| Module Title: | Penetration Testing (Ethical Hacking) |
|---|
| Language of Instruction: | English |
|---|
| Module Delivered In |
No Programmes
|
| Teaching & Learning Strategies: |
As well as traditional lectures learners will undertake various laboratory exercises. Learners will be expected to actively participate in class and work throughout each scheduled lab session to accomplish assigned tasks. |
| Module Aim: |
To provide learners with a theoretical knowledge and the practical skills of security testing and documenting the security posture of software applications and underlying infrastructure, with particular emphases on web technologies. |
| Learning Outcomes |
| On successful completion of this module the learner should be able to: |
| LO1 |
Apply a repeatable security testing methodology to penetration testing. |
| LO2 |
Appraise and exploit the most prevalent software application security vulnerabilities. |
| LO3 |
Perform both manual and automated vulnerability identification and analysis. |
| LO4 |
Produce documentation of activities performed during testing such that vulnerability exploitation is repeatable. |
| LO5 |
Produce and justify actionable results with information about possible remediation measures for the successfully identified vulnerabilities. |
| Pre-requisite learning |
Module Recommendations
This is prior learning (or a practical skill) that is recommended before enrolment in this module.
|
| No recommendations listed |
Incompatible Modules
These are modules which have learning outcomes that are too similar to the learning outcomes of this module. |
| No incompatible modules listed |
Co-requisite Modules
|
| No Co-requisite modules listed |
Requirements
This is prior learning (or a practical skill) that is mandatory before enrolment in this module is allowed. |
| No requirements listed |
Module Content & Assessment
| Indicative Content |
|
System Reconnaissance
Reconnaissance, footprinting, google Hacking, network and application scanning tools, enumeration techniques and tools.
|
|
System Hacking & Techniques
Hacking web-servers, hacking web applications, OWASP (Open Web Application Security Project) top ten vulnerability categories, hacking wireless networks, hacking mobile platforms, vulnerability exploitation, vulnerability scanning tools, social engineering, session hijacking.
|
|
Countermeasures and Evasion
Firewalls, IDS, IPS, honeypot and evasion techniques
|
|
Documentation
Produce documentation of vulnerability analysis.
Promote and recommend protection/vulnerability mitigation measures.
|
| Assessment Breakdown | % |
|---|
| Continuous Assessment | 20.00% |
| Project | 30.00% |
| End of Module Formal Examination | 50.00% |
| Continuous Assessment |
|---|
| Assessment Type |
Assessment Description |
Outcome addressed |
% of total |
Assessment Date |
| Examination |
Assessment on Semester 1 content. |
2,5 |
10.00 |
Sem 1 End |
| Examination |
Assessment on Semester 2 content. |
2,5 |
10.00 |
Sem 2 End |
| Project |
|---|
| Assessment Type |
Assessment Description |
Outcome addressed |
% of total |
Assessment Date |
| Project |
Project based on content covered in practical’s. |
1,2,3,4,5 |
15.00 |
Sem 1 End |
| Project |
Project based on content covered in practical’s |
1,2,3,4,5 |
15.00 |
Sem 2 End |
| End of Module Formal Examination |
|---|
| Assessment Type |
Assessment Description |
Outcome addressed |
% of total |
Assessment Date |
| Formal Exam |
The terminal exam will be a 3 hour written test. |
1,2,3,4,5 |
50.00 |
End-of-Semester |
SETU Carlow Campus reserves the right to alter the nature and timings of assessment
Module Workload
| Workload: Full Time |
| Workload Type |
Frequency |
Average Weekly Learner Workload |
| Lecture |
Every Week |
1.00 |
| Laboratory |
Every Week |
2.00 |
| Independent Learning Time |
Every Week |
2.00 |
| Total Hours |
5.00 |
|
