CYBV 480 will provide students with an introduction to cyber warfare along with its policy, doctrine, and operational constraints. A broad survey of cyber tools, techniques and procedures will be presented, and students will use hands-on labs to practice and implement attack methodologies. CYBV 480 meets the National Security Agency (NSA) Center of Academic Excellence in Cyber Operations (CAE-CO) academic requirements for Offensive Cyber Operations.
The student will:
- Understand the phases of offensive cyber operations, what each phase entails, who has authorities to conduct each phase, and how operations are assessed after completion.
- Apply the legal, ethical and policy issues associated with Cyber Operations.
- Describe and demonstrate how to plan, conduct, and defend against automated and web-based reconnaissance.
- Explain and demonstrate how to extract metadata from files and how to defend against metadata reconnaissance.
- Identify and describe network scanning methodology, including the types of network scans and practical scanning considerations.
- Describe and demonstrate how to perform vulnerability scanning.
- Identify and describe the Metasploit framework including its Interfaces, Modules, and Exploit Creation tools.
- Describe and demonstrate how to gain and leverage shell access to identify and obtain important data from the victim machine.
- Identify and describe the different types of password attacks, their strengths and weaknesses and when each is most effective.
- Identify & discuss the similarities and differences between reflected and stored XSS attacks.
- Describe the characteristics and operation of a command injection attack.
- Demonstrate how a command injection attack is used to gain shell access on a victim machine.
- Identify and describe the different types of SQL injection attacks.