INFO 3002 Ethical Hacking Principles and Practice
Credit Points 10
Legacy Code 301124
Coordinator Weisheng Si Opens in new window
Description This unit teaches students ethical hacking principles and skills with the ultimate goal of defence. It covers practical skills in different stages of ethical hacking, including reconnaissance on public information, port and vulnerability scanning, exploitation of vulnerabilities, post exploitation, and writing a comprehensive report to document detected vulnerabilities and proposed solutions. Students will not only practice with major tools in ethical hacking, but also learn the principles of how these tools work and hence how to defend against them.
School Computer, Data & Math Sciences
Discipline Security Science
Student Contribution Band HECS Band 2 10cp
Check your HECS Band contribution amount via the Fees page.
Level Undergraduate Level 3 subject
Pre-requisite(s) COMP 2004 OR
COMP 2005 AND
COMP 2020
Assumed Knowledge
Students should have a solid understanding of computer networking (especially with the TCP/IP protocol suite), possess basic programming skills in developing computer applications and web applications, and command basic knowledge and skills in databases and operating systems.
Learning Outcomes
- Identify the differences between lawful and unlawful behaviour in conducting ethical hacking
- Apply reconnaissance knowledge and tools to gather public information about systems and networks
- Apply port scanning knowledge and tools to detect port status in target computers
- Apply vulnerability scanning knowledge and tools to detect vulnerabilities in target computers
- Apply exploitation knowledge and tools to verify and exploit the detected vulnerabilities
- Apply post exploitation knowledge and tools to evaluate the severity of vulnerabilities
- Detect and defend against social engineering techniques
- Apply web penetration testing knowledge and tools to detect vulnerabilities in web applications
- Compose a comprehensive report that details detected vulnerabilities and proposed solutions
Subject Content
2. Reconnaissance based on public information, and its major tools
3. Port scanning, and its major tools
4. Vulnerability scanning, and its major tools
5. Exploitation of vulnerabilities, and its major tools
6. Post exploitation, and its major tools
7. Social Engineering, and its major tools
8. Web penetration testing, and its major tools
9. Writing a comprehensive report to document detected vulnerabilities and proposed solutions
Assessment
The following table summarises the standard assessment tasks for this subject. Please note this is a guide only. Assessment tasks are regularly updated, where there is a difference your Learning Guide takes precedence.
| Item | Length | Percent | Threshold | Individual/Group Task |
|---|---|---|---|---|
| Quiz | 30 minutes x 12 weeks | 15 | N | Individual |
| Report | 2 hours x 10 weeks | 25 | N | Individual |
| Report | Project Report (6-10 pages) | 20 | N | Individual |
| Final Exam | One hour | 40 | N | Individual |
Teaching Periods
Autumn
Penrith (Kingswood)
Day
Subject Contact Weisheng Si Opens in new window
View timetable Opens in new window
Parramatta - Victoria Rd
Day
Subject Contact Weisheng Si Opens in new window
View timetable Opens in new window
Sydney City Campus - Term 1
Sydney City
Day
Subject Contact Antoinette Cevenini Opens in new window
View timetable Opens in new window
WSU Online TRI-2
Wsu Online
Online
Subject Contact Weisheng Si Opens in new window
View timetable Opens in new window
Sydney City Campus - Term 2
Sydney City
Day
Subject Contact Weisheng Si Opens in new window