SCIA 472 — Hacking Exposed & Incident Response¶
Department of Computer Science & Information Technology
Frostburg State University · Spring 2026 · Instructor: Dr. Chen
Co-requisite: COSC 331
Course Overview¶
This course delivers a rigorous, hands-on exploration of modern offensive and defensive cybersecurity. Students examine the complete lifecycle of real-world attacks — from initial reconnaissance through full compromise — and develop the skills to detect, contain, and recover from security incidents using industry-standard frameworks and tools.
What You Will Learn
By the end of this course, you will be able to:
- Perform structured ethical hacking assessments of networks, systems, and web applications
- Identify, analyze, and exploit common vulnerabilities using professional penetration testing tools
- Apply the NIST and SANS incident response frameworks to real-world security events
- Conduct digital forensics and evidence collection following chain-of-custody procedures
- Design and evaluate countermeasures against modern attack techniques
- Analyze historical breach case studies and extract actionable defensive lessons
Course Objectives¶
| # | Objective |
|---|---|
| CO1 | Demonstrate ethical hacking methodology using industry frameworks (PTES, OWASP, NIST) |
| CO2 | Execute network reconnaissance, scanning, and enumeration using professional tools |
| CO3 | Identify and exploit vulnerabilities in systems and web applications in lab environments |
| CO4 | Assess wireless network security and simulate common wireless attacks |
| CO5 | Implement the full incident response lifecycle using NIST SP 800-61 |
| CO6 | Perform basic malware analysis and identify indicators of compromise |
| CO7 | Apply digital forensics techniques and maintain evidence integrity |
| CO8 | Communicate findings through professional penetration testing reports |
15-Week Reading Schedule¶
| Week | Topic | Objectives | Focus Area |
|---|---|---|---|
| Week 1 | Ethical Hacking Foundations & the Cyber Kill Chain | CO1 | 🎯 Foundations |
| Week 2 | Reconnaissance & Open Source Intelligence (OSINT) | CO2 | 🔍 Recon |
| Week 3 | Network Scanning & Enumeration | CO2 | 🌐 Scanning |
| Week 4 | Vulnerability Assessment | CO1, CO2 | 🔬 Analysis |
| Week 5 | Exploitation Fundamentals & Metasploit | CO3 | 💥 Exploitation |
| Week 6 | Web Application Attacks (OWASP Top 10) | CO3 | 🌍 Web Security |
| Week 7 | Wireless Network Security & Attacks | CO4 | 📡 Wireless |
| Week 8 | Password Attacks & Credential Exploitation | CO3 | 🔑 Credentials |
| Week 9 | Social Engineering & Phishing | CO1, CO3 | 🎭 Social Eng. |
| Week 10 | Post-Exploitation & Lateral Movement | CO3 | 🕵️ Post-Exploit |
| Week 11 | Malware Analysis Fundamentals | CO6 | 🦠 Malware |
| Week 12 | Incident Response — Preparation & Detection | CO5 | 🚨 IR Phase I |
| Week 13 | Incident Response — Containment, Eradication & Recovery | CO5 | 🛡️ IR Phase II |
| Week 14 | Digital Forensics Fundamentals | CO7 | 🔎 Forensics |
| Week 15 | Real-World Case Studies & Capstone Review | CO1–CO8 | 📋 Capstone |
Core Textbooks & Resources¶
Primary References
- Hacking Exposed 7 — McClure, Scambray, Kurtz (McGraw-Hill)
- The Web Application Hacker's Handbook, 2nd Ed. — Stuttard & Pinto
- The Art of Exploitation, 2nd Ed. — Jon Erickson
- NIST SP 800-61 Rev. 2 — Computer Security Incident Handling Guide (free, NIST.gov)
- SANS Reading Room — whitepapers.sans.org
Essential Tools Covered
nmap · Metasploit · Burp Suite · Wireshark · Aircrack-ng · John the Ripper / Hashcat · Volatility · Autopsy · Maltego · theHarvester
Assessment Structure¶
Lab Reports 30% (weekly hands-on exercises)
Midterm Exam 20% (Weeks 1–7)
Penetration Test 25% (team-based, Weeks 10–14)
Incident Response 15% (tabletop exercise, Week 13)
Final Exam 10% (comprehensive)
Navigate to any week using the table above or the sidebar.