Course Title: Ethical Hacking for Cyber Security

Part A: Course Overview

Course Title: Ethical Hacking for Cyber Security

Credit Points: 12.00

Terms

Course Code

Campus

Career

School

Learning Mode

Teaching Period(s)

INTE2102

City Campus

Postgraduate

145H Mathematical & Geospatial Sciences

Face-to-Face

Sem 1 2006,
Sem 2 2007,
Sem 1 2009,
Sem 2 2010,
Sem 1 2012,
Sem 2 2013,
Sem 1 2015,
Sem 2 2016

INTE2102

City Campus

Postgraduate

171H School of Science

Face-to-Face

Sem 1 2018,
Sem 2 2019,
Sem 1 2021,
Sem 2 2022

Course Coordinator: Dr. Matt Skerritt

Course Coordinator Phone: NA

Course Coordinator Email: matt.skerritt@rmit.edu.au


Pre-requisite Courses and Assumed Knowledge and Capabilities

This is course introduces a hands on study of practical methods for assessing the security information systems and services. It builds on the overview and skills presented in the pre-requisite courses.

It is assumed that students are familiar with the following concepts and technologies:

Foundations of
• TCP/IP and HTTP protocols
• Web technologies such as HTML and JavaScript
• Linux and Windows Operating Systems (at user level)
• Client-server application architecture
• A programming/scripting language (e.g., Python, PHP, Ruby, JavaScript, BASH, etc).

It is strongly recommended that students familiarize themselves with the basics of security testing methodologies, such as the OSSTMM - Open Source Security Testing Methodology Manual and the OWASP Testing Guide). These are open-source documents that are compulsory pre-reading for this course.

This course is designed to build on top of this knowledge. Students without a technical foundation may struggle to understand the course content and practical assessments.
 

Required Prior Study:

INTE1120 Introduction to Information Security
INTE1122 Case Studies in Information Security
INTE1125 Cryptography and Security

COSC1295 Advanced Programming 

Enforced Pre-Requisites: 

INTE1120 or INTE1122 

COSC1295 Advanced Programming 


Course Description

This course focuses on web application and network security. Students will be taught how to think like a hacker and analyse systems in terms of abuse cases rather than use cases. The methodology and technical skills required for penetration testing will be taught in a hands-on practical manner. Students will apply and demonstrate their knowledge in attacking systems within a virtual environment.


Students will complete assignments in penetration testing of web applications and network servers, resulting in an industry style report of weaknesses including appropriate risk assessments.


The skills and techniques taught in this course can be used both legally and illegally. These techniques must be used ethically at all times.


Objectives/Learning Outcomes/Capability Development

On completion of this course you should be able to:

  1. Identify common security tools and compare and contrast their features and purpose.
    2. Demonstrate a variety of  technical skills used in penetration testing.   
    3. Apply ethical considerations to security testing in a wide variety of circumstances.
    4. Critically review the risks associated with common information systems.
    5. Recommend and implement common security testing techniques, methodologies and information security management policies.
    6. Communicate security findings appropriately for industry audiences.


This course contributes to the following Program Learning Outcomes for MC159 Master of Cyber Security:

International Orientation and Strategic Thinking

  • Graduates will have a strategic and practical overview of the issues in information security and assurance.

Critical Analysis and Problem Solving

  • Evaluate information security risks across diverse service settings including the Internet and WWW based commerce systems, high bandwidth digital communications and funds transfer services,
  • Undertake professional careers or postgraduate research in information security or other IT related fields, acquiring the required information needed to identify real world solutions to real world information security problems.

Communication

  • Graduates will have the ability to communicate both technical and non-technical material in a range of forms (written, electronic, graphic, oral) and to tailor the style and means of communication to different audiences.

Ethical Values

  • Graduates will exhibit an ability to appreciate the ethical considerations that inform judgments and decision making in academic and professional settings.
     


Overview of Learning Activities

The course material will be delivered through pre-recorded and other online learning materials, and in-class discussions and lab work. Students will watch the recordings, attend classes, and participate in discussions and lab-work. Assignments will consist of both application of technical skills as well as reporting results and findings.


Overview of Learning Resources

You will be expected to expand on the subject matter provided in online learning materials. This will take the form of accessing various external and internal resources, such as the library and the Internet. References to books, including text and reference books will be provided in class.

The Internet will be the most important resource. Students will be required to use it as a learning resource on a regular basis. In addition, classmates and the teaching team are also important learning resources.

This course is supported online using an online course site, which gives access to important announcements, a discussion forum, staff contact details, the teaching schedule, assessment timelines. You are advised to read your student e-mail daily for important announcements. You should also visit the course site at least once a day where you will find important announcements regarding the course and all key documents.


Overview of Assessment

This course has no hurdle requirements.

Assessment Tasks:

 

Practical Assessments
Weighting: 50%
This assessment task supports CLOs 1–6

Reporting to a Simulated Industry Audience
Weighting: 40%
This assessment task supports CLOs 1–6

In-Class Quizzes
Weighting: 10%
This assessment supports CLOs 1, 3, & 6