Course Title: Ethical Hacking for Cyber Security

Part A: Course Overview

Course Title: Ethical Hacking for Cyber Security

Credit Points: 12.00

Terms

Course Code	Campus	Career	School	Learning Mode	Teaching Period(s)
INTE2102	City Campus	Postgraduate	145H Mathematical & Geospatial Sciences	Face-to-Face	Sem 1 2006, Sem 2 2007, Sem 1 2009, Sem 2 2010, Sem 1 2012, Sem 2 2013, Sem 1 2015, Sem 2 2016
INTE2102	City Campus	Postgraduate	171H School of Science	Face-to-Face	Sem 1 2018, Sem 2 2019, Sem 1 2021, Sem 2 2022, Sem 2 2023

Course Coordinator: Dr. Matt Skerritt

Course Coordinator Phone: NA

Course Coordinator Email: matt.skerritt@rmit.edu.au

Pre-requisite Courses and Assumed Knowledge and Capabilities

Required Prior Study

You should have satisfactorily completed courses before you commence this course.

• INTE1120 Introduction to Information Security (Course ID 008586)
• INTE1122 Case Studies in Information Security (Course ID 008587)
• INTE1125 Cryptography and Security (Course ID 014836)
• COSC1295 Advanced Programming (Course ID 004316)

Alternatively, you may be able to demonstrate the required skills and knowledge before you start this course.

Contact your course coordinator if you think you may be eligible for recognition of prior learning. 

Assumed Knowledge

This is course introduces a hands on study of practical methods for assessing the security information systems and services. It builds on the overview and skills presented in the pre-requisite courses.

It is assumed that students are familiar with the following concepts and technologies:

Foundations of:
• TCP/IP and HTTP protocols
• Web technologies such as HTML and JavaScript
• Linux and Windows Operating Systems (at user level)
• Client-server application architecture
• A programming/scripting language (e.g., Python, PHP, Ruby, JavaScript, BASH, etc).

It is strongly recommended that students familiarize themselves with the basics of security testing methodologies, such as the OSSTMM - Open Source Security Testing Methodology Manual and the OWASP Testing Guide). These are open-source documents that are compulsory pre-reading for this course.

This course is designed to build on top of this knowledge. Students without a technical foundation may struggle to understand the course content and practical assessments.
 

 

Course Description

This course focuses on web application and network security. Students will be taught how to think like a hacker and analyse systems in terms of abuse cases rather than use cases. The methodology and technical skills required for penetration testing will be taught in a hands-on practical manner. Students will apply and demonstrate their knowledge in attacking systems within a virtual environment.

Students will complete assignments in penetration testing of web applications and network servers, resulting in an industry style report of weaknesses including appropriate risk assessments.

The skills and techniques taught in this course can be used both legally and illegally. These techniques must be used ethically at all times.

Objectives/Learning Outcomes/Capability Development

On completion of this course you should be able to:

1. Identify common security tools and compare and contrast their features and purpose.
   2. Demonstrate a variety of  technical skills used in penetration testing.   
   3. Apply ethical considerations to security testing in a wide variety of circumstances.
   4. Critically review the risks associated with common information systems.
   5. Recommend and implement common security testing techniques, methodologies and information security management policies.
   6. Communicate security findings appropriately for industry audiences.

This course contributes to the following Program Learning Outcomes for MC159 Master of Cyber Security:

International Orientation and Strategic Thinking

• Graduates will have a strategic and practical overview of the issues in information security and assurance.

Critical Analysis and Problem Solving

• Evaluate information security risks across diverse service settings including the Internet and WWW based commerce systems, high bandwidth digital communications and funds transfer services,
• Undertake professional careers or postgraduate research in information security or other IT related fields, acquiring the required information needed to identify real world solutions to real world information security problems.

Communication

• Graduates will have the ability to communicate both technical and non-technical material in a range of forms (written, electronic, graphic, oral) and to tailor the style and means of communication to different audiences.

Ethical Values

• Graduates will exhibit an ability to appreciate the ethical considerations that inform judgments and decision making in academic and professional settings.
   

Overview of Learning Activities

 

You will be actively engaged in a range of learning activities such as lectorials, tutorials, practicals, laboratories, seminars, project work, class discussion, individual and group activities. Delivery may be face to face, online or a mix of both. 

You are encouraged to be proactive and self-directed in your learning, asking questions of your lecturer and/or peers and seeking out information as required, especially from the numerous sources available through the RMIT library, and through links and material specific to this course that is available through myRMIT Studies Course

Overview of Learning Resources

 

RMIT will provide you with resources and tools for learning in this course through myRMIT Studies Course. 

There are services available to support your learning through the University Library. The Library provides guides on academic referencing and subject specialist help as well as a range of study support services. For further information, please visit the Library page on the RMIT University website and the myRMIT student portal.

Overview of Assessment

Assessment Tasks:

Assessment Task 1: Practical Assessment

Weighting: 50%
This assessment task supports CLOs 1–6

Assessment Task 2: Reporting to a Simulated Industry Audience
Weighting: 40%
This assessment task supports CLOs 1–6

Assessment Task 3: In-Class Quizzes
Weighting: 10%
This assessment supports CLOs 1, 3, & 6

If you have a long-term medical condition and/or disability it may be possible to negotiate to vary aspects of the learning or assessment methods. You can contact the program coordinator or Equitable Learning Services if you would like to find out more.