PENETRATION TESTING PRINCIPLES

CSE5PEN

2021

Credit points: 15

Subject outline

Penetration testing involves assessment of organisational vulnerabilities through the design and execution of technical system tests. This subject introduces students to the principles and processes involved in system penetration testing. It examines common software tools used in a penetration testing exercise. Students will learn various types of penetration testing and their phases, and the interpretation of results from commonly used penetration testing tools. Students will learn of the value of penetration testing for businesses and organisations, and how to use testing results to report on, and to improve, an organisation's security resilience.

SchoolEngineering and Mathematical Sciences

Credit points15

Subject Co-ordinatorJabed Chowdhury

Available to Study Abroad/Exchange StudentsYes

Subject year levelYear Level 5 - Masters

Available as ElectiveNo

Learning ActivitiesN/A

Capstone subjectNo

Subject particulars

Subject rules

Prerequisites Must have passed CSE5NEF or CSE5NSF and CSE5CSP and must be admitted into SMCYC or SMCYL or SMCYB or must obtain subject coordinator's approval

Co-requisitesN/A

Incompatible subjectsN/A

Equivalent subjectsN/A

Quota Management StrategyN/A

Quota-conditions or rulesN/A

Special conditionsN/A

Minimum credit point requirementN/A

Assumed knowledgeN/A

Readings

Penetration Testing Fundamentals: A hands-On Guide to Reliability Security Audits

Resource TypePrescribed

Resource RequirementN/A

AuthorEasttom, Chuck

Year2018

Edition/VolumeN/A

PublisherPearson

ISBN978-0789759375

Chapter/article titleN/A

Chapter/issueN/A

URLN/A

Other descriptionN/A

Source locationN/A

The Hacker Playbook 2: Practical Guide To Penetration Testing

Resource TypePrescribed

Resource RequirementN/A

AuthorKim, Peter

Year2018

Edition/VolumeN/A

PublisherCreatespace Independent Pub

ISBN978-1512214567

Chapter/article titleN/A

Chapter/issueN/A

URLN/A

Other descriptionN/A

Source locationN/A

Career Ready

Career-focusedNo

Work-based learningNo

Self sourced or Uni sourcedN/A

Entire subject or partial subjectN/A

Total hours/days requiredN/A

Location of WBL activity (region)N/A

WBL addtional requirementsN/A

Graduate capabilities & intended learning outcomes

Graduate Capabilities

Intended Learning Outcomes

01. Analyse appropriate software tools and technologies for use in system testing so as to provide assurance of network security.
02. Evaluate the results of penetration testing in phases in a range of contexts and systems to make recommendations
03. Synthesise a range of target scanning methodologies to identify vulnerabilities and reduce risk.
04. Apply simple penetration test methods and produce client reports, explaining key findings to diverse audiences.

Subject options

Select to view your study options…

Start date between: and    Key dates

Melbourne (Bundoora), 2021, Semester 2, Day

Overview

Online enrolmentYes

Maximum enrolment sizeN/A

Subject Instance Co-ordinatorJabed Chowdhury

Class requirements

Computer LaboratoryWeek: 30 - 42
One 2.00 h computer laboratory per week on any day including weekend during the day from week 30 to week 42 and delivered via face-to-face.

Lecture/WorkshopWeek: 30 - 42
One 2.00 h lecture/workshop per week on any day including weekend during the day from week 30 to week 42 and delivered via face-to-face.

Assessments

Assessment elementCommentsCategoryContributionHurdle% ILO*

2 hour exam (2000 words)

N/AN/AN/ANo30 SILO1, SILO2, SILO3, SILO4

Assignment 1 - Attack Planning, written assignment, Individual (1,500-words)

N/AN/AN/ANo20 SILO1, SILO2

Assignment 2 - Attack Execution, written assignment, Individual (1,500-words)

N/AN/AN/ANo20 SILO3, SILO4

Assignment 3 - Word Penetration testing report based your own answers to Assign 2 and 3 (1500-words)

N/AN/AN/ANo30 SILO1, SILO2, SILO3