Northern Virginia Community College
Annandale Campus
Spring Semester 2019
16-Week Session
ITP 270 – Programming For Cybersecurity
Section 001N – 4 Credit Hours
Syllabus
Course Description | Prerequisites | Instructor | Text | Class Hours | Office Hours | Important Dates | Course Objectives | Major Topics | Grades | Class Schedule | Inclement Weather Policy | Academic Dishonesty | Attendance Policy | Learning And Growth Policy | Emergency Evacuation Procedures | Safety Preparation | Fun Policy
Course Description:
Introduces students to the fundamentals of cyber security programming using Python. Teaches scripting and software development techniques for automating security tasks such as network monitoring and penetration testing using Python. Additional topics include writing custom tools and the basics of developing software exploits.
ITP 270 – Programming For Cybersecurity Course Content Summary
NOTE: Since the prerequisite for this course is listed as only ITP 100 – Software Design, the majority of the course will focus on translating the design and programming concepts learned in ITP 100 into Python programs in the context of cybersecurity programming.
Prerequisites and Corequisites:
ITP 100 – Software Design Course Content Summary
Instructor:
Rick Miller, MS Computer Science
California State University Long Beach
Phone: 703-207-0532
email: rick@warrenworks.com
website: www.warrenworks.com
Text:
 Black Hat Python |
Required Text (If you’re a novice programmer and new to Python, you won’t understand anything in this book until about midway through the semester. Just sayin’)
|
 Learning Python ISBN-13: 978-1449355739 |
Supplemental Text (Not available in the NVCC Annandale bookstore so I recommend getting it from Amazon. ) |
 Pro Python Best Practices ISBN-13: 978-1484222409 |
Optional Text (Very helpful and a good addition to your library.) Pro Python Best Practices: Debugging, Testing, and Maintenance, 1st Ed., ISBN-13: 978-1484222409 |
Class Hours:
Time: Friday, 6 pm – 9:40 pm
Room: CC-204
Dates: 18 January – 10 May 2019
Office Hours:
You can talk to me before, during or after class. You can also call me but I prefer email.
Important Dates To Remember:
- First day of class: 18 January 2019
- Last day to drop with tuition refund or change to Audit: 29 January 2019 (Census Date)
- Last day to withdraw without grade penalty: 24 March 2019 (Note: The award of ‘W’ after the last day to withdraw without grade penalty REQUIRES official documentation and the Dean’s signature.)
- Holidays/Non Instructional Days: 15 March 2019 (Spring Break)
- Last day of class: 10 May 2019
Course Objectives:
Upon the completion of this course you will be able to:
- Design code, test, and implement Python programs using both console and Graphical User Interface (GUI) applications.
- Demonstrate effective knowledge in and use of language syntax, tools, models and idiom.
- Demonstrate mastery of skills necessary to construct software solutions to a variety of security areas.
- Demonstrate use and implementation of commonly used algorithms and data structures as they relate to problems in Cybersecurity.
- Code with fluency in the object-oriented paradigm.
- Identify and explain the libraries available for attack task automation.
- Use the high-level programming language to analyze & debug live applications.
- Explain the ethical and social implications of hacking within the context of cybersecurity.
Major Topics:
- Python development environment
- Python data types
- Strings and Numbers
- Lists, Tuples, Dictionaries
- Python basic syntax
- Sequence, Decision making, loops
- Functions and Modules
- Exception Handling
- Regular Expressions
- Classes and Objects
- Inheritance
- File I/O and Database Manipulation
- Networking
- GUI Development
Grades:
Success in this class requires writing lots of code and the programming projects constitute 60% of your grade.
| Programming Projects | 60% | |
| In-Class Programming Assignments, Quizzes, Exams | 20% | |
| Engagement (Your active participation in the learning experience) | 20% | |
Class Schedule:
| Week | Topics Covered | Notes |
| Week 1 |
|
NOTE: The class schedule content will change and evolve over time to account for pace, timing, and student progress. Topics not covered in the specified week will be pushed to the following week. IMPORTANT: If you are new to Python and to programming in general, you will be lost if you try to read the Black Hat Python book. Start with the Learning Python book. You need to hit the deck running in this class. By the first week you will need to:
Recipe For Success:
|
| Week 2 |
|
How to Create and Run Python Programs on MacOS, Windows, and Linux
Helpful Links: |
| Week 3 |
|
|
| Week 4 |
|
|
| Week 5 |
|
|
| Week 6 |
|
Project 1: Reverse DNS Lookup |
| Week 7 |
|
|
| Week 8 |
|
The midterm will be an in-class coding exercise. |
| N/A | SPRING BREAK | |
| Week 9 |
|
Project 2: Website Probe |
| Week 10 |
|
|
| Week 11 |
|
Project 3: Packet Sniffer |
| Week 12 |
|
Project 4: Client/Server Data Exfiltration |
| Week 13 |
|
|
| Week 14 |
|
Regex101.com |
| Week 15 |
|
|
| Week 16 |
|
|
Inclement Weather Policy
Check the NOVA website for inclement weather announcements. http://www.nvcc.edu/depts/homepage/closing.htm#faq
Academic Dishonesty:
I expect the work you do in this class to be your own. I encourage the free exchange of ideas between students, however, the work you ultimately hand in to fulfill course requirements must not be simply copied from another student or other sources. It’s easy to be honest; here are a few rules to help guide you:
- Cite all references used to write code.
