System Penetration Testing + Incident Detection, Prevention and Response (Fall 2025)

Course Description:
Pentest = Planning and Scoping of Penetration Testing, Ethics in Penetration Testing, Penetration Testing Methodologies, Vulnerability Assessment and Analysis in Computer Systems, Attacks on Various Computer Systems, Penetration Testing Tools, and Reporting and Summarizing Penetration Testing Results.
CYSA = Concepts of Network Systems and Security Architecture, Indicators of Potentially Malicious Activities, Threat Intelligence Concepts, Threat Hunting, Vulnerability Management, Methods and Concepts of Vulnerability Scanning, Vulnerability Assessment Tools, Attack and Vulnerability Mitigation, Incident Response and Management Frameworks, Attack Methods and Incident Response Activities, Incident Management Lifecycle, Reporting and Communication in Incident Management, Vulnerability Management, and Incident Response Reporting and Communication.

Prerequisite: Basic Knowledge of Computer Network; Operating System; Computer Architecture; Database

Instructor:

Chakchai So-In, Ph.D., chakso AT kku.ac.th

Satit Kravenkit, Ph.D., satikr AT kku.ac.th

Phet Aimtongkham, Ph.D., phetim AT kku.ac.th

Office: @9525 (Applied Network Technology)
Office Hours: Saturday/Sunday 08.30 to 09.00 (or email me for appointment)
Class homepage: https://csperson.kku.ac.th/chakchai/Pentest_CYSA_Fall25
CompTIA Pentest+ and CYSA+: CompTIA Pentest+ and CYSA+
Teaching Assistant:

Titaya Sriwuttisap titaya_s AT kkumail.com, Office hour Saturday (Email -> Tentative)

Chatchai Punriboon chatchai AT kkumail.com, Office hour Sunday (Email -> Tentative)

Location:
Section I: - Lecture: on Saturday/Sunday at room @SC9524 from 09.00 to 16.00
Section I: - Lab: on Saturday/Sunday at room @SC9524 from 09.00 to 16.00
Facebook Group: Facebook Group

Textbook
The main textbooks for the course are
1. Mike Chapple, Robert Shimonski , et al., "CompTIA PenTest+ Study Guide: Exam PT0-003 (Sybex Study Guide)", Sybex, 608 pp., 2025.
2. CompTIA "CompTIA PenTest+ PT0-002 Certification Study Guide," ComTIA Pentest+, 2024.
3. Mike Chapple and David Seidl, CompTIA CYSA+ Exam CS0-003 (Sybex Study Guide)," Sybex, 576 pp., 2023.
4. CompTIA "CompTIA CYSA+ Certification Study Guide," ComTIA Pentest+, 2024.

Supplementary (Cisco Cybersecurity Essenteial)
1.Cisco Certified Support Technician (CCST) Cybersecurity 100-160 Official Cert Guide by Shane Sexton and Raymond Lacoste, 2024.

Supplementary
1. Principles of Information Security (7th edition) by Michael E. Whitman and Herbert J. Mattord, 2021.
2. Network Security: Private Communication in a Public World (3rd edition) by Charlie Kaufman, Radia Perlman, and Mike Specimner, 2022
3. Effective Cybersecurity: A Guide to Using Best Practices and Standards by William Stallings, 2018
4. Cryptography and Network Security: Principles and Practice (8th edition) by William Stallings, 2019
5. Computer and Information Security Handbook (3rd edition) by John Vacca, 2017
6. CCNA Security Course Booklet (version 1.1) by Cisco Systems, 2012.
7. CompTIA Security+ Guide to Network Security Fundamentals (MindTap Course List) (7th edition) by Mark Ciampa, 2020.
8. Law (ICT) Thailand

