Module title: Security Testing and Advanced Network Forensics

SCQF level: 10:
SCQF credit value: 20.00
ECTS credit value: 10

Module code: CSN10107
Module leader: Naghmeh Moradpoor Sheykhkanloo
School School of Computing
Subject area group: Computer Systems
Prerequisites

To study this modules you will need the learning equivalent to the module listed or to have passed this module.

Module Code: CSN08102
Level 8 equivalent networking-related module or module in software development.

2018/9, Trimester 2, Blended, Edinburgh Napier University
Occurrence: 001
Primary mode of delivery: Blended
Location of delivery: MERCHISTON
Partner: Edinburgh Napier University
Member of staff responsible for delivering module: Naghmeh Moradpoor Sheykhkanloo
Module Organiser:


Learning, Teaching and Assessment (LTA) Approach:
Learning & Teaching methods including their alignment to LOs
• The coursework will involve the design, implementation, evaluation and critical analysis of a real-life information infrastructure. There will be a focus on assessing the professional interactions in the vulnerability analysis. [LO2 and LO3].
• The module uses a range of security challenges where students study using the Asecuritysite package. The Asecuritysite Web package contains a completely managed learning environment, where the students can track their performance [LO1]
• Integration with a novel virtualisation infrastructure [LO2 and LO3].

Assessment (formative or summative)
There will be two methods of assessment:

• Coursework [50%]. This relates to a coursework on the design, implementation, evaluation and critical analysis of a real-life information architecture. [LO3].
• On-line tests [50%]: This involves two tests which focus on the two key areas of the module: Penetration testing and network forensics [LO1 and LO2].


Formative Assessment:
The University is currently undertaking work to improve the quality of information provided on methods of assessment and feedback. Please refer to the section on Learning and Teaching Approaches above for further information about this module’s learning, teaching and assessment practices, including formative and summative approaches.

Summative Assessment:
The University is currently undertaking work to improve the quality of information provided on methods of assessment and feedback. Please refer to the section on Learning and Teaching Approaches above for further information about this module’s learning, teaching and assessment practices, including formative and summative approaches.

Student Activity (Notional Equivalent Study Hours (NESH))
Mode of activityLearning & Teaching ActivityNESH (Study Hours)
Face To Face Lecture 24
Face To Face Practical classes and workshops 24
Independent Learning Guided independent study 152
Total Study Hours200
Expected Total Study Hours for Module200


Assessment
Type of Assessment Weighting % LOs covered Week due Length in Hours/Words
Digital Examination (not Centrally Timetabled) 25 1,2 8 HOURS= 1, WORDS= 0
Project - Written 50 3 14/15 HOURS= 16, WORDS= 0
Digital Examination (not Centrally Timetabled) 25 1, 2 13 HOURS= 1, WORDS= 0
Component 1 subtotal: 100
Component 2 subtotal: 0
Module subtotal: 100

Description of module content:

The aim of the module is to develop a deep understanding of advanced areas related to security and vulnerability analysis, that will allow graduates to act professionally in the design, analysis, implementation, and testing of real-life information infrastructures. An outline of the main areas includes:

- Virtualised security test environments (services, hosts, servers and security devices).

- Vulnerability and Threat Analysis. Network trace analysis, enumeration and scanning.

- Penetration Testing. Metasploit, Backdoors, Fuzzifiers, Metasploitable and Armitage.

- Signature Creation and Detection for Network/Host Device Detection. - Web and Database Security Testing. Threat creation, detection and mitigation.

- Advanced Penetration and Security Testing.

- Introduction to Malware Analysis. Malware Creation and Detection.- Introduction to SIEM integration. Searching across logs and log aggregation.

- Advanced Network Protocol Analysis. - Stenography.

- Internet of Things Security.


Learning Outcomes for module:

Upon completion of this module you will be able to

LO1:Develop an advanced knowledge of key security fundamentals for threat and vulnerability analysis.

LO2:Understand the key academic principles and practical skills required to follow a career in threat analysis and penetration testing.

LO3:Design, implement, evaluate and critically analyse the vulnerability assessment of a complex information infrastructure.

Indicative References and Reading List - URL:

Core - BUCHANAN WJ (2009) SECURITY AND NETWORK FORENSICS: AUERBACH PUBLISHERS INC, 1st ed. - ISBN: 084933568
Core - ASECURITY SITE - WWW.ASECURITYSITE.COM
Core - PETER ZADROZNY, RAGHU KODALI (2013) BIG DATA ANALYTICS USING SPLUNK: DERIVING OPERATIONAL INTELLIGENCE FROM SOCIAL MEDIA, MACHINE DATA,: SPRINGER VERLAG GMBH, 2013rd ed. - ISBN: 978143025761
Core - GEORGIA WEIDMAN (2014) PENETRATION TESTING: A HANDS-ON INTRODUCTION TO HACKING: NO STARCH PRESS, 1st ed. - ISBN: 978159327564
Click here to view the LibrarySearch.