- You may look at another student’s programming code but give them credit for helping you.
- If you use stuff from the Internet to help you on a class project list the source.
- When in doubt…list the source and give credit.
- You may use code I provide in class in your projects but give me credit for the code I provide.
From the NVCC Catalog
When College officials award credit, degrees, and certificates, they must assume the absolute integrity of the work you have done; therefore, it is important that you maintain the highest standard of honor in your scholastic work. The College does not tolerate academic dishonesty. Students who are not honest in their academic work will face disciplinary action along with any grade penalty the instructor imposes. Procedures for disciplinary measures and appeals are outlined in the Student Handbook. In extreme cases, academic dishonesty may result in dismissal from the College. Academic dishonesty, as a general rule, involves one of the following acts:
- Cheating on an examination or quiz, including the giving, receiving, or soliciting of information and the unauthorized use of notes or other materials during the examination or quiz.
- Buying, selling, stealing, or soliciting any material purported to be the unreleased contents of a forthcoming examination, or the use of such material.
- Substituting for another person during an examination or allowing another person to take your place.
- Plagiarizing means taking credit for another personÕs work or ideas. This includes copying another personsÕs work either word for word or in substance without acknowledging the source.
- Accepting help from or giving help to another person to complete an assignment, unless the instructor has approved such collaboration in advance.
- Knowingly furnishing false information to the College; forgery and alteration or use of College documents or instruments of identification with the intent to defraud.
Attendance Policy:
You should only miss class when you have a genuine emergency. I prefer advance notification via email. It goes without saying that you are responsible for course and assignments due, and for information covered, on the day(s) you miss. If you miss too many classes, and too many is entirely at my discretion, you will earn an “F” for the class. (Note:To date, the only student who failed the class under this policy did so not because they missed a number of classes, but because they failed to communicate with me about their situation.) If you fail to attend the first two classes I will administratively withdraw you. If you attend the first class and miss the next two classes, I will administratively withdraw you. If you miss four classes by the census date, I will administratively withdraw you.
The Attendance Policy from the NVCC Catalog:
Learning and Growth Policy
“NOVA is a place for learning and growing. You should feel safe and comfortable anywhere on this campus. In order to meet this objective, you should: a) let your instructor, his/her supervisor, the Dean of Students or Provost know if any unsafe, unwelcome or uncomfortable situation arises that interferes with the learning process; b) inform the instructor within the first two weeks of classes if you have special needs or a disability that may affect your performance in this course.”
Emergency Evacuation Procedures:
Should the need to evacuate the room in a hurry arise, the procedures to do so are posted in the class. We’ll discuss these on the first day and hope we never have to use them!!!
TO REPORT AN EMERGENCY OR SUSPICIOUS ACTIVITY
- NOVA Police at 703-764-5000
- Police and Fire at 9-1-1
SAFETY PREPARATION
Your ability to react effectively during an emergency takes preparation. The Office of Emergency Management and Safety wants you to be prepared to react immediately. To start, you should know the locations of: the two safest and most direct evacuation routes (see posted evacuation route signs in classrooms), the locations of designated Assembly Areas outside the facility, shelter-in-place areas for a severe weather event, and the nearest automated external defibrillators (AEDs). For additional emergency preparedness information, visit the Office of Emergency Management and Safety website at: www.nvcc.edu/emergency.
FIRE/EVACUATION
- Activate the nearest fire alarm and call 9-1-1 if possible. If there are no fire alarms nearby, knock on doors and yell “fire” as you exit the building.
- Evacuate the building. Do not use elevators!
- Feel closed doors with the back of your hand. Do not open if doors are hot.
- Move well away from the building when evacuating, and assemble at designated assembly areas.