Interesting Computer and Network Security Material
1. Master in Security 3rd edition (Thai) by Jatuchai Pangjun, 2018
2. ºÃÔËÒÃ¨Ñ´¡ÒÃ Networking ´éÇÂ Windows 7 by ¾ÔÈÒÅ ¾Ô·ÂÒ¸ØÃÇÔÇÑ²¹ì, 2012
3. ¤ÑÁÀÕÃì Ubuntu Linux Server àÅèÁ 1 by ºÑ³±Ôµ ¨ÒÁÃÀÙµÔ, 2012
4. ¤ÑÁÀÕÃì Ubuntu Linux Server àÅèÁ 2 by ºÑ³±Ôµ ¨ÒÁÃÀÙµÔ, 2012
5. ¤ÑÁÀÕÃì Ubuntu Linux Server àÅèÁ 3 by ºÑ³±Ôµ ¨ÒÁÃÀÙµÔ, 2012
6. µÔ´µÑé§ÃÐººà¤Ã×Í¢èÒÂ Linux Server ÀÒ¤»¯ÔºÑµÔ by ¾ÔÈÒÅ ¾Ô·ÂÒ¸ØÃÇÔÇÑ²¹ì, 2012
7. Network and Computer Security Specialist #1, #2, #3 (Thai) by Minister of ICT, Thailand
8. Hands-on Ethical Hacking and Network Defense by Michael T. Simpson, Kent Backman, and James E. Corley, 2018
9. CEH Certified Ethical Hacker All-in-One Exam Guide by Matt Walker, 2011
10. CEH Certified Ethical Hacker Study Guide by Kimberly Graves, 2010
11. Applied Cryptography: Protocols, Algorithms, and Source Code in C by Bruce Scheier, 2096
12. Network Security Essentials: Applications and Standards by William Stalling, 2010
13. Hacking Exposed: Network Security Secrets and Solutions by Stuart McClure, Joel Scambray, and George Kurtz, 2009
14. Network Security Architectures by Sean Convery, 2010
15. CISSP Certified Information Systems Security Professional STUDY GUIDE by SYBEX, 2010

Other good books are
Slides from Prof. Raj Jain, Network Security Slides
Most importantly, please READ all Computer and Network Security Wiki related topics.
Network Programming (Bee)
UNIX Tutorial for Beginners Tutorial@virginia.edu

Example Toos/Testbed (Networking/Security/Mobile and Wireless Technology)
Click Here to see a list of testbed/tools
Youtube Project:

Project (Testbed) (Class in 2024)

Project (Testbed) (Class in 2023)

More Examples Click Here

News

01/02/2025: Finalterm Exam date = Sunday 24/08 at 09.00 - 16.00 @9524
01/02/2025: Web site created.

Lecture Schedule: (Tentative Subject to Change)

Class	Day	Date	Topic
1	Saturday	28/06/2025	Course Overview + 1) Scoping Organizational/Customer Requirements + 2) Scoping Organizational/Customer Requirements + 3) Footprinting and Gathering Intelligence
2	Sunday	29/06/2025	4) Evaluating Human and Physical Vulnerabilities + 5) Preparing the Vulnerability Scan + 6) Scanning Logical Vulnerabilities
3	Saturday	05/07/2025	7) Analyzing Scanning Results + 8) Avoiding Detection and Covering Tracks + 9) Exploiting the LAN and Cloud
4	Sunday	06/07/2025	10) Testing Wireless Networks + 11) Targeting Mobile Devices + 12) Attacking Specialized Systems
5	Saturday	12/07/2025	13) Web Application-Based Attacks + 14) Performing System Hacking + 15) Scripting and Software Development
6	Sunday	13/07/2025	16) Leveraging the Attack: Pivot and Penetrate + 17) Communicating During the PenTesting Process + 18) Summarizing Report Components
7	Saturday	19/07/2025	19) Recommending Remediation + 20) Performing Post-Report Delivery Activities + Security Topic Selection Proposal (PPT)
8	Sunday	20/07/2025	1) Explaining the Importance of Security Controls and Security Intelligence + 2) Utilizing Threat Data and Intelligence + 3) Analyze Network Monitoring Output
9	Saturday	26/07/2025	4) Collecting and Querying Security Monitoring Data + 5) Utilizing Digital Forensics and Indicator Analysis Techniques + 6) Applying Incident Response Procedures
10	Sunday	27/07/2025	7) Applying Risk Mitigation and Security Frameworks + 8) Performing Vulnerability Management + 9) Managing Post-Installation Administrative Tasks
11	Saturday	02/08/2025	10) Understanding Data Privacy and Protection + 11) Applying Security Solutions for Software Assurance + 12) Applying Security Solutions for Cloud and Automation
12	Sunday	03/08/2025 (Online)	PDPA Tutorial
13	Saturday	09/08/2025	#1 = Extra Lab + Exam Tutoring
14	Sunday	10/08/2025	#2 = Extra Lab + Exam Tutoring
15	Saturday	16/08/2025	#3 = Extra Lab + Exam Tutoring
16	Sunday	17/08/2025	#4 = Extra Lab + Exam Tutoring
17	Saturday	23/08/2025	9.00 (Project Presentation = 30 min each pair = Poster + .zip + .mp4 (Presenation + Demo) + Demo) + 13.00 (Cont.)
18	Sunday	24/08/2025	9.00 (Exam CompTIA Pentest+ = KKU Exam) + 13.00 (Exam CYSA+ = KKU Exam)
19	Saturday	30/08/2025 (Online)	9.00-10.30; 10.30-12.00; 13.00-14.30; 14.30-16.00 Slots = Meeting the student's superviser (industry evaluation)
20	Sunday	31/08/2025 (Online)	9.00-10.30; 10.30-12.00; 13.00-14.30; 14.30-16.00 Slots = Meeting the student's superviser (industry evaluation)

