Professional Documents
Culture Documents
Lecture Zero
Course details
• LTP – 2 0 2 Credits: 3
• Text Book
• CEH V9: Certified Ethical Hacker - Version 9 Study Guide, By
Sean-Philip Oriyano, Publisher: Sybex
• Reference Book
• Mastering Kali Linux For Advanced Penetration Testing By Vijay
Kumar Velu, Publisher: Packt Publishing
Course Assessment Model
• Marks break up*
• Attendance 5
• CA (Two best out of three tasks) 25
• MTE 20
• ETE 50
• Total 100
Details of Academic Task(s)
Academic Objective Detail of Academic Task Academic Mark Allottme
Task Task Mode s nt /
submissi
on Week
Test 1 – MCQs To evaluate subject Test 1 will be conducted in the form MCQs Online 30 3/5
knowledge of each questions inline with CEH (certified ethical
and every student hacker) certification. Total number of
individually questions will be 30,each question will carry
1 mark (no negative marking).
• CO1 :: define the basic concepts of operating systems, cryptography and ethical hacking
• CO2 :: demonstrate various methods of performing footprinting and scanning the target
systems
• CO4 :: examine the usage of sniffers, social engineering techniques and denial of service
attacks for compromising the target
• CO5 :: analyze the functionality of session hijacking, web applications and SQL injection in
testing the security of target
• CO6 :: list the process of identifying the threats to WiFi, Bluetooth, mobile devices, cloud
services and implementing SOC and SIEM solutions
Program Outcomes
• PO 1: Engineering knowledge: Apply the knowledge of mathematics, science,
engineering fundamentals, and an engineering specialization for the solution of
complex engineering problems.
• PO 12: Life-long learning: Recognize the need for, and have the preparation and
ability to engage in independent and life-long learning in the broadest context of
technological change.
Revised Bloom’s Taxonomy
Unit 1
• Introduction to Ethical Hacking : Hacking Evolution, What Is an
Ethical Hacker?, Ethical hacking and Penetration testing, Hacking
methodologies
• System Fundamentals : Fundamental of computer networks,
Exploring TCP/IP ports, Understanding network devices, Proxies,
Firewall and Network Security, Knowing Operating
Systems(Windows, Mac, Android and Linux)
• Cryptography : History of cryptography, Symmetric
cryptography, Asymmetric cryptography, Understanding Hashing,
Issues with cryptography, Application of cryptography(IPsec, PGP,
SSl)
Unit 2
• Footprinting : What is Footprinting, Threats Introduced by
Footprinting, The Footprinting process, Using (Search engine,
Google hacking, Social networking and Financial services)
Information gathering
• Scanning : What is Scanning, Types of Scans, Family tree of
Scans, OS fingerprinting, Countermeasure, Vulnerability Scanning
and Using Proxies
Unit 3
• Enumeration : What is Enumeration, Windows Enumeration,
Enumeration with SNMP, LDAP and Directory Service Enumeration,
SMTP Enumeration
• System Hacking : What is System Hacking, Password cracking,
Authentication on Microsoft Platforms, Executing Applications
• Malware : Malware and the law, Categories of Malware(Viruses,
worms, spyware, Adware, Scareware Ransomware and Trojans),
Overt and Covert Channels
Unit 4
• Sniffers : Understanding Sniffers, Using a Sniffer, Switched
network Sniffing, MAC Flooding, ARP Poisoning, MAC Spoofing,
Port Mirror and SPAN Port, Detecting Sniffing Attacks
• Social Engineering : What is Social Engineering, Social
Engineering Phases, Commonly Employed Threats, Identity Theft
• Denial of Service : Understanding DoS, Understanding DDoS,
DoS Tools, DDoS Tools, DoS Pen- Testing Considerations
Unit 5
• Session Hijacking : Understanding Session Hijacking, Exploring
Defensive Strategies, Network Session Hijacking
• Web Servers and Applications : Exploring the Client-Server
Relationship, The client and the server, Vulnerabilities of Web
Servers and Application, Testing Web Application
• SQL Injection : Introducing SQL Injection, Databases and Their
Vulnerabilities, Anatomy of a SQL Injection Attack, Altering Data
with a SQL Injection Attack, Evading Detection Mechanisms, SQL
Injection Countermeasures
Unit 6
• Hacking Wi-Fi and Bluetooth : What Is a Wireless Network, A
Close Examination of Threats, Hacking Bluetooth
• Mobile Device Security : Mobile OS Models and Architectures,
Goals of Mobile Security, Device Security Models, Countermeasures
• Cloud Technologies and Security : What Is the Cloud, Threats
to Cloud Security, Cloud Computing Attacks, Testing Security in
the Cloud
List of practical/ experiments
• Foot-printing: Demonstration of the process of active and active and passive
information gathering using search engines, GHDB and Netcraft
• Scanning: Demonstration of port, network and vulnerability scanning with the help of
Nmap, Nessus and Rapid7 and AngryIP
• Enumeration: Demonstration of windows, Linux enumeration and network protocol
enumeration with the help of inbuilt utilities and open-source tools
• System Hacking: Demonstration of offline and online password cracking with the
help of dictionary, brute force and hybrid attack and generating rainbow tables
• Sniffing: Demonstration of network sniffing with the help of packet sniffers such as
Wireshark, Tcpdump and Dsniff and understand the data that is being sniffed by the
respective tools
• Denial of Service: Demonstration of various Dos attacks such as Service Request
Floods, ICMP Flooding, Smurf and Fraggle Attacks using different tools
• SQL Injection: Demonstration of various types of SQL injection with the help of
different tools
• SIEM: Demonstration of Log Data Management, Network visibility, Threat
Intelligence, Analytics, Real-time Alerting
Web References
• https://www.cybrary.it/course/ethical-hacking/
• https://www.cybrary.it/course/metasploit/
• https://www.exploit-db.com/google-hacking-database
• https://www.professormesser.com/security-plus/sy0-501/sy0-50
1-training-course/
• https://crucialexams.com/exams/comptia/security+/sy0-501/