UniSQ Logo
The current and official versions of the course specifications are available on the web at https://www.usq.edu.au/course/specification/current.
Please consult the web for updates that may occur during the year.

CSC8101 Penetration Testing

Semester 1, 2023 Toowoomba On-campus
Units : 1
School or Department : School of Mathematics, Physics & Computing
Grading basis : Graded
Course fee schedule : https://www.unisq.edu.au/current-students/administration/fees/fee-schedules
Version produced : 28 May 2023

Staffing

Course Coordinator: Wencheng Yang

Requisites

Pre-requisite: CSC8100

Overview

Penetration testing or ethical hacking involves testing computer systems, networks or web applications for security vulnerabilities which a hacker could potentially exploit. This course provides students with the skills to perform penetration testing to determine whether a system is vulnerable and to suggest countermeasures to the system owner.

This course provides students with practical experience attempting to break into computer systems for the purpose of stress testing and discovering weaknesses. Students will be using a list of exploits which they are expected to successfully exercise on a series of target systems provided.

Course learning outcomes

On successful completion of this course students should be able to:

  1. Use high-level knowledge of the current vulnerabilities of computer systems and networks including the exploitation of system weaknesses when designing and implementing well secured systems.
  2. Develop, apply and analyse scripts and tools used in penetration testing of computer systems.
  3. Successfully undertake remote penetration testing to identify system strengths and weaknesses.
  4. Identify, exploit, and report vulnerabilities to protect computing systems.
  5. Design and Apply creative problem-solving techniques, based on evidence collected from penetration tests, to minimise the risk of being hacked.
  6. Understand and relate legal and ethical issues with penetration testing.

Topics

Description Weighting(%)
1. Analyse the more important vulnerabilities of computer and web systems. 20.00
2. Compare and evaluate tools used in ethical hacking of computer and web systems. 20.00
3. Prepare payload scripts for exploiting vulnerabilities. 10.00
4. Explore various penetration testing standards and synthesize the standards into a single four phase approach to penetration testing. 20.00
5. Create and evaluate security audit report with evaluations, recommendations and remediation steps to correct the problems found. 20.00
6. Relate legal and ethical issues with penetration testing. 10.00

Text and materials required to be purchased or accessed

Easttom, Chuck 2018, Penetration Testing Fundamentals – A Hands-On Guide to Reliable Security Audits.
(ISBN-13: 978-0-7897-5937-5 ISBN-10: 0-7897-5937-3.)

Student workload expectations

To do well in this subject, students are expected to commit approximately 10 hours per week including class contact hours, independent study, and all assessment tasks. If you are undertaking additional activities, which may include placements and residential schools, the weekly workload hours may vary.

Assessment details

Approach Type Description Group
Assessment
Weighting (%) Course learning outcomes
Assignments Written Problem Solving No 30 1,2,6
Assignments Written Report No 40 1,2,3,4,5
Assignments Written Critique (written) No 30 1,2,3,4,5
Date printed 28 May 2023