Have you ever dreamed of belonging to the “red team” and “blue team” trying to anticipate what cyber attackers might do to penetrate a network, compromise a system or shutdown a communication infrastructure with the ultimate goal of strengthening security controls?
This module will equip you with a mindset to think as an attacker while planning for an ethical and legal course of actions for security assessment and penetration testing of a target (for example, a network or a system). You will learn how attackers exploit different vulnerabilities and launch attacks in practice and how to recommend proactive countermeasures on an evidence-based fashion to minimise cyber security incidents as much as possible. You will analyse and compare cyber attackers’ strategies and tactics, including technical and non-technical approaches, hacking tools and compromise phases to pre-emptively envision which controls are missing and report findings to relevant stakeholders.
Upon completion of the module, you will be in a better position to identify attack vectors and act on them using a framework of legal and ethical hacking for continuous improvement of cyber security.
38 (Lectures, Web-based lab exercises), Independent Study 112, Assessment Preparation 50.
Summer
Multi-choice test worth 50%
Computer-based hands-on simulation worth 50%
Reassessment - like for like
On successfully completing the module, students will be able to:
1. Develop a systematic understanding of the requirements for legal and ethical hacking activities with the purpose of improving cyber security of a computer network or system.
2. Contrast and compare hacking tools, security assessment strategies and penetration testing options to select the most appropriate for a specific circumstance.
3. Critically evaluate the likelihood of cyber security compromises based on vulnerability assessment and how hackers could exploit them.
4. Identify attack vectors, technical and non-technical, and assess security controls against them.
5. Recommend improvements to better protect a computer network or system, informed by assessment findings.
University of Kent makes every effort to ensure that module information is accurate for the relevant academic session and to provide educational services as described. However, courses, services and other matters may be subject to change. Please read our full disclaimer.