(Individual + Pari) Homework/LabHW/Incident_and_response_Report Assignments (Fall 2025 schedule): (Subject to Change)
Weekly CompTIA Lecture-ONLINE Capture (Individual-Learning) Click Here
Weekly CompTIA Lab-ONLINE Capture (Individual-Learning) Click Here
Weekly (2 Cases = Sat/Sun) Incident and Response Report (Pair-homework) Click here

Submission:
All assignment should be turned via Google Drive = Pentest_CYSA_Fall5. Late homework will be assessed a 30% penalty.
Each homework should include title prefix = "StudentID_HWID" such that ID is your student number.
Each lab-homework should include title prefix = "StudentID_LabHWID" such that ID is your student number.
Each pair (Incident and Response Report) should include title prefix = "GroupID_HWID" such that ID is your student number.
Note: For pair (Incident and Response Report); you MUST include the cover letter with students' signature OTHERWISE they WILL NOT be graded.

Lab Schedule: (Tentative Subject to Change)

Lab#1 (Pentest+)	Description (2-3 Labs each week)
#1	1) Explore Lab
#2	2) Gathering Intelligence
#3	3) Performing Social Engineering
#4	4) Nmap
#5	5) VA Scan and Analysis
#6	6) Pentest
#7	7) Web Authentication
#8	8) Website Weakness
#9	9) Database Weakness
#10	10) SQL Injection
#11	11) AitM
#12	12) Password Attack
#13	13) Reverse and Bind Shell
#14	14) Post-Exploitation
#15	15) Persistence
#16	16) Lateral Movement

Lab#2 (CYSA+)	Description (2-3 Labs each week)
#1	1) Explore Lab
#2	2) Threat and Vulnerability Managment: Nessus, Nikto
#3	3) Windows system vulnerability
#4	4) OWASP ZAP Basic
#5	5) Splunk
#6	6) Email analysis
#7	7) Wazhu
#8	8) Linux Forensics
#9	9) Threat Intelligence
#10	10) Reverse Engineering Tools
#11	11) Vulnerability Assessment
#12	12) Registry
#13	13) Process Explorer
#14	14) API Calls
#15	15) Tracking system process

Academic Integrity
Students at Khon Khan University are engaged in the first step for their professional career with the highest standards. Please follow the academic integrity guideline at Cheating and Plagiarism [@CMU]. All these rules are enforced for the entire course.

