title

Points

1

Certification Readiness Assessment 1: Pre-assessment

70

a pre assessment is part of the required

A pre-assessment is part of the required materials for this course. This assessment use the material

covered within the course in order to evaluate your exam readiness. Additional specifics surrounding the

submission and grading of the assessment are located below.

The assessment uses the same web-based CEH assessment and consists of two parts:

A screenshot of the CEH assessment results

A written self-assessment response

Pre-assessment Completion Requirements

Complete the CEH assessment located at https://www.eccouncil.org/programs/certified-ethical-

hacker-ceh/ceh-assessment.

Note: Grading is based on participation and is not influenced by the objective score students

receive on the online assessment.

Take a screenshot of the results page upon completion of the CEH assessment.

Note: This screenshot serves as confirmation of the completed assessment. The screenshot

should at a minimum display your score and general on-screen items. It is not necessary to

include each of the itemized question results. Go to http://www.take-a-screenshot.org/ if you need

a tutorial on taking a screenshot.

Review the interactive results that are displayed with each question. Focus your efforts to gain an

understanding of your strengths and weaknesses with respect to the assessment topics, as well

as the overall concepts that require additional focus.

Please do not be discouraged if you get a low score. This is meant to be an assessment of your

knowledge, skills, and abilities coming into the course. It will help you and your Instructor to know

what you may need more instruction in and what you are already familiar with.

Pre-assessment Submission Requirements

Submit one Microsoft Word document which contains:

1. A screenshot of the completed CEH assessment results.

2. Write a short answer self-assessment in good paragraphs in Word based on the CEH

assessment results in which you :

o

Summarize both your strengths and weaknesses with respect to the topics you covered

in the assessment.

Determine the concepts that you believe challenged you the most and/or those that

require additional focus.

o

Your assignment must follow these formatting requirements:

Combine both elements (screenshot and written self-assessment) into one Microsoft Word

document, or an open-source equivalent.

Documentation must be typed, double-spaced, using Times New Roman font (size 12), with one-

inch margins on all sides.

Include a cover page containing the title of the assignment, your name, the professor’s name, the

course title, and the date. The cover page is not included in the required assignment page length.

grading for the certification pre assessment will

Grading for the certification pre-assessment will be based on the following rubric.

Click here to view the grading rubric.

SEC 420 Week 2 Lab Assignment 1 Latest-Strayer

Click the link above to submit your assignment.

Students, please view the “Submit a Clickable Rubric Assignment” video in the Student Center.

Instructors, training on how to grade is within the Instructor Center.

If you have not logged into the iLabs environment yet, use your access code emailed to you by the

bookstore when you purchased the books to register.

Submit each lab based on the following:

1. Log into the EC-Council iLab environment. http://ilabs.eccouncil.org/

2. Complete the weekly lab assignment described below using EC-Council iLab.

3. Submit the screenshots for the steps specified in each lab assignment. Go to http://www.take-a-

screenshot.org/ if you need a tutorial on taking a screenshot.

4. Write a short answer response in good paragraphs in Word along with the assignment

submission link to the following:

a. Summarize the technical experiences in completing the lab assignment.

b. Identify the commands that were of greatest benefit to you.

c. Provide general comments on the overall lab assignment experience. Note: This is an academic writing

assignment. Correct punctuation, grammar, and spelling are necessary. Points may be deducted for poor

writing.

Lab Assignment 1

Due Week 2 and worth 38 points

Complete the following EC-Council Labs.

Note: Labs contain deliverables that are partially derived from the following course required textbook: EC-

Council Press. (2017). Ethical Hacking and Countermeasures: Attack Phases (2nd ed.). Cengage

Learning.

Deliverable(s) for

Submission

Lab VersionModule Title

Location

Lab #: Title

strayer sec 420 ceh v9

Strayer

SEC 420(CEH

v9)

Footprinting and

Reconnaissance

iLab Module

2

Lab 1 (Exercise I): “Collecting Information on Target

Website Using Firebug.”

1. Screenshots after Steps 6

and 21

Grading for this lab assignment will be based on the following rubric.

Click here to view the grading rubric.

SEC 420 Week 3 Lab Assignment 2 Latest-Strayer

Click the link above to submit your assignment.

Students, please view the “Submit a Clickable Rubric Assignment” video in the Student Center.

Instructors, training on how to grade is within the Instructor Center.

Submit each lab based on the following:

1. Log into the EC-Council iLab environment. http://ilabs.eccouncil.org/

2. Complete the weekly lab assignment described below using EC-Council iLab.

3. Submit the screenshots for the steps specified in each lab assignment. Go to http://www.take-a-

screenshot.org/ if you need a tutorial on taking a screenshot.

