N/A

This module will cover a range of elements concerned with digital penetration testing and security testing. Initial lectures consider important soft skills such as documentation techniques, reporting, the law, and risk assessment and management. The practical skills and their related theoretical knowledge include operating system weaknesses, information gathering (both passive and active), and various ethical hacking techniques and processes. Considerable practical focus is made on available tools to assist in auditing and penetration testing. Aspects targeted include operating systems, common network services, and network-based applications.

Upon completion of this module you will be able to:

LO1: Develop an advanced understanding and critically evaluate the planning, and execution, of computer security testing procedures, with particular reference to applicable law, risk management and risk mitigation

LO2: Investigate, critically analyse and reflect on common application, operating system and network vulnerabilities, both theoretically and practically

LO3: Apply the analytical and practical skills needed to perform, assess, and reflect on security testing with reference to appropriate methodologies and frameworks

LO4: Critically evaluate specific security problems and reflect on possible design and configuration changes to mitigate the issues identified

LO5: Reflect on, and critically evaluate, the current research into security testing, threat landscape, and vulnerability mitigation.