Security Tools/Apps - Group of 6 students
Security Tool
ONLY hands-on security tools on topic of your choice
The final outcome MUST be something VISUAL= Computer/Network/Information/Internet/ Security Tools
There is about 20 mins demo + Document (PPT/ Poster/ Video mp4 - youtube/ Code-Zip)
Tool Ideas: http://sectools.org/?page=1

Main Project (Project I)
Project Ideas:

Ideas at Stanford.edu

Ideas at Berkeley.edu

Ideas at MIT.edu

Ideas at DotCrime

Ideas at Sunysb.edu

Ideas at Berkeley.edu

Ideas at Udel.edu

Ideas at Fsu.edu

Ideas at Upenn.edu

In this semester, we focus on Security and Privacy; however, we do not limit on these.
Cisco Netrider Contest (Networking Competition)
Network Security Contest
Click Here

Project Milestone	Description	Completion Date
#1	Security Topic Selection Proposal 10 mins PPT Presentation (what is it) = Topic + (2) Related Work + What is it? + What makes different from those 2? + Examples = 6-8 pages)	19/07/2025
#2	Security Topic Tool/App Submission 20 mins Presentation (Demo) = Poster + PPT + Video Youtube .mp4 (Presentation + Demo) + Code .zip + Demo	24/08/2025

Note: These are group projects BUT grading individually *write who do what in what%?*

Grading: (tentative)

Final-Term Exam (Lecture)	25% +/- 5%
CompTIA Homework Course + Lab (Lecture/Lab)	25% +/- 5%
Quiz + Class participation	10% +/- 5%
Project	25% +/- 5%
Security Report VA Scan Incident and Response (1 each week)	15 +/- 5% (grading individually)

Note that students are allowed to bring only "TWO" piece of A4 paper in midterm/final exams with additional non-memorized calculator
The final exam material will be after the mid-term; however, all related contents will be also covered.
The exam includes 1. True/False (+1, -1, and 0), 2. Numerical and Analysis, and 3. Fill in the blank.
The final grade will be curved based on the overall performance of the whole class (probablistic clear cut-off point).
Note: Extra Credits:

+5 passing Security Certifications

+2.5 to 5% 1st round competition

+1% for taking a security contest exam

+2.5% for taking/passing the security online course, e.g., udemy and coursera

Other related computer and network security research links

CCSS Center for Computer Systems Security, University of Southern California, http://ccss.usc.edu/
UW CSE Systems, Networking, and Security Research, University of Washington, http://www.cs.washington.edu/research/systems.intro.html
Cyber Security, Virginia Tech, http://www.cyber.vt.edu/research
The Computer Security Group, UCSB, http://seclab.cs.ucsb.edu/
Security Research Lab, UC Berkeley, http://security.cs.berkeley.edu/
IBM Security and Privacy, IBM, http://researcher.ibm.com/view_project.php?id=151
CyLab, CMU, http://www.cylab.cmu.edu/
Computer Security Division, NIST, http://csrc.nist.gov/
Networking and Security Research Center, PSU, http://nsrc.cse.psu.edu/
Security Group @CA, University of Cambridge, http://www.cl.cam.ac.uk/research/security/
Stanford Security Laboratory, Stanford University, http://seclab.stanford.edu/
Network Operations and Internet Security Lab, GATECH (Prof. Nick Feamster), http://www.gtnoise.net/
Illinois Security Lab, UIUC (Dr. Carl A. Gunter), http://seclab.illinois.edu/
Systems and Internet Infrastructure Security (SIIS), PSU, http://siis.cse.psu.edu/
Network Security Lab, Columbia University, http://nsl.cs.columbia.edu/
CENTER FOR INFORMATION AND COMPUTATION SECURITY (CICS), UCLA, http://www.cs.ucla.edu/security/
Center for Wireless Information Network Studies, WPI (Prof. Kaveh Pahlavan), http://www.cwins.wpi.edu/
Maryland Cybersecurity Center, UMD, http://www.cyber.umd.edu/faculty/index.html
Center for Research on Computation and Society (CRCS), Harvard, http://crcs.seas.harvard.edu/
Systems and networking group, UCSD, http://sysnet.sysnet.ucsd.edu/sysnet/
Information Security Research Group, UCL, http://sec.cs.ucl.ac.uk/
Center for Information Assurance and Security, UTexas, http://www.cias.utexas.edu/index.htm
Johns Hopkins University Information Security Institute (JHUISI), JHU, http://web.jhu.edu/jhuisi/
University of Oregon Network Security Research Lab, University of Oregon, http://netsec.cs.uoregon.edu/

Back to Chakchai So-In's Home Page