SCIA 472 โ Hacking Exposed & Incident Response¶
Department of Computer Science & Information Technology
Frostburg State University ยท Spring 2026 ยท Instructor: Dr. Chen
Co-requisite: COSC 331
Course Overview¶
This course delivers a rigorous, hands-on exploration of modern offensive and defensive cybersecurity. Students examine the complete lifecycle of real-world attacks โ from initial reconnaissance through full compromise โ and develop the skills to detect, contain, and recover from security incidents using industry-standard frameworks and tools.
What You Will Learn
By the end of this course, you will be able to:
- Perform structured ethical hacking assessments of networks, systems, and web applications
- Identify, analyze, and exploit common vulnerabilities using professional penetration testing tools
- Apply the NIST and SANS incident response frameworks to real-world security events
- Conduct digital forensics and evidence collection following chain-of-custody procedures
- Design and evaluate countermeasures against modern attack techniques
- Analyze historical breach case studies and extract actionable defensive lessons
Course Objectives¶
| # | Objective |
|---|---|
| CO1 | Demonstrate ethical hacking methodology using industry frameworks (PTES, OWASP, NIST) |
| CO2 | Execute network reconnaissance, scanning, and enumeration using professional tools |
| CO3 | Identify and exploit vulnerabilities in systems and web applications in lab environments |
| CO4 | Assess wireless network security and simulate common wireless attacks |
| CO5 | Implement the full incident response lifecycle using NIST SP 800-61 |
| CO6 | Perform basic malware analysis and identify indicators of compromise |
| CO7 | Apply digital forensics techniques and maintain evidence integrity |
| CO8 | Communicate findings through professional penetration testing reports |
15-Week Reading Schedule¶
| Week | Topic | Objectives | Focus Area |
|---|---|---|---|
| Week 1 | Ethical Hacking Foundations & the Cyber Kill Chain | CO1 | ๐ฏ Foundations |
| Week 2 | Reconnaissance & Open Source Intelligence (OSINT) | CO2 | ๐ Recon |
| Week 3 | Network Scanning & Enumeration | CO2 | ๐ Scanning |
| Week 4 | Vulnerability Assessment | CO1, CO2 | ๐ฌ Analysis |
| Week 5 | Exploitation Fundamentals & Metasploit | CO3 | ๐ฅ Exploitation |
| Week 6 | Web Application Attacks (OWASP Top 10) | CO3 | ๐ Web Security |
| Week 7 | Wireless Network Security & Attacks | CO4 | ๐ก Wireless |
| Week 8 | Password Attacks & Credential Exploitation | CO3 | ๐ Credentials |
| Week 9 | Social Engineering & Phishing | CO1, CO3 | ๐ญ Social Eng. |
| Week 10 | Post-Exploitation & Lateral Movement | CO3 | ๐ต๏ธ Post-Exploit |
| Week 11 | Malware Analysis Fundamentals | CO6 | ๐ฆ Malware |
| Week 12 | Incident Response โ Preparation & Detection | CO5 | ๐จ IR Phase I |
| Week 13 | Incident Response โ Containment, Eradication & Recovery | CO5 | ๐ก๏ธ IR Phase II |
| Week 14 | Digital Forensics Fundamentals | CO7 | ๐ Forensics |
| Week 15 | Real-World Case Studies & Capstone Review | CO1โCO8 | ๐ Capstone |
Core Textbooks & Resources¶
Primary References
- Hacking Exposed 7 โ McClure, Scambray, Kurtz (McGraw-Hill)
- The Web Application Hacker's Handbook, 2nd Ed. โ Stuttard & Pinto
- The Art of Exploitation, 2nd Ed. โ Jon Erickson
- NIST SP 800-61 Rev. 2 โ Computer Security Incident Handling Guide (free, NIST.gov)
- SANS Reading Room โ whitepapers.sans.org
Essential Tools Covered
nmap ยท Metasploit ยท Burp Suite ยท Wireshark ยท Aircrack-ng ยท John the Ripper / Hashcat ยท Volatility ยท Autopsy ยท Maltego ยท theHarvester
Assessment Structure¶
Lab Reports 30% (weekly hands-on exercises)
Midterm Exam 20% (Weeks 1โ7)
Penetration Test 25% (team-based, Weeks 10โ14)
Incident Response 15% (tabletop exercise, Week 13)
Final Exam 10% (comprehensive)
Navigate to any week using the table above or the sidebar.