CS640: Penetration Testing and Ethical Hacking

Course Credits:
Course Hours Per Week:

Course Overview

This course introduces penetration testing as a means for organizations to build a stronger information security profile. This course presents the penetration testing process, as well as a view into the tools that are used in the industry and how they can be applied.

In the course project, Penetration Testing Plan: Creating Rules of Engagement and Scope for Penetration Testing, students create the rules of engagement and scoping documentation for a case study company. Students will complete a series of assignments that provide hands-on experience in working through the penetration testing planning process and in documenting such plans for an organization.

Course Learning Objectives

  • Evaluate legal and ethical issues surrounding penetration testing.
  • Classify the phases of penetration testing.
  • Analyze how reconnaissance can be used in a penetration test.
  • Plan for scanning tools and techniques to form the basis of the later penetration testing phases.
  • Explain the place of system exploitation in penetration testing, differentiating web exploitation from system exploitation.
  • Design methods to maintain access to a compromised system, and when this technique might be used.
  • Create a rules of engagement and scoping document for conducting a penetration test at an organization.

Special Requirements

The CISSP All-in-One Exam Guide is a required resource that you will use throughout this set of specialization courses for Cyber Security. It is listed as a required text in all Cyber Security courses. You only need to purchase it once, unless later editions of the guide are released as you pursue the specialization.