ECTS - Penetration Testing
Penetration Testing (CMPE578) Course Detail
| Course Name | Course Code | Season | Lecture Hours | Application Hours | Lab Hours | Credit | ECTS |
|---|---|---|---|---|---|---|---|
| Penetration Testing | CMPE578 | Area Elective | 3 | 0 | 0 | 3 | 5 |
| Pre-requisite Course(s) |
|---|
| N/A |
| Course Language | English |
|---|---|
| Course Type | Computer Engineering Elective Courses |
| Course Level | Natural & Applied Sciences Master's Degree |
| Mode of Delivery | Face To Face |
| Learning and Teaching Strategies | Lecture, Team/Group. |
| Course Lecturer(s) |
|
| Course Objectives | The objective of this course is to introduce students ethical hacking and penetration testing concepts together with cybersecurity challenges by practicing techniques and tools used by security experts today. |
| Course Learning Outcomes |
The students who succeeded in this course;
|
| Course Content | Penetration testing concepts, ethical issues in penetration testing, building a testing infrastructure, legal issues with penetration testing, port scanning, vulnerability scanning, exploitation, password attacks, web application penetration testing, wireless penetration testing, reporting of the obtained test results. |
Weekly Subjects and Releated Preparation Studies
| Week | Subjects | Preparation |
|---|---|---|
| 1 | Introduction to advanced pen testing (PT): Fundamentals of PT, major steps of PT, security audit standards, PT types, learning by doing (project perspective) | Lecture Notes Chapter 1 (Text Book) |
| 2 | Setting up virtual laboratory for vulnerability attacks and getting familiar with the OS (Linux) | Lecture Notes Chapter 2 (Text Book) |
| 3 | Reconnaissance (information gathering) | Lecture Notes Chapter 3 (Text Book) |
| 4 | Scanning: Installing virtual machines (VMs), detect open ports, detect firewall, obtaining information about software and OS, coding in Python | Lecture Notes Chapter 3 (Text Book) |
| 5 | Vulnerability assessment | Lecture Notes Chapter 4 (Text Book) |
| 6 | Exploitation, Metasploit framework | Lecture Notes Chapter 5 (Text Book) |
| 7 | Midterm | -- |
| 8 | Password Attacks | Lecture Notes Chapter 8 (Text Book) |
| 9 | Web application penetration testing | Lecture Notes Chapter 6 (Text Book) |
| 10 | Coding exercises | Lecture Notes |
| 11 | ARP spoofing, password sniffing | Lecture Notes Chapter 9 (Text Book) |
| 12 | Wireless password cracking | Lecture Notes Chapter 7 (Text Book) |
| 13 | Project presentation | |
| 14 | Reporting process of the penetration testing | Lecture Notes Chapter 10 (Text Book) |
| 15 | Review | |
| 16 | Review |
Sources
| Course Book | 1. Advanced Penetration Testing with Kali Linux: Unlocking industry-oriented VAPT tactics, by Ummed Meel, BPB Online, English Edition, October 7, 2023, ISBN-13: 978-9355519511. |
|---|---|
| Other Sources | 2. Cybersecurity: A Practical Engineering Approach, by Henrique M. D. Santos, Chapman & Hall, 1st Edition, April 28, 2022, ISBN-13: 978-0367252427. |
| 3. Penetration Testing: Step By Step Guide, by Radhi Shatob, 2nd Edition, February, 2021 | ISBN-13: 978-1999541248. | |
| 4. Cybersecurity for Everyone, by David B. Skillicorn, CRC Press, 1st Edition, 2021, ISBN-13: 978-0367642785. | |
| 5. Network Forensics Privacy and Security, by Anchit Bijalwan, CRC Press, 1st Edition, December 28, 2021, ISBN-13: 978-0367493615. | |
| 6. Cybersecurity and High-Performance Computing Environments: Integrated Innovations, Practices, and Applications, Elizabeth Bautista, Jean-Luc Gaudiot, Kuan-Ching Li, Nitin Sukhija (Editors), CRC Press, 1st Edition, May 9, 2022, ISBN-13: 978-0367711504. | |
| 7. Intelligent Mobile Malware Detection (Security, Privacy, and Trust in Mobile Communications), by Tony Thomas, Roopak Surendran, Teenu John, Mamoun Alazab, CRC Press, 1st Edition, 2023, ISBN-13: 978-0367638719 |
Evaluation System
| Requirements | Number | Percentage of Grade |
|---|---|---|
| Attendance/Participation | - | - |
| Laboratory | - | - |
| Application | - | - |
| Field Work | - | - |
| Special Course Internship | - | - |
| Quizzes/Studio Critics | - | - |
| Homework Assignments | - | - |
| Presentation | - | - |
| Project | 1 | 40 |
| Report | - | - |
| Seminar | - | - |
| Midterms Exams/Midterms Jury | 1 | 25 |
| Final Exam/Final Jury | 1 | 35 |
| Toplam | 3 | 100 |
| Percentage of Semester Work | 65 |
|---|---|
| Percentage of Final Work | 35 |
| Total | 100 |
Course Category
| Core Courses | |
|---|---|
| Major Area Courses | |
| Supportive Courses | X |
| Media and Managment Skills Courses | |
| Transferable Skill Courses |
The Relation Between Course Learning Competencies and Program Qualifications
| # | Program Qualifications / Competencies | Level of Contribution | ||||
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | ||
| 1 | An ability to apply advanced knowledge of computing and/or informatics to solve software engineering problems. | X | ||||
| 2 | Develop solutions using different technologies, software architectures and life-cycle approaches. | X | ||||
| 3 | An ability to design, implement and evaluate a software system, component, process or program by using modern techniques and engineering tools required for software engineering practices. | X | ||||
| 4 | An ability to gather/acquire, analyze, interpret data and make decisions to understand software requirements. | X | ||||
| 5 | Skills of effective oral and written communication and critical thinking about a wide range of issues arising in the context of working constructively on software projects. | |||||
| 6 | An ability to access information in order to follow recent developments in science and technology and to perform scientific research or implement a project in the software engineering domain. | |||||
| 7 | An understanding of professional, legal, ethical and social issues and responsibilities related to Software Engineering. | |||||
| 8 | Skills in project and risk management, awareness about importance of entrepreneurship, innovation and long-term development, and recognition of international standards of excellence for software engineering practices standards and methodologies. | |||||
| 9 | An understanding about the impact of Software Engineering solutions in a global, environmental, societal and legal context while making decisions. | |||||
| 10 | Promote the development, adoption and sustained use of standards of excellence for software engineering practices. | |||||
ECTS/Workload Table
| Activities | Number | Duration (Hours) | Total Workload |
|---|---|---|---|
| Course Hours (Including Exam Week: 16 x Total Hours) | 16 | 3 | 48 |
| Laboratory | |||
| Application | |||
| Special Course Internship | |||
| Field Work | |||
| Study Hours Out of Class | 16 | 2 | 32 |
| Presentation/Seminar Prepration | |||
| Project | 1 | 15 | 15 |
| Report | |||
| Homework Assignments | |||
| Quizzes/Studio Critics | |||
| Prepration of Midterm Exams/Midterm Jury | 1 | 15 | 15 |
| Prepration of Final Exams/Final Jury | 1 | 20 | 20 |
| Total Workload | 130 | ||