PENETRATION TESTING PRINCIPLES

CSE5PEN

2020

Credit points: 15

Subject outline

Penetration testing involves assessment of organisational vulnerabilities through the design and execution of technical system tests. This subject introduces students to the principles and processes involved in system penetration testing. It examines common software tools used in a penetration testing exercise. Students will learn various types of penetration testing and their phases, and the interpretation of results from commonly used penetration testing tools. Students will learn of the value of penetration testing for businesses and organisations, and how to use testing results to report on, and to improve, an organisation's security resilience.

School: Engineering and Mathematical Sciences (Pre 2022)

Credit points: 15

Subject Co-ordinator: Jabed Chowdhury

Available to Study Abroad/Exchange Students: Yes

Subject year level: Year Level 5 - Masters

Exchange Students: No

Available as Elective: No

Learning Activities: N/A

Capstone subject: No

Subject particulars

Subject rules

Prerequisites: Must have passed CSE5NEF or CSE5NSF and CSE5CSP and must be admitted into SMCYC or SMCYL or SMCYB or must obtain subject coordinator's approval

Co-requisites: N/A

Incompatible subjects: N/A

Equivalent subjects: N/A

Quota Management Strategy: N/A

Quota-conditions or rules: N/A

Special conditions: N/A

Minimum credit point requirement: N/A

Assumed knowledge: N/A

Learning resources

Penetration Testing Fundamentals: A hands-On Guide to Reliability Security Audits

Resource Type: Book

Resource Requirement: Prescribed

Author: Easttom, Chuck

Year: 2018

Edition/Volume: N/A

Publisher: Pearson

ISBN: 978-0789759375

Chapter/article title: N/A

Chapter/issue: N/A

URL: N/A

Other description: N/A

Source location: N/A

The Hacker Playbook 2: Practical Guide To Penetration Testing

Resource Type: Book

Resource Requirement: Prescribed

Author: Kim, Peter

Year: 2018

Edition/Volume: N/A

Publisher: Createspace Independent Pub

ISBN: 978-1512214567

Chapter/article title: N/A

Chapter/issue: N/A

URL: N/A

Other description: N/A

Source location: N/A

Career Ready

Career-focused: No

Work-based learning: No

Self sourced or Uni sourced: N/A

Entire subject or partial subject: N/A

Total hours/days required: N/A

Location of WBL activity (region): N/A

WBL addtional requirements: N/A

Graduate capabilities & intended learning outcomes

Graduate Capabilities

Intended Learning Outcomes

01. Analyse appropriate software tools and technologies for use in system testing so as to provide assurance of network security.

02. Evaluate the results of penetration testing in phases in a range of contexts and systems to make recommendations

03. Synthesise a range of target scanning methodologies to identify vulnerabilities and reduce risk.

04. Apply simple penetration test methods and produce client reports, explaining key findings to diverse audiences.

Melbourne (Bundoora), 2020, Semester 2, Day

Overview

Online enrolment: Yes

Maximum enrolment size: N/A

Enrolment information: N/A

Subject Instance Co-ordinator: Jabed Chowdhury

Class requirements

Computer LaboratoryWeek: 31 - 43
One 2.00 hours computer laboratory per week on any day including weekend during the day from week 31 to week 43 and delivered via face-to-face.

Lecture/WorkshopWeek: 31 - 43
One 2.00 hours lecture/workshop per week on any day including weekend during the day from week 31 to week 43 and delivered via face-to-face.

Assessments

Assessment element	Comments	Category	Contribution	Hurdle	%	ILO*
2 hour exam (2000 words)	N/A	N/A	N/A	No	30	SILO1, SILO2, SILO3, SILO4
Assignment 1 - Attack Planning, written assignment, Individual (1,500-words)	N/A	N/A	N/A	No	20	SILO1, SILO2
Assignment 2 - Attack Execution, written assignment, Individual (1,500-words)	N/A	N/A	N/A	No	20	SILO3, SILO4
Assignment 3 - Word Penetration testing report based your own answers to Assign 2 and 3 (1500-words)	N/A	N/A	N/A	No	30	SILO1, SILO2, SILO3