Hacking Countermeasures

Abstract

In this subject students will learn how to test computing systems for vulnerabilities and secure them against hacking. Students will learn how attackers find weaknesses in a computing environment, and be asked to critically evaluate system defences intended to prevent such attacks. Students will become familiar with perimeter and endpoint defences, before learning how to scan and attack networks. Students will also become familiar with the material they need to prepare for the EC-Council Certified Ethical Hacker (CEH) industry certification exam during this subject.

Syllabus

Footprinting, scanning and enumerationSystem hacking and penetration testingTrojans, back doors, viruses and wormsNetwork traffic sniffingDenial of serviceSocial engineeringIdentifying and exploiting network vulnerabilitiesCross-site scripting and SQL injectionPhysical securityEvading IDS, firewalls and honeypotsBuffer overflowsCryptography

Learning outcomes

Upon successful completion of this subject, students should:

be able to identify and analyse information system weaknesses, and demonstrate how these make an environment vulnerable to attack;

be able to use reconnaissance and analysis tools and techniques to understand an environment and identify threats;

be able to compare and effectively utilise open source threat intelligence resources when analysing possible threats;

be able to prioritise and implement countermeasures to prevent attackers causing harm to information systems; and

be able to analyse and compare common web application attack techniques, and justify defences that mitigate these attacks.

Assumed knowledge

ITI581 Network Security Fundamentals or ITC595 Information Security

Enrolment restrictions

Only available to students enrolled in IT Masters relevant courses.