Changes

Jump to: navigation, search

SEC520 Weekly Schedule

3,013 bytes removed, 14:57, 21 July 2023
m
Protected "SEC520 Weekly Schedule": OER transfer ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite))
=SEC520 Weekly Schedule=
== Winter 2018==
::Instructor:<br />Austin (SAA)<br />Craig Barretto (craig.barretto@senecacollege.ca)
1 credit
::*Quizzes Quiz and Labs ( 4 Quizes 8%Quiz, 6 of 7 Labs (1215%))::::'''Logbooks due April 10th, 2018'''::*Assignments (2) 20%::::'''Assignment 1 - Due Date March 9''''''::::'''Assignment 2 - Due Date TBA''''''::*Tests (2)30%::::'''Written Test - March 8''''''::::'''Lab Test - March 15'''''::*Final Test 35%
{|width="100%" border="1" cellspacing="2"
| style="width: 10%;" |
::* [http://zenit.senecac.on.ca/wiki/index.php/SEC520 SEC520 WIKI]
::* [https://scs.senecac.on.ca/course/sec520 Course Outline]
::* [https://cs.senecac.on.ca/~scs/DonMillsPolicies/policy.html Course Policies]::* [http://zenit.senecac.on.ca/wiki/index.php/SEC520#Supplies_Checklist_ Required Materials are listed in your Supplies Checklist.28Required_for_Second_ClassOther materials and references are noted week by week.29 Required Materials]
::*[http://atlas.arbor.net/ ATLAS Web-page] (Active Threat Level Analysis System)
::*[http://www.sans.org/top-cyber-security-risks/summary.php Top Security Risks 2009 (SANS Institute)]
::*[https://github.com/WebGoat/WebGoat/wiki Webgoat]
:'''Week 6'''
More on mysql injection and Webgoat
|
::* [[https://www.youtube.com/watch?v=Rqt_BgG5YyI Blind MySQL injection video]]
'''Moved until after the break'''
:'''Hardening Windows 7/8/10'''
::*Installing and Configuring Security Configuration Wizard
::# Quiz 2 (February 22)
::Continue working on '''Lab 4'''
|
:'''Assignment #1:'''
::* Assignment Instructions (N/A)
::Continue working on '''Lab 4''' and install Webgoat
:'''Lab 5:'''
::*'''Hardening Windows 7/8/10'''
::Continue working on '''Lab 5'''
::Work on '''Assignment #1'''
:'''System Hardening in Linux:Types of Penetration Testing'''::*Purpose::*Rule of Preventative Action::*Rule of Separation::*Rule of Least PrivilegeNetwork:::*AAA Protocol (Authentication):Access Control::::*PKIInfrastructure / Patching::::*PAMPhysical/Building Security::::*KerebosSocial Engineering
|
:'''Slides (Concepts):See Blackboard''' ::* [ [http://cs.senecac.on.ca/~fac/sec520/slides/sec520_w3_l1b.odp odp] ] [ [http://cs.senecac.on.ca/~fac/sec520/slides/sec520_w3_l1b.pdf pdf] ] [ [http://cs.senecac.on.ca/~fac/sec520/slides/sec520_w3_l1b.pptx pptx] ] Linux Hardening - Part 1::*[[https://www.digitalocean.com/community/tutorials/how-to-use-pam-to-configure-authentication-on-an-ubuntu-12-04-vps PAM Configuration HOWTO]]::*[[http://hexten.net/assets/pam_abl_doc/index.html PAM Auto Blacklist Module HOWTO]]:'''Reading References:''' ::*[https://www.sans.org/media/score/checklists/ID-Linux.pdf Intrusion Discovery - Linux]::*[http://lcweb.senecac.on.ca:2063/0596003919 Linux Security Cookbook (E-book)]<br />(Chapter 4 - Pages: )
:'''YouTube Videos:'''
::*Linux Hardening
:::[http://www.youtube.com/watch?v=GJMKgV8V4FI Part1] | [http://www.youtube.com/watch?v=M9LdGH_AIZo Part 2] | [http://www.youtube.com/watch?v=0tEBXWU6Au4 Part 3]
::*[http://www.youtube.com/watch?v=yy1NR74ttAw&feature=results_main&playnext=1&list=PL48E055817B95897B PAM]
:'''Resources:'''
::* [http://www.linuxdoc.org/HOWTO/User-Authentication-HOWTO/x115.html Why Use PAM?]
::* [http://www.ibm.com/developerworks/linux/library/l-pam/index.html Understanding and Configuring PAM]
:'''Lab 6:'''
::System Hardening::*[https://scs.senecac.Work on.ca/~fac/sec520/labs/SEC520_Lab_6.html Linux System Hardening (part 1)]vulnerable Windows 7 VM CTF
:'''System Hardening in Linux / Continued:Passwords, Pwn'ing, & Pillaging'''::*AAA Protocol (Authorization)::::*ACLs:::*SELinux:::*Sudo:::*Cron Jobs:::*Turning Off Xwindows
:'''Slides (Concepts):See Blackboard'''::* [ [http://cs.senecac.on.ca/~fac/sec520/slides/sec520_w4_l1.odp odp] ] [ [http://cs.senecac.on.ca/~fac/sec520/slides/sec520_w4_l1.pdf pdf] ] [ [http://cs.senecac.on.ca/~fac/sec520/slides/sec520_w4_l1.ppt ppt] ] Linux Hardening - Part 2 :'''YouTube Videos:'''::*[http://www.youtube.com/watch?v=6piQXXHTmqk ACLs]::*[http://www.youtube.com/watch?v=fpXuWhshKVA SELinux]::*[http://www.youtube.com/watch?v=imnEUvvDxc4 Sudo]::*[http://www.youtube.com/watch?v=4Icg3MYZZqI Cron Jobs] :'''Reading References:'''::*[http://lcweb.senecac.on.ca:2063/0596003919 Linux Security Cookbook]<br />(Chapter 5 - Pages: )::*[http://lcweb.senecac.on.ca:2063/0131963694?uicode=seneca SELinux by Example]<br />(Chapter x - Pages: )
:'''Resources:'''
::* [http://www.linuxquestions.org/linux/answers/security/acls_extended_filepermissions How to Use ACLs]
::* SELinux
::* [http://www.sudo.ws/sudo/intro.html Sudo In a Nutshell]
:'''Lab 7:'''
::System Hardening::*[https://scs.senecac.Continue to work on.ca/~fac/sec520/labs/SEC520_Lab_7.html Linux System Hardening (part 2)]   :'''Assignment #2:'''::*Assignment Instructions (N/A)vulnerable Windows 7 VM CTF
:'''System Hardening in Linux / Continued:Metasploit and Metasploitable 2'''::*Complete Labs 6 and 7
:'''Labs:'''
::*Complete Labs 6 and 7
|
 
