INFO70246
Offensive Security 2
Sheridan
 
  I: Administrative Information   II: Course Details   III: Topical Outline(s)  Printable Version
 

Land Acknowledgement

Sheridan College resides on land that has been, and still is, the traditional territory of several Indigenous nations, including the Anishinaabe, the Haudenosaunee Confederacy, the Wendat, and the Mississaugas of the Credit First Nation. We recognize this territory is covered by the Dish with One Spoon treaty and the Two Row Wampum treaty, which emphasize the importance of joint stewardship, peace, and respectful relationships.

As an institution of higher learning Sheridan embraces the critical role that education must play in facilitating real transformational change. We continue our collective efforts to recognize Canada's colonial history and to take steps to meaningful Truth and Reconciliation.


Section I: Administrative Information
  Total hours: 42.0
Credit Value: 3.0
Credit Value Notes: N/A
Effective: Fall 2022
Prerequisites: (INFO70240 OR INFO70245)
Corequisites: N/A
Equivalents: N/A
Pre/Co/Equiv Notes: N/A

Program(s): Cyber Security - Offensive
Program Coordinator(s): N/A
Course Leader or Contact: N/A
Version: 20220906_01
Status: Approved (APPR)

Section I Notes: Access to course materials and assignments will be available on Sheridan's Learning and Teaching Environment (SLATE). Students will need reliable access to a computer and the internet.

 
 
Section II: Course Details

Detailed Description
In this course, students learn and apply the basic principles of cryptography, review ciphers, hashing, digital certificates, and public key infrastructure. Students delve into web server and web application attacks, methodologies, and common tools to demonstrate ethical hacking. Students assess basics of firewalls, IPS/IDS, and honeypots and realize how hackers exploit user trust. Students will also demonstrate how to exploit SQL injection vulnerabilities and provide countermeasures. By the end of the course, students will be prepared to complete the CEH examination and to implement offensive security strategies to effectively protect computer systems in their business or company.

Program Context

 
Cyber Security - Offensive Program Coordinator(s): N/A
Micro-Credential: Cybersecurity- Offensive Security


Course Critical Performance and Learning Outcomes

  Critical Performance:
By the end of this course, learners will be able to use ethical hacking tools, techniques, and methodologies to setup security infrastructure to minimize the risk of malicious attacks.
 
Learning Outcomes:

To achieve the critical performance, students will have demonstrated the ability to:

  1. Explain basic principles of cryptography and concepts such as ciphers, hashing, digital certificates, key management, and PKI.
  2. Identify vulnerabilities and analyze security loopholes that can be used to hack web servers and web applications.
  3. Understand and demonstrate how malicious actors use social engineering to manipulate user trust, evade detection by IPS/IDS/firewalls, and detect honeypots.
  4. Demonstrate how to exploit SQL injection vulnerabilities and explain countermeasures.
  5. Demonstrate hacking wireless networks.
  6. Explain and apply hacking IoT devices and security in cloud computing.

Evaluation Plan
Students demonstrate their learning in the following ways:

 Evaluation Plan: ONLINE
 Assignment 110.0%
 Assignment 210.0%
 Assignment 310.0%
 Midterm Exam35.0%
 Final Exam35.0%
Total100.0%

Evaluation Notes and Academic Missed Work Procedure:
TEST AND ASSIGNMENT PROTOCOL The following protocol applies to every course offered by Continuing and Professional Studies. 1. Students are responsible for staying abreast of test dates and times, as well as due dates and any special instructions for submitting assignments and projects as supplied to the class by the instructor. 2. Students must write all tests at the specified date and time. Missed tests, in-class/online activities, assignments and presentations are awarded a mark of zero. The penalty for late submission of written assignments is a loss of 10% per day for up to five business days (excluding Sundays and statutory holidays), after which, a grade of zero is assigned. Business days include any day that the college is open for business, whether the student has scheduled classes that day or not. An extension or make-up opportunity may be approved by the instructor at his or her discretion.

Provincial Context
The course meets the following Ministry of Colleges and Universities requirements:


 

Essential Employability Skills
Essential Employability Skills emphasized in the course:

  • Communication Skills - Communicate clearly, concisely and correctly in the written, spoken, visual form that fulfills the purpose and meets the needs of the audience.
  • Critical Thinking & Problem Solving Skills - Use a variety of thinking skills to anticipate and solve problems.
  • Information Management - Locate, select, organize and document information using appropriate technology and information systems.
  • Personal Skills - Manage the use of time and other resources to complete projects.

Prior Learning Assessment and Recognition
PLAR Contact (if course is PLAR-eligible) - Office of the Registrar

  • Not Eligible for PLAR

 
 
Section III: Topical Outline
Some details of this outline may change as a result of circumstances such as weather cancellations, College and student activities, and class timetabling.
Instruction Mode: Online
Professor: N/A
Resource(s):
 TypeDescription
RequiredTextbookCEH Certified Ethical Hacker All-in-One Exam Guide, Matt Walker, McGraw-Hill, 5th Edition, ISBN 9781264269945, 2021
RequiredTextbookCEH v11 Certified Ethical Hacker Study Guide, Ric Messier, Sybex, ISBN 978-1119800286, 2021

Applicable student group(s): FCAPS - Cybersecurity Offensive Micro-credential
Course Details:

Module 1: Cryptography 

Cryptography, encryption, hashing and key management 

Public key infrastructure, digital certificates 

Cryptanalysis and cryptographic attacks. 

 

Module 2: Hacking Web Servers and Web Applications 

Web server and web application attacks 

Methodologies and common tools for hacking 

OWASP top 10 

(Assignment 1 – 10%) 

 

Module 3: Social Engineering; Evading IDS, Firewall, and Honeypots 

Exploiting user trust using social engineering 

Basics of Firewalls, IDS, and honeypots 

Evading IDS, Firewall and detecting Honeypots 

(Midterm exam – 35%) 

 

Module 4: SQL Injection  

SQL injection types, methodologies, and common tools 

Exploiting SQL injection vulnerabilities 

Countermeasures to defect and detect against SQL injection 

(Assignment 2 – 10%) 

 

Module 5: Hacking Wireless Networks  

Basics of wireless network security 

Threats, hacking methodologies, and tools 

Hacking Bluetooth and IEEE802.11 

(Assignment 3 – 10%) 

 

Module 6: Hacking Cloud Computing and IoT Hacking 

Cloud based architectures, technologies, and threats 

IoT technologies, protocols, and threats 

Hacking tools, methodologies, and countermeasures 

(Final exam – 35%) 



Sheridan Policies

It is recommended that students read the following policies in relation to course outlines:

  • Academic Integrity
  • Copyright
  • Intellectual Property
  • Respectful Behaviour
  • Accessible Learning
All Sheridan policies can be viewed on the Sheridan policy website.

Appropriate use of generative Artificial Intelligence tools: In alignment with Sheridan's Academic Integrity Policy, students should consult with their professors and/or refer to evaluation instructions regarding the appropriate use, or prohibition, of generative Artificial Intelligence (AI) tools for coursework. Turnitin AI detection software may be used by faculty members to screen assignment submissions or exams for unauthorized use of artificial intelligence.

Course Outline Changes: The information contained in this Course Outline including but not limited to faculty and program information and course description is subject to change without notice. Nothing in this Course Outline should be viewed as a representation, offer and/or warranty. Students are responsible for reading the Important Notice and Disclaimer which applies to Programs and Courses.


[ Printable Version ]

Copyright © Sheridan College. All rights reserved.