4. Write a short answer response in good paragraphs in Word along with the assignment

submission link to the following:

a. Summarize the technical experiences in completing the lab assignment.

b. Identify the commands that were of greatest benefit to you.

c. Provide general comments on the overall lab assignment experience. Note: This is an academic writing

assignment. Correct punctuation, grammar, and spelling are necessary. Points may be deducted for poor

writing.

Lab Assignment 2

Due Week 3 and worth 59 points

Complete the following EC-Council Labs.

Note: Labs contain deliverables that are partially derived from the following course required textbook: EC-

Council Press. (2017). Ethical Hacking and Countermeasures: Attack Phases (2nd ed.). Cengage

Learning.

Lab Version

Module Title

LocationLab #: Title

Deliverable(s) for Submission

iLab

Strayer

SEC 420(CEH

v9)

Scanning

Networks

1. Screenshots after Steps 14, 26,

and 35.

Lab 1 (Exercise IV): “Understanding Network Scanning

Using Nmap”

Module

slide8

3

Grading for this lab assignment will be based on the following rubric.

Click here to view the grading rubric.

SEC 420 Week 4 Lab Assignment 3 Latest-Strayer

Click the link above to submit your assignment.

Students, please view the “Submit a Clickable Rubric Assignment” video in the Student Center.

Instructors, training on how to grade is within the Instructor Center.

Submit each lab based on the following:

1. Log into the EC-Council iLab environment. http://ilabs.eccouncil.org/

2. Complete the weekly lab assignment described below using EC-Council iLab.

3. Submit the screenshots for the steps specified in each lab assignment. Go to http://www.take-a-

screenshot.org/ if you need a tutorial on taking a screenshot.

4. Write a short answer response in good paragraphs in Word along with the assignment

submission link to the following:

a. Summarize the technical experiences in completing the lab assignment.

b. Identify the commands that were of greatest benefit to you.

c. Provide general comments on the overall lab assignment experience. Note: This is an academic writing

assignment. Correct punctuation, grammar, and spelling are necessary. Points may be deducted for poor

writing.

Lab Assignment 3

Due Week 4 and worth 59 points

Complete the following EC-Council Labs.

Note: Labs contain deliverables that are partially derived from the following course required textbook: EC-

Council Press. (2017). Ethical Hacking and Countermeasures: Attack Phases (2nd ed.). Cengage

Learning.

Module

Title

Lab Version

LocationLab #: Title

Deliverable(s) for Submission

Lab 2 (Exercise V): “Performing Network Enumeration

Using NetBIOS Enumerator.”

Enumeration iLab

1. Screenshot after Step 10

2 textbook attack phases chapter 4

2. Textbook: Attack Phases -Chapter 4:

Module

Strayer

SEC 420(CEH

v9)

4

Questions 1-6

Lab 3 (Exercise VI): “Enumerating a Network Using

SoftPerfect Network Scanner.”

1. Screenshots after Steps 8 and 12

Grading for this lab assignment will be based on the following rubric.

Click here to view the grading rubric.

SEC 420 Week 5 Lab Assignment 4 Latest-Strayer

Click the link above to submit your assignment.

Students, please view the “Submit a Clickable Rubric Assignment” video in the Student Center.

Instructors, training on how to grade is within the Instructor Center.

Lab Assignments

Submit each lab based on the following:

1. Log into the EC-Council iLab environment.

2. Complete the weekly lab assignment described below using EC-Council iLab.

3. Submit the screenshots for the steps specified in each lab assignment. Go to http://www.take-a-

screenshot.org/ if you need a tutorial on taking a screenshot.

4. Write a short answer response in good paragraphs in Word along with the assignment

submission link to the following:

1. Summarize the technical experiences in completing the lab assignment.

2. Identify the commands that were of greatest benefit to you.

3. Provide general comments on the overall lab assignment experience.

Note: This is an academic writing assignment. Correct punctuation, grammar, and

spelling are necessary. Points may be deducted for poor writing.

Lab Assignment 4

Due Week 5 and worth 59 points

Complete the following EC-Council Labs.

Note: Labs contain deliverables that are partially derived from the following course required textbook: EC-

Council Press. (2017). Ethical Hacking and Countermeasures: Attack Phases (2nd ed.). Cengage

Learning.

Lab

Version

Module TitleLocationLab #: Title

Deliverable(s) for Submission

System

Hacking

Lab 5 (Exercise V): “Dumping and Cracking SAM Hashes to

Extract Plaintext Passwords.”

1. Screenshot after Step 23

1 screenshot after step 20 2 textbook attack

1. Screenshot after Step 20

2. Textbook: Attack Phases – Chapter 5:

Questions 1-2

Lab 6 (Exercise III): “Auditing System Passwords Using

L0phtCrack.”

Strayer

SEC 420

(CEH v9)

iLab

Module

5

1. Screenshot after Step 8

Lab 7 (Exercise XV): “Viewing, Enabling, and Clearing the

Auditing Policy Using Auditpol.”

