Course - Ethical Hacking - Information Security, Specialization Course - TTM4536
TTM4536 - Ethical Hacking - Information Security, Specialization Course
About
Examination arrangement
Examination arrangement: Portfolio assessment
Grade: Letters
Evaluation | Weighting | Duration | Grade deviation | Examination aids |
---|---|---|---|---|
Arbeider | 20/100 | |||
Arbeider | 20/100 | |||
Muntlig eksamen | 60/100 | 30 minutter |
Course content
The course covers the main techniques used by computer hackers and penetration testers in order to better defend against intrusions and security violations in live systems, including low-level kernel and hardware topics, techniques for web applications, exploit techniques, rootkits and some audit techniques used in digital forensics.
Learning outcome
A. Knowledge: Students will learn the underlying principles and techniques associated with the cybersecurity practice known as penetration testing or ethical hacking. They will become familiar with the entire penetration testing process including planning, reconnaissance, scanning, exploitation, post-exploitation and result reporting. B. Skills: For every offensive penetration technique the students will learn the corresponding remedial technique. By this, the students will develop a practical understanding of the current cybersecurity issues and the ways how the errors made by users, administrators, or programmers can lead to exploitable insecurities.
Learning methods and activities
Lectures, seminars, invited lectures, student presentations and laboratory exercises. Two compulsory practical ethical hacking tasks; both tasks must be approved to qualify for the final exam.
Compulsory assignments
- Work 1
- Work 2
Further on evaluation
Portfolio assessment is the basis for the grade in the course. The portfolio includes two practical ethical hacking tasks which each counts 20% and a oral final exam which counts 60%. The results for the parts are given in %-scores. The entire portfolio is assigned a letter grade. The oral exam is given in English only.
If a student also after the re-sit exam has the final grade F/failed, the student must repeat the entire course. Works that count in the final grade must be repeated.
Recommended previous knowledge
TTM4135 Information Security and TTM4137 Wireless Network Security or equivalent.
Basic knowledge of computer networks, low-level computer organization, experience using Unix-like operating systems, programming languages such as C, Python or x86 assembler, and familiarity with basic web technologies such as Javascript, PHP and SQL.
Course materials
1. "Black Hat Python: Python Programming for Hackers and Pentesters", First Edition, by Justin Seitz, December 14, 2014
2. "Gray Hat Hacking The Ethical Hacker's Handbook", Fourth Edition, by Daniel Regalado et al., McGraw-Hill Education, January 5, 2015,
3. "The Hacker Playbook: Practical Guide To Penetration Testing", by Peter Kim, January 1, 2014
Credit reductions
Course code | Reduction | From | To |
---|---|---|---|
TTM4535 | 7.5 |
Version: 1
Credits:
7.5 SP
Study level: Second degree level
Term no.: 1
Teaching semester: AUTUMN 2017
Language of instruction: English
-
- IKT
- Sivilingeniør
- Technological subjects
- Telematics
Department with academic responsibility
Department of Information Security and Communication Technology
Examination
Examination arrangement: Portfolio assessment
- Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
- Autumn ORD Muntlig eksamen 60/100 2017-12-01 09:00
-
Room Building Number of candidates - Autumn ORD Arbeider 20/100
-
Room Building Number of candidates - Autumn ORD Arbeider 20/100
-
Room Building Number of candidates - Summer UTS Muntlig eksamen 60/100
-
Room Building Number of candidates - Summer UTS Arbeider 20/100
-
Room Building Number of candidates - Summer UTS Arbeider 20/100
-
Room Building Number of candidates
- * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.
For more information regarding registration for examination and examination procedures, see "Innsida - Exams"