Syllabus Information |
Fall 2024
Sep 19, 2024 |
|
 |
||
 | Use this page to maintain syllabus information, learning objectives, required materials, and technical requirements for the course. |
| DEF 6533P - AFSAT: EW IKR CSES |
|---|
|
Associated Term:
Fall 2024
Learning Objectives: Knowing and comprehension of Cybersecurity Fundamentals, open systems interconnection (OSI) model, and cyber for embedded systems Knowing/comprehension of what vulnerability is and what system security procedures, internal controls, system weaknesses, and threats go with the term Knowing/comprehension of criticality impact matrices and business impact analysis Knowing/comprehension of single loss expectancy, annual loss expectancy, and incident handling Understand potential threat vectors for embedded devices Knowing/comprehension of malware, misconfiguration, and physical threats Knowing/comprehension of where to discover the following threats, Common Vulnerabilities & Exposure (CVE) MITRE, MITRE ATT&CK Framework, Computer Emergency Response Team/Coordination Center (CERT/CC), ExploitDB, Searchsploit, Shodan, National Vulnerability Database (NVD) and Google-fu Knowing/comprehension of system applicability and the method to determine applicability Knowing/comprehension of physical access, rubber ducky, bash bunny, and social engineering Knowing/comprehension of remote code execution (RCE) Knowing/comprehension of Rainbow, Dictionary, and Brute Force Password Attacks Knowing/comprehension of Metasploit and Buffer overflow, Kernel exploits Knowing/comprehension of Vulnerable Services and Web Services Application Attacks Knowing/comprehension of Usernames/Passwords, Using Strengthened Password Policy, and Multi-Factor Authentication Knowing/comprehension of Obfuscation, Screen Protector, and Password Manager Knowing/comprehension of Session Management, Patch Management, and Firewalls Knowing/comprehension of Log Aggregation, SPLUNK and Elastic Stack Knowing/comprehension of Scanning tools and Automated Open-Source Tools Knowing/comprehension of What knowledge can be gained from scanning or monitoring network traffic Knowing/comprehension of Aircrack-ng and Airmon-ng Knowing/comprehension of Wireshark- Packet sniffing, Raspberry Pi, and Commercial Aviation Industry Examples Knowing/comprehension of Firmware Cryptography Knowing/comprehension of Secure Boot and Spectre with IBM Example Knowing/comprehension of Firmware Integrity and Hashing Knowing/comprehension of Cybersecurity Maturity Model Certification (CMMC), Agile/Scrum, and National Institute of Standards and Technology (NIST) Knowing/comprehension of Development, Security, and Operations (DevSecOps) Knowing/comprehension of Static/Dynamic Code Analysis and Fuzzing Creation of a defense in depth mindset Development of methodologies for secure programming and design Gain knowledge about network attacks in both an embedded system platform and enterprise environment Discover how hardware and firmware can be analyzed for potential bugs and vulnerabilities Discover how wireless networks and embedded systems can interact Required Materials: Technical Requirements: Student will be issued a laptop, with access to lessons and all course material Course Handbook (hard-copy of all Module slides) will be available for students Student will utilize textbooks and software (as referenced in the Syllabus) |
| Return to Previous | New Search |
|