Course - Ethical Hacking and Penetration Testing - IMT3491
IMT3491 - Ethical Hacking and Penetration Testing
About
Examination arrangement
Examination arrangement: Written exam and Project work
Grade: Letters
| Evaluation | Weighting | Duration | Grade deviation | Examination aids |
|---|---|---|---|---|
| Written exam | 1/2 | 2 timer | ||
| Projectwork | 1/2 |
Course content
Ethical hacking and penetration testing - definitions
Penetration testing methodologies
Hands-on penetration testing
Learning outcome
Knowledge:
Explain how a penetration test is planned, executed, documented and terminated.
Account for vulnerabilities in general and common services running on internal and external servers for a generic company.
Predict client side vulnerabilities and use the new methods for security breaches that may occur here.
Skills:
Master the most common hacking and penetration testing tools and apply these tools to perform simple penetration testing tasks.
Carry out structured and effective search for security issues in computer systems and computer networks.
Construct effective penetration tests given existing threats towards software, networks, and network services.
Use and abuse access to one system in order to gather more information about the networks and services used by this system.
General competence:
Awareness of vulnerabilities in software both at server and client side, with an extra focus on network applications.
Sensitivity for potential vulnerabilities in the computer systems and networks of a generic company, and ability to make an analysis of potential threats based on a network description.
Overview of a wide set of tools for testing and accessing systems and networks.
Learning methods and activities
Forelesninger|Lab.øvelser|Prosjektarbeid
Obligatoriske arbeidskrav:
2 (two) approved exercises.
Compulsory assignments
- Approved exercises
Further on evaluation
Utfyllende om kontinuasjon:
No re-sit examination - projects and exam are closely connected and related
New project(s) and new exam(s) at next course dates
Vurderingsformer:
Written OR digital exam (50%), depending on the number of students the exam might be oral
Project work (50%)
Both parts must be passed
Specific conditions
Admission to a programme of study is required:
Drift av nettverk og datasystemer (BDR)
Informasjonssikkerhet (BIS)
Information Security (MIS)
Information Security (MISD)
Required previous knowledge
IMT2282 Operating systems
Course materials
Thomas Wilhelm (2013). Professional Penetration Testing, Second Edition: Creating and Learning in a Hacking Lab 2nd Edition.
Georgia Weidman (2014). Penetration Testing: A Hands-On Introduction to Hacking 1st Edition
Additional materials
Lee Allen (2012). Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide.
Credit reductions
| Course code | Reduction | From | To |
|---|---|---|---|
| IMT3004 | 3.7 |
No
Version: 1
Credits:
5.0 SP
Study level: Third-year courses, level III
Term no.: 1
Teaching semester: AUTUMN 2016
Language of instruction: English
-
- Information Security
- Basel Katt
Department with academic responsibility
Department of Information Security and Communication Technology
Examination
Examination arrangement: Written exam and Project work
- Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
-
Autumn
ORD
Projectwork
1/2
Submission
2016-11-11 -
Room Building Number of candidates - Autumn ORD Written exam 1/2 2016-11-30 09:00
-
Room Building Number of candidates
- * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.
For more information regarding registration for examination and examination procedures, see "Innsida - Exams"