Course Title: Security Testing

Part A: Course Overview

Course Title: Security Testing

Credit Points: 12.00

Important Information:

Please note that this course may have compulsory in-person attendance requirements for some teaching activities. 

 


Terms

Course Code

Campus

Career

School

Learning Mode

Teaching Period(s)

INTE2580

City Campus

Postgraduate

175H Computing Technologies

Face-to-Face

 Sem 2 2022,
Sem 2 2023

INTE2604

RMIT University Vietnam

Postgraduate

175H Computing Technologies

Face-to-Face

 Viet2 2023

Course Coordinator: Dr Shabnam Kasra Kermanshahi

Course Coordinator Phone: N/A

Course Coordinator Email: shabnam.kasra.kermanshahi@rmit.edu.au

Course Coordinator Location: N/A

Course Coordinator Availability: By appointment, by email


Pre-requisite Courses and Assumed Knowledge and Capabilities

Enforced Pre-requisite courses

Successful completion of:

COSC2737 - IT Infrastructure and Security (Course ID 052703)

Note: it is a condition of enrolment at RMIT that you accept responsibility for ensuring that you have completed the prerequisite/s and agree to concurrently enrol in co-requisite courses before enrolling in a course.

For your information go to RMIT Course Requisites webpage.


Course Description

The main objective of this course is for students to acquire the tools and techniques necessary to perform practical security testing in various areas. Students are provided with a range of practical exercises and tasks to reinforce their skills including: monitor the Internet traffic, testing of secure applications, identification of vulnerabilities in networked and mobile/wireless applications. In addition, students will learn input validation techniques to minimise security risks, man-in-the-middle attack techniques to be able to build more secure networked applications, practical secure software testing techniques to be able to test applications for security bugs.


Objectives/Learning Outcomes/Capability Development

This course contributes to the following Program Learning Outcomes (PLOs) for MC208 Master of Information Technology:

  • Enabling Knowledge: You will gain skills as you apply knowledge effectively in diverse contexts.

  • Critical Analysis: You will learn to accurately and objectively examine and consider computer science and information technology (IT) topics, evidence, or situations, in particular to: (i) Analyse and model requirements and constraints for the purpose of designing and implementing software artefacts and IT systems; (ii) Evaluate and compare designs of software artefacts and IT systems on the basis of organisational and user requirements.

  • Problem Solving: Your capability to analyse problems and synthesise suitable solutions will be extended as you learn to: Design and implement software solutions that accommodate specified requirements and constraints, based on analysis or modelling or requirements specification. 

  • Communication: You will learn to communicate effectively with a variety of audiences through a range of modes and media, in particular to: Present a clear, coherent and independent exposition of software applications, alternative IT solutions, and decision recommendations to both IT and non-IT personnel via technical reports of professional standard and technical presentations. Interpret abstract theoretical propositions, choose methodologies, justify conclusions and defend professional decisions to both IT and non-IT personnel via technical reports of professional standard and technical presentations.

  • Team Work: You will learn to work as an effective and productive team member in a range of professional and social situations, in particular to: Work effectively in different roles, to form, manage, and successfully produce outcomes from teams whose members may have diverse cultural backgrounds and life circumstances and differing levels of technical expertise. 


On successful completion of this course you should be able to:

  1. Investigate methods that are appropriate for the realisation security testing in software, web, network and systems;
  2. Investigate and model the possible vulnerabilities and threats for a given application system;
  3. Design, implement test procedures and perform post-testing evaluation;
  4. Research, analyse and evaluate security related scenarios


Overview of Learning Activities

The learning activities included in this course are one hour lectorial plus two hour Labtute each week over 12 weeks:

  • Key concepts are given on Canvas; Lectorial enables Q&A and further discussions; tools and software used will be demonstrated in the Labtute;
  • Labs focused on practice which allow exploration of security loopholes, and give feedback on your progress and understanding;
  • Assignments, as described in Overview of Assessment (below), requiring an integrated understanding of the subject matter; and private study, working through the course as presented in classes and learning materials, and gaining practice at solving conceptual and technical problems.


Overview of Learning Resources

You will make extensive use of computer laboratories and relevant software provided by the School. You will be able to access course information and learning materials through Canvas. Lists of relevant reference texts, resources in the library and freely accessible Internet sites will be provided.

Use the RMIT Bookshop’s textbook list search page to find any recommended textbook(s).


Overview of Assessment

This course has no hurdle requirements.

The assessment for this course comprises practical work involving the penetration testing, class tests and a final exam.

Assessment 1: Assignment 1
Weighting 30%
This assessment task supports CLOs 1, 2 & 3

Assessment 2: Assignment 2 
Weighting 40%
This assessment task supports CLOs 1, 3 & 4

Assessment 3: Assignment 3
Weighting 30%
This assessment task supports CLOs 2, 3 & 4