COMP47860 Ethical Hacking

Academic Year 2022/2023

Applications continue to be leveraged as a means of attack into organisations and even individual stakeholders. As an asset to organisations it is fundamental that a mature application security program is in place to protect against threats. In this module, students will gain an deep understanding of application security from threats to the vulnerabilities that open up an application to threats, how a vulnerability can be leveraged to perform an exploit and finally countermeasures in preventing or safeguarding against threats to mitigate risk. Students will be faced with a number of real world challenges while remaining inside an ethical sphere.

Show/hide contentOpenClose All

Curricular information is subject to change

Learning Outcomes:

On completion of this module students should be able to:
1. Students should have a strong understanding of ethics, the hacker mindset and the motivation of whitehat and black hat hackers.
2. Students should have a strong understanding of the top industry threats.
3. Students should have an understanding of security assessment techniques.
4. Students should be able to demonstrate industry utilised hacking tools.
5. Students should be able to articulate risk appropriately.
6. Students should be able to demonstrate impact of vulnerabilities through POCs.
7. Students should be able to demonstrate industry best practice mitigations.

Indicative Module Content:

Introduction to Ethical Hacking
Industry Threats
Measuring Risk (Common Vulnerability Scoring System)
SQL Injection
Cross Site Scripting (XSS)
Cross Site Request Forgery (CSRF)
Broken Authentication
Broken Authorisation
Bad Cryptography
Current Trends

Student Effort Hours: 
Student Effort Type Hours
Autonomous Student Learning

80

Lectures

12

Practical

24

Total

116

Approaches to Teaching and Learning:
Lectures
Practical exercises 
Requirements, Exclusions and Recommendations

Not applicable to this module.


Module Requisites and Incompatibles
Not applicable to this module.
 
Assessment Strategy  
Description Timing Open Book Exam Component Scale Must Pass Component % of Final Grade
Continuous Assessment: Case Study Varies over the Trimester n/a Graded No

20

Project: Penetration Testing Report Coursework (End of Trimester) n/a Graded No

40

Multiple Choice Questionnaire: Multiple Choice Quiz End of trimester MCQ n/a Graded No

40


Carry forward of passed components
Yes
 
Resit In Terminal Exam
Summer No
Please see Student Jargon Buster for more information about remediation types and timing. 
Feedback Strategy/Strategies

• Feedback individually to students, post-assessment

How will my Feedback be Delivered?

Not yet recorded.

Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition, 6th Edition
by Allen Harper, Ryan Linn, Stephen Sims, Michael Baucom, Huascar Tejeda, Daniel Fernandez, Moses Frost
Released March 2022
Publisher(s): McGraw-Hill
ISBN: 9781264268955
Name Role
Kushal Ramkumar Tutor
Timetabling information is displayed only for guidance purposes, relates to the current Academic Year only and is subject to change.
 
Spring
     
Practical Offering 1 Week(s) - 20, 21, 23, 24, 25, 26, 30, 33 Mon 15:00 - 16:50
Practical Offering 1 Week(s) - 29, 32 Mon 15:00 - 16:50
Spring