INFO 3002 Ethical Hacking Principles and Practice

This is an archived copy of the 2021-2022 catalog. To access the most recent version of the catalog, please visit https://hbook.westernsydney.edu.au.

Credit Points 10

Legacy Code 301124

Coordinator Weisheng Si Opens in new window

Description This unit teaches students ethical hacking principles and skills with the ultimate goal of defence. It covers practical skills in different stages of ethical hacking, including reconnaissance on public information, port and vulnerability scanning, exploitation of vulnerabilities, post exploitation, and writing a comprehensive report to document detected vulnerabilities and proposed solutions. Students will not only practice with major tools in ethical hacking, but also learn the principles of how these tools work and hence how to defend against them.

School Computer, Data & Math Sciences

Discipline Security Science

Student Contribution Band HECS Band 2 10cp

Check your HECS Band contribution amount via the Fees page.

Level Undergraduate Level 3 subject

Pre-requisite(s) COMP 2004 OR
COMP 2005 AND
COMP 2020

Assumed Knowledge

Students should have a solid understanding of computer networking (especially with the TCP/IP protocol suite), possess basic programming skills in developing computer applications and web applications, and command basic knowledge and skills in databases and operating systems.

Learning Outcomes

On successful completion of this subject, students should be able to:
  1. Identify the differences between lawful and unlawful behaviour in conducting ethical hacking
  2. Apply reconnaissance knowledge and tools to gather public information about systems and networks
  3. Apply port scanning knowledge and tools to detect port status in target computers
  4. Apply vulnerability scanning knowledge and tools to detect vulnerabilities in target computers
  5. Apply exploitation knowledge and tools to verify and exploit the detected vulnerabilities
  6. Apply post exploitation knowledge and tools to evaluate the severity of vulnerabilities
  7. Detect and defend against social engineering techniques
  8. Apply web penetration testing knowledge and tools to detect vulnerabilities in web applications
  9. Compose a comprehensive report that details detected vulnerabilities and proposed solutions

Subject Content

1. Introduction to ethical hacking: concepts, legal requirements, stages, and lab environment
2. Reconnaissance based on public information, and its major tools
3. Port scanning, and its major tools
4. Vulnerability scanning, and its major tools
5. Exploitation of vulnerabilities, and its major tools
6. Post exploitation, and its major tools
7. Social Engineering, and its major tools
8. Web penetration testing, and its major tools
9. Writing a comprehensive report to document detected vulnerabilities and proposed solutions

Assessment

The following table summarises the standard assessment tasks for this subject. Please note this is a guide only. Assessment tasks are regularly updated, where there is a difference your Learning Guide takes precedence.

Item Length Percent Threshold Individual/Group Task
Quiz 30 minutes x 12 weeks 15 N Individual
Report 2 hours x 10 weeks 25 N Individual
Report Project Report (6-10 pages) 20 N Individual
Final Exam One hour 40 N Individual

Teaching Periods

Autumn

Penrith (Kingswood)

Day

Subject Contact Weisheng Si Opens in new window

View timetable Opens in new window

Parramatta - Victoria Rd

Day

Subject Contact Weisheng Si Opens in new window

View timetable Opens in new window

Sydney City Campus - Term 1

Sydney City

Day

Subject Contact Antoinette Cevenini Opens in new window

View timetable Opens in new window

WSU Online TRI-2

Wsu Online

Online

Subject Contact Weisheng Si Opens in new window

View timetable Opens in new window

Sydney City Campus - Term 2

Sydney City

Day

Subject Contact Weisheng Si Opens in new window

View timetable Opens in new window