This "Defense-in-Depth" course provides the student detailed understanding of the need for internal and external vulnerability assessment. An integral technical part of any risk management program, this course goes hand-in-hand with the more analytical practices in IAE-674.
Differentiate among different types of hackers
Articulate the difference between hackers and security professionals
Understand security vulnerabilities, exposures and risks
Understand what social engineering is and how it is done
Identify UNIX/Linux and Windows vulnerabilities specifically
Understand where firewalls fit in defenses against hackers
Have an opportunity to use hacking tools and understand what it is hackers do
Understand denial of service attacks and what effect they can have
Understand the importance of both vulnerability assessment and penetration testing in assessing the overall security of the system
Understand the importance of research methods when applied to vulnerability analysis and mitigation techniques
Understand the importance of collaboration and report writing in the conveyance of threat, vulnerability, and impact considerations
Understand the basics of the System Security Authorization Agreement (SSAA) process
Be competent with tools for network security evaluation.
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.