Module Descriptors
ETHICAL HACKING
COCS50596
Key Facts
Faculty of Computing, Engineering and Sciences
Level 5
30 credits
Contact
Leader: Hatem Tammam
Email: H.Tammam@staffs.ac.uk
Hours of Study
Scheduled Learning and Teaching Activities: 72
Independent Study Hours: 228
Total Learning Hours: 300
Assessment
- REPORT weighted at 50%
- REPORT -SECOND REPORT weighted at 50%
Module Details
Module Learning Strategies
24 hours of lectures and 48 hours of practical/tutorials
Students will be required to complete background reading prior to each tutorial. The background reading will help them underpin the practical demonstrations.
Practical tasks will be used to re-enforce and apply theory to encourage an analytical and problem based approach to penetration testing.
Where appropriate students will be given informative assessment to complete and evaluate with their peers.
Students will be required to complete background reading prior to each tutorial. The background reading will help them underpin the practical demonstrations.
Practical tasks will be used to re-enforce and apply theory to encourage an analytical and problem based approach to penetration testing.
Where appropriate students will be given informative assessment to complete and evaluate with their peers.
Module Additional Assessment Details
The assessment of the module will consist of two assessments.
1. A report Weighted at 50% (Learning outcomes 1,2 and 4 ). The report will be based upon the 5 phases of Ethical hacking. Students are required to demonstrating a range of tools within each of the 5 phases of hacking. The report should be 3000 words.
(This will be the first assessment item to be submitted )
2. A report Weighted at 50% (Learning outcomes 3 and 5 ). The report will be based upon the 5 phases of Ethical hacking. Students are required to critically evaluate the security component implemented in each stage to counter the hacking activity. This should be demonstrated using appropriate tools. The report should be 3000 words. (This will be the final assessment item to be submitted)
1. A report Weighted at 50% (Learning outcomes 1,2 and 4 ). The report will be based upon the 5 phases of Ethical hacking. Students are required to demonstrating a range of tools within each of the 5 phases of hacking. The report should be 3000 words.
(This will be the first assessment item to be submitted )
2. A report Weighted at 50% (Learning outcomes 3 and 5 ). The report will be based upon the 5 phases of Ethical hacking. Students are required to critically evaluate the security component implemented in each stage to counter the hacking activity. This should be demonstrated using appropriate tools. The report should be 3000 words. (This will be the final assessment item to be submitted)
Module Indicative Content
Ethical and Legality aspects of penetration testing
Technical foundation of hacking
Aspects of security
Understanding legal and ethical challenges of ethical hacking
Understanding business aspects and the importance of performing penetration testing
Introduction to active and passive data gathering
Understanding Foot printing and scanning
System hacking and enumeration
Evaluation of automated security assessment tools
Physical and Infrastructural security and the need to protect critical nodes.
Compromising the human element
Legal and Ethical issues
The use of sniffers and methods to perform session hijacking and denial of service to gain access
Wireless technologies, security and wireless attacks
Intrusion detection and multilevel security
Trusted computing platforms.
Operating system protection mechanisms
Access control
User Authentication and Cryptographic tools
Technical foundation of hacking
Aspects of security
Understanding legal and ethical challenges of ethical hacking
Understanding business aspects and the importance of performing penetration testing
Introduction to active and passive data gathering
Understanding Foot printing and scanning
System hacking and enumeration
Evaluation of automated security assessment tools
Physical and Infrastructural security and the need to protect critical nodes.
Compromising the human element
Legal and Ethical issues
The use of sniffers and methods to perform session hijacking and denial of service to gain access
Wireless technologies, security and wireless attacks
Intrusion detection and multilevel security
Trusted computing platforms.
Operating system protection mechanisms
Access control
User Authentication and Cryptographic tools
Module Special Admissions Requirements
Prior study of a Level 4 30 credit Network/Forensic/Security Module
Module Resources
Access to the digital forensic Lab
Access to Virtual Machines
Access to Virtual Machines
Module Texts
ISO 27002, Code of practice for information security, ISO/IEC
Hands-on Ethical Hacking and network defence ,Michael T.Simpson, Kent Backman, Corley, J. April 2012 ISBN: 1133935613
Gray Hat Hacking:The Ethical Hacker's handbook, 3rd edition Harris, S., Harper, A., Eagle, C. Ness, J. 2011, McGraw-Hill, ISBN:0071495681
Handbook for Computer Security Incident Response Teams (CSIRTs), 2012, Carnegie Mellon University
Computer Security: Principles and Practices, Syngress William Stallings, Lawrie Brown, 2008, ISBN:9780136004240
Security in Computing, Pfleeger, C.P., S.L Pfleeger, Prentice Hall, 4th Edition, 2006, ISBN:978-0132390774
Hands-on Ethical Hacking and network defence ,Michael T.Simpson, Kent Backman, Corley, J. April 2012 ISBN: 1133935613
Gray Hat Hacking:The Ethical Hacker's handbook, 3rd edition Harris, S., Harper, A., Eagle, C. Ness, J. 2011, McGraw-Hill, ISBN:0071495681
Handbook for Computer Security Incident Response Teams (CSIRTs), 2012, Carnegie Mellon University
Computer Security: Principles and Practices, Syngress William Stallings, Lawrie Brown, 2008, ISBN:9780136004240
Security in Computing, Pfleeger, C.P., S.L Pfleeger, Prentice Hall, 4th Edition, 2006, ISBN:978-0132390774