PENETRATION TESTING PRINCIPLES
Credit points: 15
Penetration testing involves assessment of organisational vulnerabilities through the design and execution of technical system tests. This subject introduces students to the principles and processes involved in system penetration testing. It examines common software tools used in a penetration testing exercise. Students will learn various types of penetration testing and their phases, and the interpretation of results from commonly used penetration testing tools. Students will learn of the value of penetration testing for businesses and organisations, and how to use testing results to report on, and to improve, an organisation's security resilience.
SchoolSchool Engineering&Mathematical Sciences
Subject Co-ordinatorJabed Chowdhury
Available to Study Abroad StudentsYes
Subject year levelYear Level 5 - Masters
Prerequisites Must have passed CSE5NEF or CSE5NSF and CSE5CSP and must be admitted into SMCYC or SMCYL or SMCYB or must obtain subject coordinator's approval.
|Resource Type||Title||Resource Requirement||Author and Year||Publisher|
|Readings||The Hacker Playbook 2: Practical Guide To Penetration Testing||Prescribed||Kim, Peter (2018)||Createspace Independent Pub|
|Readings||Penetration Testing Fundamentals: A hands-On Guide to Reliability Security Audits||Prescribed||Easttom, Chuck (2018)||Pearson|
Graduate capabilities & intended learning outcomes
01. Analyse appropriate software tools and technologies for use in system testing so as to provide assurance of network security.
- In lectures and practical work, worked examples, case studies demonstrate present malware attacks to students, and how to analyse other cyber security threats. Students create test cases using in-depth technical analysis of risks and typical vulnerabilities.
02. Evaluate the results of penetration testing in phases in a range of contexts and systems to make recommendations
- Lectures will provide Penetration testing standards and offer case studies of typical tests. For practical work students plan penetration tests in phases in accordance with accepted penetration testing standards.
03. Synthesise a range of target scanning methodologies to identify vulnerabilities and reduce risk.
- For practical work students produce test scripts and materials to test new and existing software or services. Lectures will provide knowledge of interpretation, execution and documenting of complex test scripts using agreed methods and standards.
04. Apply simple penetration test methods and produce client reports, explaining key findings to diverse audiences.
- Lectures provide direction on how to record and analyse and review results. In practical work students examine case studies so as to learn how to report on progress, anomalies, risks and issues associated with a given simple penetration test.
Select to view your study options…
Melbourne, 2020, Semester 2, Day
Maximum enrolment sizeN/A
Subject Instance Co-ordinatorJabed Chowdhury
One 2.0 hours lecture/workshop per week on any day including weekend during the day from week 31 to week 43 and delivered via face-to-face.
One 2.0 hours computer laboratory per week on any day including weekend during the day from week 31 to week 43 and delivered via face-to-face.
|2 hour exam (2000 words)||30||01, 02, 03, 04|
|Assignment 1 - Attack Planning, written assignment, Individual (1,500-words)||20||01, 02|
|Assignment 2 - Attack Execution, written assignment, Individual (1,500-words)||20||03, 04|
|Assignment 3 - Word Penetration testing report based your own answers to Assign 2 and 3 (1500-words)||30||01, 02, 03|