Module Code: H9NSPT
Long Title Network Security and Penetration Testing
Title Network Security and Penetration Testing
Module Level: LEVEL 9
EQF Level: 7
EHEA Level: Second Cycle
Credits: 5
Module Coordinator: MICHAEL BRADFORD
Module Author: Margarete Silva
Departments: School of Computing
Specifications of the qualifications and experience required of staff  
Learning Outcomes
On successful completion of this module the learner will be able to:
# Learning Outcome Description
LO1 Critically assess network security characteristics and determine the scope of a penetration test of a network system.
LO2 Design, develop, and implement a security test on network infrastructure in a reasonable time frame.
LO3 Research and critically analyse network and network application security vulnerabilities.
LO4 Justify the choice of tools and techniques that are employed for penetration tests and evaluate the results of these tests.
Dependencies
Module Recommendations

This is prior learning (or a practical skill) that is required before enrolment on this module. While the prior learning is expressed as named NCI module(s) it also allows for learning (in another module or modules) which is equivalent to the learning specified in the named module(s).

No recommendations listed
Co-requisite Modules
No Co-requisite modules listed
Entry requirements  
 

Module Content & Assessment

Indicative Content
Hacking Culture, History and Motivation
• A look into how information security has had to try and keep one step ahead of the bad guys • Why emphasis is on security testing and response to vulnerabilities is essential, and the impact that follows a security breach • Social engineering
Network Principles and Fundamentals
• Brief introduction to basic networking • Principles such as TCP/UDP/IP protocol suite • Common protocols and being able to understand their function
Overview of Networks
• Gathering network information • Practical techniques for network information gathering ◦ Footprinting and fingerprinting ◦ Scanning ◦ Enumeration
Network Security
• Discovery of services running on a network • Identifying vulnerable services • Reasons why they are vulnerable, and potentially exploiting this vulnerability to gain unauthorized access to parts of the network
Vulnerabilities on the Web
• Hacking Windows • Hacking Linux • Remote Connectivity • VOIP • Network Devices • Firewalls • Denial of Service (DOS) / Distributed Denial of Service (DDOS)
Wireless Protocol Security
• Common wireless protocols, vulnerabilities in those protocols (e.g., common 802.11 (Wi-Fi)) • Highlighting other wireless technology standards like Bluetooth • RFID Technologies – Features, flaws • Ways to exploit these flaws
Methodologies for Network Penetration Testing
• White vs. Grey vs. Black Box approaches • Internal and external penetration assessments • Layered penetration attack vectors
Assessment Breakdown%
Coursework40.00%
End of Module Assessment60.00%

Assessments

Full Time

Coursework
Assessment Type: Continuous Assessment % of total: 40
Assessment Date: n/a Outcome addressed: 2,4
Non-Marked: No
Assessment Description:
Practical work will be conducted throughout the semester to assess the learner’s ability to meet the module objectives. Deliverables will be required to be submitted for assessment, reflecting the learner’s understanding of the material covered in the module.
End of Module Assessment
Assessment Type: Terminal Exam % of total: 60
Assessment Date: End-of-Semester Outcome addressed: 1,3
Non-Marked: No
Assessment Description:
Learners are required to complete a formal end-of-semester examination.
No Workplace Assessment
Reassessment Requirement
Repeat examination
Reassessment of this module will consist of a repeat examination. It is possible that there will also be a requirement to be reassessed in a coursework element.

NCIRL reserves the right to alter the nature and timings of assessment

 

Module Workload

Module Target Workload Hours 0 Hours
Workload: Full Time
Workload Type Workload Description Hours Frequency Average Weekly Learner Workload
Lecture No Description 2 Every Week 2.00
Tutorial No Description 2 Every Week 2.00
Independent Learning No Description 6.5 Every Week 6.50
Total Weekly Contact Hours 4.00
 

Module Resources

Recommended Book Resources
  • G. Weidman. (2014), Penetration Testing: A Hands-On Introduction to Hacking, No Starch Press.
  • S. McClure, J. Scambray, G. Kurtz. Hacking exposed 7: Network security Secrets and Solutions, 2012. McGraw-Hill Education, 7th Edition.
  • D. Kennedy, J. O'Gorman, D. Kearns, M. Aharoni. (2011), Metasploit: The Penetration Tester's Guide Paperback, No Starch Press.
Supplementary Book Resources
  • C. McNab. (2016), Network Security Assessment: Know Your Network, 3rd Edition. O’Reilly Media.
This module does not have any article/paper resources
Other Resources
Discussion Note: