This module will address topics of:



Ethics and legal challenges of cyber security

Vulnerability identification and computer threats analysis and evaluation

Security Analysis Methodologies

Business aspects behind penetration Testing

Technical foundations of penetration testing

Footprinting and scanning

System hacking and enumeration

Evaluation of automated security assessment tools

Report Writing and Post Test Actions

Additional topics may be covered, where possible and appropriate. We will use examples from Linux and other modern operating systems to illustrate concepts covered through the course.

Practical Skills Demonstration - A skills demonstration in examination style. Students will be asked to undertake a penetration test of a given target in a contained and legal environment, within the target there will be 10 “flags” which contain unique information. The students will be asked to undertake penetrating testing activities, in line with the ethical hacking lifecycle, in order to locate the flag information and will need to provide the information contained as their answers to the assessment (Learning Outcomes 1 to 5).

The material will be presented through a combination of lectures, tutorials, practical exercises and directed self-study. The lectures given will be covering the theoretical content of the module giving the students a detailed understanding of various penetration testing techniques. The tutorial sessions will be provided to allow for discussion and practical exercises to be carried out. The tutorial sessions will be used to allow the student to experiment within a penetration testing environment.

1. Explain and analyse the stages required by an ethical hacker to compromise a target.

Knowledge and Understanding, Learning

2. Critically evaluate security measures implemented on a target system in both a theoretical and practical manner.

Analysis, Problem Solving, Application

3. Demonstrate a critical knowledge of the tools, methods and procedures used with a secured network and host environment.

Analysis, Problem Solving

4. Demonstrate knowledge of the tools, methods and techniques used by penetration testers in conducting hacking activities.

Knowledge and Understanding, Reflection

5. Demonstrate practical ability and understanding of the use of industry-standard hacking tools and techniques against both a networked environment and a single-host target.

Knowledge and Understanding, Reflection, Communication

VMWare Workstation v16 or later

Kali Linux

ParrotOS

Host Machine with at least 8GB RAM, i5 or later processor, 250GB SSD Storage

Madsen, T. (2022), Security Architecture – How & Why (River Publishers Series in Security and Digital Forensics), River Publishers; 1st edition

Holt, T, J et. al. (2022), Cybercrime and Digital Forensics: An Introduction, Routledge; 3rd edition

Johansen, G, (2022), Digital Forensics and Incident Response: Incident response tools and techniques for effective cyber threat response, 3rd Edition, Packt Publishing; 3rd edition

Oettinger, G. (2022), Learn Computer Forensics: Your one-stop guide to searching, analyzing, acquiring, and securing digital evidence, 2nd Edition, Packt Publishing; 2nd edition

Mullins, M. (2022), Cyber Security Awareness: Employee Handbook, Kindle Edition

Anderson, R. (2021), Security Engineering: A Guide to Building Dependable Distributed Systems, 3rd Edition, Wiley, 3rd Edition

On this module you will study computer systems and network infrastructure as an attractive target to attackers. Hackers often manipulate software vulnerabilities and poor configuration to successfully gain access and steal information. To secure a system it is essential for computer security professionals to understand the structure, configuration, tools and techniques that hackers rely upon to successfully commit their act. It is also important to test the network regularly and discover any vulnerability due to miss configuration or poor patching.