CYBR 412 Vulnerability Assessment and Penetration Testing
To properly secure an organization¿s information infrastructure and assets, periodic assessments of security posture at multiple levels are critical. This course provides a comprehensive approach to penetration testing and vulnerability assessment, covering key phases from reconnaissance to exploitation and post-exploitation techniques. Students will apply industry-standard penetration testing methodologies, use advanced tools such as Nmap, Wireshark, Metasploit, and Snort, and conduct controlled cybersecurity testing to simulate real-world attacks. Emphasis is placed on reporting and remediation, ensuring students can document findings and recommend actionable security improvements. This course aligns with CompTIA PenTest+ certification objectives, equipping students with essential offensive security skills needed for penetration testing, ethical hacking, and vulnerability analysis.
First day attendance is mandatory.
Formerly: ICS 482. Note: Students are responsible to both be aware of and abide by prerequisites for CFS/CYBR/ICS courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites.
Prerequisites
Special information
Formerly: ICS 482. Note: Students are responsible to both be aware of and abide by prerequisites for CFS/CYBR/ICS courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites.
4 Undergraduate credits
Effective May 6, 2020 to present
Learning outcomes
General
- Evaluate cybersecurity theories related to human behavior, threat actors, and the strategic objectives of vulnerability assessments and penetration testing.
- Assess cyber threats, exploits, and attack methodologies to differentiate between various penetration testing scenarios and threat landscapes.
- Execute ethical hacking phases, including reconnaissance, scanning, exploitation, maintaining access, and covering tracks, within controlled environments.
- Analyze and utilize industry-standard tools (e.g., Wireshark, Nmap, Snort, Metasploit) to conduct comprehensive network and system vulnerability assessments.
- Design and implement penetration testing strategies, including privilege escalation, remote and client-side attacks, and web application exploitation.
- Develop and apply advanced evasion techniques, such as tunneling and firewall bypassing, to assess network security defenses.
- Interpret and synthesize penetration testing results to formulate detailed security reports, communicate findings, and recommend mitigation strategies for identified vulnerabilities.
- Assess and justify ethical considerations in vulnerability assessments and penetration testing, including responsible disclosure, legal constraints, and professional conduct.
Spring 2025
| Section | Title | Instructor | books | eservices |
|---|---|---|---|---|
| 50 | Vulnerability Assessment and Penetration Testing | Helmus, Jonathan C | Books for CYBR-412-50 Spring 2025 | Course details for CYBR-412-50 Spring 2025 |
Summer 2025
| Section | Title | Instructor | books | eservices |
|---|---|---|---|---|
| 50 | Vulnerability Assessment and Penetration Testing | Helmus, Jonathan C | Books for CYBR-412-50 Summer 2025 | Course details for CYBR-412-50 Summer 2025 |
Fall 2025
| Section | Title | Instructor | books | eservices |
|---|---|---|---|---|
| 50 | Vulnerability Assessment and Penetration Testing | Helmus, Jonathan C | Books for CYBR-412-50 Fall 2025 | Course details for CYBR-412-50 Fall 2025 |