 
:'''Intrusion Detection:'''
::*Purpose
::*Logs
::*Monitoring
::*Iptables
::*Using Tripwire
:'''Additional Considerations:'''
::*Decoys: Honey-Pots
::*DMZs
::*Disaster Recovery
::*The BIGGER Picture
|
 
:'''Slides (Concepts):'''
::*[ [http://cs.senecac.on.ca/~fac/sec520/slides/sec520_w9_l1.odp odp] ] [ [http://cs.senecac.on.ca/~fac/sec520/slides/sec520_w9_l1.pdf pdf] ] [ [http://cs.senecac.on.ca/~fac/sec520/slides/sec520_w9_l1.ppt ppt] ] Intrusion Detection / Using Tripwire
 
:'''Reading References:'''
::*[http://www.sans.org/score/checklists/ID_Linux.pdf Intrusion Discovery - Linux]
::*[http://lcweb.senecac.on.ca:2063/0596003919 Linux Security Cookbook]<br />(Chapter 1 - Pages: )
 
:'''YouTube Videos:'''
::*[http://www.youtube.com/watch?v=kUdCsZpt2ew Iptables]
 
:'''Additional Resources:'''
::*
:'''Lab 8:'''
::*[https://scs.senecac.on.ca/~fac/sec520/labs/SEC520_Lab_8.html Intrusion Detection]
|- valign="top"

Navigation menu