Module Descriptors
ETHICAL HACKING
COMP50036
Key Facts
Digital, Technology, Innovation and Business
Level 5
20 credits
Contact
Leader: Tharaka Ilayperuma
Hours of Study
Scheduled Learning and Teaching Activities: 20
Independent Study Hours: 180
Total Learning Hours: 200
Pattern of Delivery
- Occurrence A, Stoke Campus, UG Semester 1
- Occurrence B, Stoke Campus, UG Semester 1 to UG Semester 2
- Occurrence C, Stoke Campus, UG Semester 2
- Occurrence D, Stoke Campus, UG Semester 3 to UG Semester 1
- Occurrence F, Stoke Campus, UG Semester 1
Sites
- Stoke Campus
Assessment
- COURSEWORK - Student Case Study 3000 words weighted at 100%
Module Details
INDICATIVE CONTENT
This module has been designed to develop the skills required to test and evaluate the security and resilience of IT systems. It will principally focus on the following topics:
- Why businesses need to perform penetration testing.
- Overview of Ethical Hacking/Penetration Testing phases.
- Introduction to Linux.
- SQL Injection and common ways to gain access to system(s).
- Nmap and Metasploit.
- Firewalls using iptables I and II.
- Intrusion detection methods.
- Common Vulnerability Scoring Systems (CVSS).
- Introduction to active and passive data gathering.
- Understanding Footprinting and scanning.
- Advanced Linux topics.
- Basic scanning techniques.
- Tools and methods to perform an effective scanning to identify system vulnerabilities.
- System hacking and enumeration.
- Why businesses need to perform penetration testing.
- Overview of Ethical Hacking/Penetration Testing phases.
- Introduction to Linux.
- SQL Injection and common ways to gain access to system(s).
- Nmap and Metasploit.
- Firewalls using iptables I and II.
- Intrusion detection methods.
- Common Vulnerability Scoring Systems (CVSS).
- Introduction to active and passive data gathering.
- Understanding Footprinting and scanning.
- Advanced Linux topics.
- Basic scanning techniques.
- Tools and methods to perform an effective scanning to identify system vulnerabilities.
- System hacking and enumeration.
ADDITIONAL ASSESSMENT DETAILS
A practically focused case study where students are required to identify and exploit some system vulnerabilities provided to them. From the work they do they must evaluate the identified vulnerabilities and suggest mitigation techniques and solutions to these (in doing so students will explore the application selection and use of appropriate Ethical hacking tools). Learning Outcomes 1 to 4.
LEARNING STRATEGIES
Online class-based sessions (20 hours)
There are 20 hours of class related teaching delivery presented online, which will include lectures and practical skills development.
Independent Learning (180 hours)
The tutor will provide resources through the virtual learning environment which will include videos and presentations as well as links to useful websites. Other academic learning will be achieved through reading around the subject area. The tutor will suggest useful texts, though many others will be suitable and can be found in our e-library. If you require help understanding any of the concepts, you may contact the tutor for assistance.
Students can opt to register for a Cisco CyberSecurity Essentials online course to support their studies at no cost.
There are 20 hours of class related teaching delivery presented online, which will include lectures and practical skills development.
Independent Learning (180 hours)
The tutor will provide resources through the virtual learning environment which will include videos and presentations as well as links to useful websites. Other academic learning will be achieved through reading around the subject area. The tutor will suggest useful texts, though many others will be suitable and can be found in our e-library. If you require help understanding any of the concepts, you may contact the tutor for assistance.
Students can opt to register for a Cisco CyberSecurity Essentials online course to support their studies at no cost.
LEARNING OUTCOMES
1. Understand penetration testing phases and Linux basic commands and be able to describe and document these in a useful format for others.