Grading for this lab assignment will be based on the following rubric.

Click here to view the grading rubric.

SEC 420 Week 6 Lab Assignment 5 Latest-Strayer

Click the link above to submit your assignment.

Students, please view the “Submit a Clickable Rubric Assignment” in the Student Center.

Instructors, training on how to grade is within the Instructor Center.

Lab Assignments

Submit each lab based on the following:

1. Log into the EC-Council iLab environment.

2. Complete the weekly lab assignment described below using EC-Council iLab.

3. Submit the screenshots for the steps specified in each lab assignment. Go to http://www.take-a-

screenshot.org/ if you need a tutorial on taking a screenshot.

4. Write a short answer response in good paragraphs in Word along with the assignment

submission link to the following:

1. Summarize the technical experiences in completing the lab assignment.

2. Identify the commands that were of greatest benefit to you.

3. Provide general comments on the overall lab assignment experience.

Note: This is an academic writing assignment. Correct punctuation, grammar, and

spelling are necessary. Points may be deducted for poor writing.

Due Week 6 and worth 59 points

Complete the following EC-Council Labs.

Note: Labs contain deliverables that are partially derived from the following course required textbook: EC-

Council Press. (2017). Ethical Hacking and Countermeasures: Threats and Defense Mechanisms (2nd

ed.).

Lab VersionModule TitleLocationLab #: Title

Deliverable(s) for Submission

1. Screenshots after Steps 9 and 18

iLab

Lab 1 (Exercise I): “Creating HTTP Trojan.”

Strayer

SEC 420(CEH

v9)

Malware

Threats

1. Screenshots after Steps 5 and 31

Lab 2 (Exercise IV): “Creating a Trojan Server

Using ProRat Tool.”

Lab 3 (Exercise I): “Creating a Virus Using the

JPS Virus Maker Tool.”

Module

6

1. Screenshot after Steps 4 and 14

2 textbook threats and defense mechanisms chapter

2. Textbook: Threats and Defense Mechanisms–

Chapter 2: Questions 1-3

Grading for this lab assignment will be based on the following rubric.

Click here to view the grading rubric.

SEC 420 Week 7 Lab Assignment 6 Latest-Strayer

Click the link above to submit your assignment.

Students, please view the “Submit a Clickable Rubric Assignment” video in the Student Center.

Instructors, training on how to grade is within the Instructor Center.

Submit each lab based on the following:

1. Log into the EC-Council iLab environment. http://ilabs.eccouncil.org/

2. Complete the weekly lab assignment described below using EC-Council iLab.

3. Submit the screenshots for the steps specified in each lab assignment. Go to http://www.take-a-

screenshot.org/ if you need a tutorial on taking a screenshot.

4. Write a short answer response in good paragraphs in Word along with the assignment

submission link to the following:

a. Summarize the technical experiences in completing the lab assignment.

b. Identify the commands that were of greatest benefit to you.

c. Provide general comments on the overall lab assignment experience. Note: This is an academic writing

assignment. Correct punctuation, grammar, and spelling are necessary. Points may be deducted for poor

writing.

Lab Assignment 6

Due Week 7 and worth 38 points

Complete the following EC-Council Labs.

Note: Labs contain deliverables that are partially derived from the following course required textbook: EC-

Council Press. (2017). Ethical Hacking and Countermeasures: Threats and Defense Mechanisms (2nd

ed.).

Module

Title

Lab Version

LocationLab #: Title

Deliverable(s) for Submission

Strayer

SEC 420(CEH

v9)

Lab 2 (Exercise II): “Spoofing MAC

Address Using SMAC.”

Sniffing

iLab

1. Screenshots after Steps 9 and 25

2 textbook threats and defense mechanisms chapter 1

2. Textbook: Threats and Defense Mechanisms –Chapter

3: Questions 1-3

Module 7

Grading for this lab assignment will be based on the following rubric.

Click here to view the grading rubric.

SEC 420 Week 8 Lab Assignment 7 Latest-Strayer

Click the link above to submit your assignment.

Students, please view the “Submit a Clickable Rubric Assignment” video in the Student Center.

Instructors, training on how to grade is within the Instructor Center.

Submit each lab based on the following:

1. Log into the EC-Council iLab environment. http://ilabs.eccouncil.org/

2. Complete the weekly lab assignment described below using EC-Council iLab.

3. Submit the screenshots for the steps specified in each lab assignment. Go to http://www.take-a-

screenshot.org/ if you need a tutorial on taking a screenshot.

4. Write a short answer response in good paragraphs in Word along with the assignment

submission link to the following:

a. Summarize the technical experiences in completing the lab assignment.

b. Identify the commands that were of greatest benefit to you.

c. Provide general comments on the overall lab assignment experience. Note: This is an academic writing

assignment. Correct punctuation, grammar, and spelling are necessary. Points may be deducted for poor

writing.

