SecurityFocus

Graduate CS Pen Testing Class Apr 12 2011 05:36AM
Wesley (wesley-shadoan utulsa edu) (5 replies)

Re: Graduate CS Pen Testing Class Apr 21 2011 05:43PM
Scott (opiesan gmail com)

Re: Graduate CS Pen Testing Class Apr 19 2011 09:50AM
Jirka Vejrazka (jirka vejrazka gmail com)

Re: Graduate CS Pen Testing Class Apr 15 2011 02:51AM
Felipe Martins (martins felipe security gmail com) (1 replies)

RE: Graduate CS Pen Testing Class Apr 19 2011 08:48AM
Georges Samaha (georges samaha bmbgroup com) (1 replies)

Re: Graduate CS Pen Testing Class Apr 19 2011 09:46AM
Giles Coochey (giles coochey net) (1 replies)

Re: Graduate CS Pen Testing Class Apr 22 2011 07:17PM
Steve Pinkham (steve pinkham gmail com) (1 replies)

Re: Graduate CS Pen Testing Class May 09 2011 01:46PM
Fredrik Strömberg (stromberg insto org)

Re: Graduate CS Pen Testing Class Apr 12 2011 07:49PM
Jonathan Cran (jcran 0x0e org)

RE: Graduate CS Pen Testing Class Apr 12 2011 07:04PM
Paxton, Seth (Seth Paxton echostar com)

Personally, I think it would be beneficial to teach students a well known auditing methodology (NSA IAM/IEM, Octave, etc.). After that has been established, have the students use the methodology in a lab environment and provide an auditing report that would be useful for a typical corporation.

This may not encompass the entire scope of what you have to teach, but I think it would be a good start. This would better prepare students on how to report their findings to management.

Seth Paxton
Data Security Engineer
Email: seth.paxton (at) echostar (dot) com [email concealed]
Phone: (307) 633-5487
EchoStar Broadcasting

-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Wesley
Sent: Monday, April 11, 2011 11:36 PM
To: pen-test (at) securityfocus (dot) com [email concealed]
Subject: Graduate CS Pen Testing Class

Hi All,

I've been asked to teach a graduate level computer science course on
network auditing and penetration. I'm hoping to make the class as
hands on as possible, covering material from enumeration to system
hacking. What practical scenarios should be included in the course
content? I'd like to cover a range of popular tools but at the same
time make it more than a script kiddie class. Each scenario should
teach concepts as well as getting students familiar with different
security tools. If you were to one day have these students either
conducting audits for you or working for you what skill set would you
like them to have?

Thanks

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

[ reply ]