- Do not re-enter the building until cleared by authorized personnel.
SEVERE WEATHER/SHELTER-IN-PLACE
If the area is under a Severe Weather/Tornado WARNING, or if notified to shelter:
- Seek shelter immediately in a Severe Weather Shelter Area or go to an interior hallway or room; at the lowest level in the building; and/or an area free of windows or glass.
- Protect your body from flying debris with any available furniture or sturdy equipment.
- Use your arms to protect your head and neck.
- Wait for the “All Clear” before leaving your shelter area.
VIOLENCE/ACTIVE SHOOTER
- Determine the most reasonable way to protect your own life and call 9-1-1 or 703-764-5000 when it is safe to do so.
Run and evacuate if you can. This may be your best chance of survival. Have an escape route in mind. Leave valuables behind and keep hands visible. - Hide in an area outside of the shooter’s view. Block entry to your hiding place and lock doors.
- Turn off lights and silence electronic devices.
- Fight as a last resort and only when your life is in imminent danger. Attempt to incapacitate the shooter. Act with physical aggression.
EMERGENCY COMMUNICATION
- In the event of an emergency you may be notified by various means depending on the emergency. Some of the ways you may be notified include:
- classroom telephones,
- computer pop-ups,
- digital flat panels,
- NOVA Access through www.facebook.com/NOVAaccess and www.twitter.com/novaaccess, or
text messaging through NOVA Alert. NOVA Alert is a free notification service. You are automatically signed up for email alerts through your NOVA email address.To add a mobile phone number or an additional email account, you must register by going to: https://alert.nvcc.edu. You are strongly encouraged to add additional devices. - NOVA may use some or all notification channels to notify you. For a complete list, visit the NOVA website at www.nvcc.edu and search for Alert Notification Systems.
Closing/Class Cancellations
If the College is closed or delayed for any reason, a text alert will be sent to cell phones registered on NOVA Alert and a notice will be posted on the home page of the College’s website. In addition, a message will appear on our cable television station and on local radio and TV stations. The home page of the College’s website will always have the most reliable and up-to-date information about closures or delays.
Fun Policy
Most importantly…I want you to enjoy the class. I will learn as much from you as I hope you’ll learn from me. To this end, I sincerely appreciate any comments you may have about course content and welcome your suggestions on ways to improve this course for future classes. Welcome to class…have fun!
Cybersecurity Center
Visit www.nvcc.edu/cybersecurity for information on NOVA’s Cybersecurity programs. “Liking” the Facebook page at http://www.facebook.com/notifications.php#!/pages/Dr-Margaret-Leary-CyberWatch-Page/149995045038340 allows you to automatically receive information on cybersecurity competitions, scholarships, training opportunities, and other events – even after you have completed your studies at NOVA. Scholarly articles and journals relating to cybersecurity can also be found under “Student Resources” at the NOVA CyberCenter site.
Cybersecurity Opportunities
- Free ISACA Membership. Students are eligible for a free ISACA Membership. Information can be obtained by emailing Margaret Leary at mleary@nvcc.edu . The student will need to be prepared to support NOVA’s cyber program, in exchange for the membership, at NOVA events, such as CyCon or the Hackathon. For additional information about ISACA visit: isaca.org
- Reduced ISSA-NOVA Membership. ISSA-NOVA is one of the largest chapters of the international ISSA organization (Information Systems Security Administrators). While no longer free, ISSA-NOVA reduces the $100 membership fee to only $30 for students. Students interested in joining should have myself or Brian Ngac validate their full-time status (it is required to be recommended by a member, with both of us being active members). The link at which they apply is https://app.smartsheet.com/b/form/70f8529a04004155b154d67e851435e4.
- All Cyber. This No. VA cyber organization meets every other Saturday at the Woodbridge campus in the Arts and Science Building, room 362, at 10AM. Students can tryout for the official NOVA Cyber team and network with other students and industry professionals. Information is located at https://allcyber.org
- National Cyber League. Students can also participate each semester in the National Cyber League competition. This is an individual competition that costs $25 per student. Students are provided with a scoring report at the end of the competition and several students show these reports to employers as a demonstration of the skills they have acquired. I expect registration to open in Feb. for the Spring season. I usually recommend that students start early in their academic tenure – ITN 260 is a good starting place. Again, they can practice with peers at the All Cyber meetings.
- National Cybersecurity Student Association. Sponsored by National CyberWatch Center, students can join this largest association of cybersecurity students. We also don’t have a chapter, and we should have, as one of the largest cybersecurity education programs in the country. Consider helping a student start a NOVA chapter for students. ?