Lab Assignment 7

Due Week 8 and worth 59 points

Complete the following EC-Council Labs.

Note: Labs contain deliverables that are partially derived from the following course required textbook: EC-

Council Press. (2017). Ethical Hacking and Countermeasures: Threats and Defense Mechanisms (2nd

ed.).

Lab Version

Module Title

LocationLab #: Title

Deliverable(s) for Submission

iLab

Strayer

SEC 420(CEH

v9)

Social

Engineering

1. Screenshots after Steps 4, 13,

and 25

Lab 1 (Exercise I): “Sniffing Website Credentials using Social

Engineering Toolkit (SET)”

Module

slide13

8

Grading for this lab assignment will be based on the following rubric.

Click here to view the grading rubric.

SEC 420 Week 9 Web Application Attacks Latest-Strayer

Click the link above to submit your assignment.

Students, please view the “Submit a Clickable Rubric Assignment” video in the Student Center.

Instructors, training on how to grade is within the Instructor Center.

Assignment: Web Application Attack Scenario

Due Week 9 and worth 220 points

Suppose that you are currently employed as an Information Security Manager for a medium-sized

software development and outsourcing Services Company. The Software Development Director has

asked you to provide a detailed analytical report for her department regarding the most common web

application threats and the manner in which their products could compromise customer financial data.

She wants your recommendations on which threats and/or vulnerabilities the company should focus on

and your recommendation for mitigation. The products in question use Microsoft SQL Server databases

and IIS Web servers.

Write a paper with no less than four pages in which you:

1. Analyze the common threats/vulnerabilities to data systems such as web applications and data

servers. Speculate on the greatest area of vulnerability and potential for damage and/or data loss

of such data systems.

2. Devise at least one attack scenario, as an example, where a hacker could use the area of

vulnerability that you chose above in order to gain access to a network or sensitive data. Examine

the primary ways in which the hacker could execute such an attack, and suggest the strategic

manner in which a security professional could prevent the attack.

3. Explore the primary role that the human element could play in adding to the attack scenario, if

appropriate. You may wish to decide if the human component is critical in protection from that

type of attack.

4. Draw specific lessons and recommendations as part of the conclusion, and have a strong

concluding paragraph. Be sure to revise your introduction to reflect what the paper accomplished

once you finish your first draft.

5. Use no less than five quality resources in this assignment. Note: Wikipedia and similar websites

do not qualify as quality resources.

Your assignment must follow these formatting requirements:

slide14

Be typed, double-spaced, using Times New Roman font (size 12), with one-inch margins on all

sides; citations and references must follow APA or school-specific format. Check with your

professor for any additional instructions.

Include a cover page containing the title of the assignment, your name, the professor’s name, the

course title, and the date. The cover page and the reference page are not included in the required

assignment page length.

Grading for this assignment will be based on answer quality, logic / organization of the paper, and

language and writing skills, using the following rubric.

Click here to view the grading rubric for this case study.

SEC 420 Week 10 Lab Assignment 8 Latest-Strayer

Click the link above to submit your assignment.

Students, please view the “Submita Clickable Rubric Assignment” video in the Student Center.

Instructors, training on how to grade is within the Instructor Center.

Submit each lab based on the following:

1. Log into the EC-Council iLab environment. http://ilabs.eccouncil.org/

2. Complete the weekly lab assignment described below using EC-Council iLab.

3. Submit the screenshots for the steps specified in each lab assignment. Go to http://www.take-a-

screenshot.org/ if you need a tutorial on taking a screenshot.

4. Write a short answer (four to five (4-5) sentences) in the comment text box located with the

assignment submission link to the following:

a. Summarize the technical experiences in completing the lab assignment.

b. Identify the commands that were of greatest benefit to you.

c. Provide general comments on the overall lab assignment experience. Note: This is an academic writing

assignment. Correct punctuation, grammar, and spelling are necessary. Points may be deducted for poor

writing.

Lab Assignment 8

Due Week 10 and worth 59 points

Complete the following EC-Council Labs.

Note: Lab 1 contains deliverables that are partially derived from the following course required textbook:

EC-Council Press. (2017). Ethical Hacking and Countermeasures: Threats and Defense

Mechanisms (2nd ed.).

lab version module title location

Lab VersionModule TitleLocation

Lab #: Title

Deliverable(s) for Submission

1. Screenshots after Steps 7 and 13

Lab 1 (Exercise I): “SYN Flooding a Target

Host usinghping3.”

Strayer

SEC 420(CEH

v9)

Denial of

Service

2. Textbook: Threats and Defense Mechanisms–

iLab Module 9

Chapter 6: Questions 1-2

Grading for this lab assignment will be based on the following rubric.

Click here to view the grading rubric.

Download Now