IY3D662 - Ethical Hacking 01 Sep 2023 - 31 Aug 2028 | Version 1
Associated Module Information
| Module Code: | IY3D662 | ||
|---|---|---|---|
| Module Title: | Ethical Hacking | ||
| Faculty: | Faculty of Computing, Engineering and Science | ||
| Faculty Group: | Computing and Mathematics | ||
| Faculty Sub Group: | Cyber Security | ||
| Module Leader: | Arun Kumar | ||
| Module Team: | Peter Eden, Sharan Johnstone, Andrew Bellamy, Richard Ward, Sharan Johnstone, Madhu Khurana, Emma Derbi, Joshua Richards, Beth Jenkins, Rachael Medhurst, Nisha Rawindaran, Mamoun Qasem, Amar Seeam | ||
| First Intended Intake: | SEP 2023 | Final Year of Intake: | 2027 |
| Date Closed: | |||
| Credit Value: | 40 | Credit Level: | 6 |
| Language: | English | ||
| Percentage of Module Taught in Welsh: | 0 | ||
| Equivalent Module: | |||
| HECOS codes: | 100376 - computer and information security | ||
| HECOS Code Weighting: | 100 | ||
Document Version Information
| Version | 1 |
|---|---|
| Valid From | 01 Sep 2023 |
| Valid To | 31 Aug 2028 |
Module Aims
To provide detailed technical knowledge of the advanced tools and techniques associated with vulnerability discovery and penetration testing (e.g., blue team/red team).
Content Summary
Pen testing Active Directory Environments Malware analysis
Fuzzing
- Network TCP/IP
- Application
- Authentication Reverse Engineering
- COFF/PE and ELF Formats
- Static and Dynamic Analysis
- Simulation and debugging
Vulnerability Development for Unix and Windows
- Shellcode
- Heap/Stack overflows
- Integer smashing
- Exception creation overflows
- Tools and frameworks (e.g., Metasploit and Nessus/Open-VAS) Chained exploits
- Scripting (e.g., Python / Ruby/ Bash)
Security analysis of embedded systems (e.g. firmware, JTAG) and Internet of Things (IoT) Basics of Social Engineering
Learning and Teaching Methods
| Activity Type | Hours |
|---|---|
| Lecture | 24 |
| Seminar | 12 |
| Practical classes and workshops | 48 |
| Independent Study | 160 |
| Directed Study | 130 |
| Formative Assessment - Scheduled | 2 |
| Groupwork | 24 |
| Total Hours Selected | 400 |
Learning Outcomes
| # | Learning Outcome |
|---|---|
| LO1 | To understand the requirements of the delivery of a penetration testing service (e.g., blue team/red team). |
| LO2 | To manage the creation and delivery of a penetration testing service |
Module Requisites
N/A
Assessment Criteria
| Assessment Category | Assessment Type | Description | Duration | Word Count | Weight (%) | Best of? | Pass Mark |
|---|---|---|---|---|---|---|---|
| Asynchronous Assessment | Report 2 | A practical written report based around a topical practical activity. | 0 | 2000 | 40 | No | 40 |
| Asynchronous Assessment | Report 1 | A practical ethical hacking exercise and report with research elements including a critical evaluation | 0 | 3000 | 60 | No | 40 |
Assessment Matrix
| Assessment Type | Learning Outcomes | ||
|---|---|---|---|
| LO1 | LO2 | ||
| Report 2 | ✔ | ✔ | |
| Report 1 | ✔ | ✔ | |