Knowledge & Understanding
Problem Solving
2. Utilize penetration testing tools such as NMAP, OpenVAS (or similar) and Metasploit in Ethical Hacking activities.
Application
Knowledge & Understanding
3. Identify and analyse common system vulnerabilities from an Ethical Hacking perspective.
Analysis
4. Perform penetration testing to identify host and network vulnerabilities and understand common mitigation techniques.
Application
Learning
Knowledge & Understanding
Problem Solving
2. Utilize penetration testing tools such as NMAP, OpenVAS (or similar) and Metasploit in Ethical Hacking activities.
Application
Knowledge & Understanding
3. Identify and analyse common system vulnerabilities from an Ethical Hacking perspective.
Analysis
4. Perform penetration testing to identify host and network vulnerabilities and understand common mitigation techniques.
Application
Learning
RESOURCES
You will need access to these resources:
Microsoft Teams or similar online collaborative platform.
Blackboard VLE
Library
Supplied VM’s
Microsoft Teams or similar online collaborative platform.
Blackboard VLE
Library
Supplied VM’s
REFERENCE TEXTS
Jain, R, (2022), Zero to Mastery In Information Security And Cyber Laws: Become Zero To Hero In Information Security And Cyber Laws, VAYU PUBLISHING, ASIN:B0B1C9G134
Harper et al. (2018), Gray Hat Hacking: The Ethical Hacker's handbook, 5th edition, New York, McGraw-Hill, ISBN: 1260108414
Dieterle, D, (2018), Basic Security Testing With Kali Linux, 3rd Edition, CreateSpace Independent Publishing, ISBN 1725031981
Rothwell W. (2018), Linux Essentials for Cybersecurity, 1st edition, Pearson IT Certification , ISBN ¿ 0789759357
Bishop, M, (2019), Computer Security: Art and Science, Pearson, ISBN 9780321712332
Dulaney, E, (2020), CompTIA Security+ Study Guide, Sybex (8th edition), ISBN 9781119416876
Walker, M, (2019), CEH Certified Ethical Hacker, McGraw-Hill Education (4th edition), ISBN 9781260455083
Santos, O and Muniz, J (2017), CCNA Cyber Ops (SECFND #210-250 and SECOPS #210-255) Official Cert Guide Library, 1/e, ISBN-10: 1587145006, ISBN-13: 978-1587145001
Santos, O. (2020). Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide, Cisco Press. ISBN-13: 978-0-13-680782-7
McNab, C. (2016). Network Security Assessment: Know Your Network 3rd Edition, O’Reilly. ISBN-10: 149191095X, ISBN-13: 978-1491910955
Harper et al. (2018), Gray Hat Hacking: The Ethical Hacker's handbook, 5th edition, New York, McGraw-Hill, ISBN: 1260108414
Dieterle, D, (2018), Basic Security Testing With Kali Linux, 3rd Edition, CreateSpace Independent Publishing, ISBN 1725031981
Rothwell W. (2018), Linux Essentials for Cybersecurity, 1st edition, Pearson IT Certification , ISBN ¿ 0789759357
Bishop, M, (2019), Computer Security: Art and Science, Pearson, ISBN 9780321712332
Dulaney, E, (2020), CompTIA Security+ Study Guide, Sybex (8th edition), ISBN 9781119416876
Walker, M, (2019), CEH Certified Ethical Hacker, McGraw-Hill Education (4th edition), ISBN 9781260455083
Santos, O and Muniz, J (2017), CCNA Cyber Ops (SECFND #210-250 and SECOPS #210-255) Official Cert Guide Library, 1/e, ISBN-10: 1587145006, ISBN-13: 978-1587145001
Santos, O. (2020). Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide, Cisco Press. ISBN-13: 978-0-13-680782-7
McNab, C. (2016). Network Security Assessment: Know Your Network 3rd Edition, O’Reilly. ISBN-10: 149191095X, ISBN-13: 978-1491910955
WEB DESCRIPTOR
This module explores the different vulnerabilities and attacks that can occur in a networked computing environment. To counter these attacks students will learn about the techniques employed to mitigate against these (to the level they can identify and compare and contrast the effectiveness of proposed solutions). In studying the module students will also look at advanced usage of penetration testing tools, as well as common mitigation techniques.