Cybersecurity Techniques and Operations.
This course introduces tools and techniques used to secure and analyze large computer networks and systems. Students will systematically learn C programming in the first part of the course, which forms a foundation for many cybersecurity operations, such as malware analysis, understanding network protocol stack, etc. In the second part, students will explore and map networks using a variety of diagnostic software tools, learn advanced packet analysis, configure firewalls, write intrusion detection rules, perform forensic investigation, and practice techniques for penetration testing. The objectives are:
- Understand the concepts and major constructs of the C programming language,
- Master the programming skills of the C programming language,
- Be able to analyze the C source code to infer the functionality of a given code segment, C function, C program etc,
- Grasp the needed techniques and skills to write a C program in cybersecurity operations such as a network protocol stack,
- Monitor and analyze network traffic. Identify and trace the traffic when intrusion is detected in the network,
- Identify and evaluate the vulnerabilities in the network and implement effective countermeasures to protect the network,
- Master the technologies to exploit the vulnerabilities in a remote system,
- Analyze the vulnerabilities in wireless communication network,
- Manage data and personal information in a secure manner.
Course Material
During my time at Old Dominion University, I have taken a plethora of courses regarding cyber topics and political science backgrounds. I would like to use both of these to help put me in a position to understand cyber security policy and even shape the future of all cyber policy going forward. Two of the courses I took were CYSE 406 (Cyber Law) and CYSE 301 (Cyber Techniques and Operations). Both of these courses have challenged me to complete competitive course work involving using many different programs to analyze data, and creating proper layouts for forensic labs. In My Cyber Techniques and Operations course, we have been working using both Wireshark and Tshark to trace traffic and sniff information from a workstation via virtual machines provided by the university. In a past activity we completed in the course we used wireshark to sniff a password from another workstation to then record and submit the process for which we were able to acquire the information.
This activity we completed serves to be informational and important for what I would like to be a part of in my career. Within my field penetration testing is an important skill to know. This allows individuals to protect your network from attackers by attempting to compromise it. This allows the owner of the network to understand possible compromises to the system, and lets professionals assess their system for safety and places in which information could be leaked. This exercise allowed me to practice my knowledge of compromising networks using Wireshark and monitoring network traffic to see what activity is happening that cannot be seen by others. In some of these cases, the companies that we would be protecting would have no idea about a data leak before it was either too late or the attacker has taken sensitive information without them knowing and then using said information. At that point recovering the stolen data is extremely hard to do, and will often end with the attacker requesting or demanding some type of compensation or ransom to release the information back to the rightful owner.
Below are projects worked on in my CYSE 301 course with examples of using Wireshark and captions describing the importance of the activity conducted.
Some of the hands-on labs are as follows:
- Traffic tracing through Wireshark and TCPdump
- Firewall configuration with pfSense
- Penetration test on Windows
- Password cracking
- Information hiding