Pen Testing

Abstract

A penetration test, colloquially known as a pen test, is an authorised simulated cyber attack on a computer system, performed to evaluate the security of the system. During this subject, students will learn how to use penetration testing to gain an understanding of the security posture of IT environments and then highlight short- and long-term recommendations for increasing security. Students will then develop a comprehensive report detailing the findings of a penetration test and what steps the organisation needs to take to reduce their cyber security risk profile. The subject also provides hands-on activities for students to practice their penetration testing skills by engaging in a practical exercise in which they hack into a controlled lab environment.

Syllabus

Scoping a penetration testPutting together a penetration testing platformRisk Management BasicsScanning the networkComplianceCustomer engagementService and account enumerationSocial engineeringVulnerability scanningWeb application exploitsPrivilege escalationWireless attacksThe penetration test report

Learning outcomes

Upon successful completion of this subject, students should:

be able to identify the vulnerabilities of systems and allocate priority to activities needed to improve security and securing infrastructure;

be able to validate and exploit common vulnerabilities located in the attack surface of systems and applications;

be able to determine the plausibility of a particular set of attack vectors;

be able to advise on how organisations can meet cyber security compliance requirements;

be able to assess and report on the potential impact of cyber security breaches on a company; and

be able to develop a detailed penetration testing report at a professional level suitable for a company executive audience.

Enrolment restrictions

Only available to students enrolled in IT Masters relevant courses.

Handbook

ITE535 - Pen Testing

Abstract

Syllabus

Learning outcomes

Enrolment restrictions