ECTS - Penetration Testing
Penetration Testing (CMPE578) Course Detail
| Course Name | Course Code | Season | Lecture Hours | Application Hours | Lab Hours | Credit | ECTS |
|---|---|---|---|---|---|---|---|
| Penetration Testing | CMPE578 | Area Elective | 3 | 0 | 0 | 3 | 5 |
| Pre-requisite Course(s) |
|---|
| N/A |
| Course Language | English |
|---|---|
| Course Type | Elective Courses Taken From Other Departments |
| Course Level | Natural & Applied Sciences Master's Degree |
| Mode of Delivery | Face To Face |
| Learning and Teaching Strategies | Lecture, Team/Group. |
| Course Lecturer(s) |
|
| Course Objectives | The objective of this course is to introduce students ethical hacking and penetration testing concepts together with cybersecurity challenges by practicing techniques and tools used by security experts today. |
| Course Learning Outcomes |
The students who succeeded in this course;
|
| Course Content | Penetration testing concepts, ethical issues in penetration testing, building a testing infrastructure, legal issues with penetration testing, port scanning, vulnerability scanning, exploitation, password attacks, web application penetration testing, wireless penetration testing, reporting of the obtained test results. |
Weekly Subjects and Releated Preparation Studies
| Week | Subjects | Preparation |
|---|---|---|
| 1 | Introduction to advanced pen testing (PT): Fundamentals of PT, major steps of PT, security audit standards, PT types, learning by doing (project perspective) | Lecture Notes Chapter 1 (Text Book) |
| 2 | Setting up virtual laboratory for vulnerability attacks and getting familiar with the OS (Linux) | Lecture Notes Chapter 2 (Text Book) |
| 3 | Reconnaissance (information gathering) | Lecture Notes Chapter 3 (Text Book) |
| 4 | Scanning: Installing virtual machines (VMs), detect open ports, detect firewall, obtaining information about software and OS, coding in Python | Lecture Notes Chapter 3 (Text Book) |
| 5 | Vulnerability assessment | Lecture Notes Chapter 4 (Text Book) |
| 6 | Exploitation, Metasploit framework | Lecture Notes Chapter 5 (Text Book) |
| 7 | Midterm | -- |
| 8 | Password Attacks | Lecture Notes Chapter 8 (Text Book) |
| 9 | Web application penetration testing | Lecture Notes Chapter 6 (Text Book) |
| 10 | Coding exercises | Lecture Notes |
| 11 | ARP spoofing, password sniffing | Lecture Notes Chapter 9 (Text Book) |
| 12 | Wireless password cracking | Lecture Notes Chapter 7 (Text Book) |
| 13 | Project presentation | |
| 14 | Reporting process of the penetration testing | Lecture Notes Chapter 10 (Text Book) |
| 15 | Review | |
| 16 | Review |
Sources
| Course Book | 1. Advanced Penetration Testing with Kali Linux: Unlocking industry-oriented VAPT tactics, by Ummed Meel, BPB Online, English Edition, October 7, 2023, ISBN-13: 978-9355519511. |
|---|---|
| Other Sources | 2. Cybersecurity: A Practical Engineering Approach, by Henrique M. D. Santos, Chapman & Hall, 1st Edition, April 28, 2022, ISBN-13: 978-0367252427. |
| 3. Penetration Testing: Step By Step Guide, by Radhi Shatob, 2nd Edition, February, 2021 | ISBN-13: 978-1999541248. | |
| 4. Cybersecurity for Everyone, by David B. Skillicorn, CRC Press, 1st Edition, 2021, ISBN-13: 978-0367642785. | |
| 5. Network Forensics Privacy and Security, by Anchit Bijalwan, CRC Press, 1st Edition, December 28, 2021, ISBN-13: 978-0367493615. | |
| 6. Cybersecurity and High-Performance Computing Environments: Integrated Innovations, Practices, and Applications, Elizabeth Bautista, Jean-Luc Gaudiot, Kuan-Ching Li, Nitin Sukhija (Editors), CRC Press, 1st Edition, May 9, 2022, ISBN-13: 978-0367711504. | |
| 7. Intelligent Mobile Malware Detection (Security, Privacy, and Trust in Mobile Communications), by Tony Thomas, Roopak Surendran, Teenu John, Mamoun Alazab, CRC Press, 1st Edition, 2023, ISBN-13: 978-0367638719 |
Evaluation System
| Requirements | Number | Percentage of Grade |
|---|---|---|
| Attendance/Participation | - | - |
| Laboratory | - | - |
| Application | - | - |
| Field Work | - | - |
| Special Course Internship | - | - |
| Quizzes/Studio Critics | - | - |
| Homework Assignments | - | - |
| Presentation | - | - |
| Project | 1 | 40 |
| Report | - | - |
| Seminar | - | - |
| Midterms Exams/Midterms Jury | 1 | 25 |
| Final Exam/Final Jury | 1 | 35 |
| Toplam | 3 | 100 |
| Percentage of Semester Work | 65 |
|---|---|
| Percentage of Final Work | 35 |
| Total | 100 |
Course Category
| Core Courses | |
|---|---|
| Major Area Courses | X |
| Supportive Courses | |
| Media and Managment Skills Courses | |
| Transferable Skill Courses |
The Relation Between Course Learning Competencies and Program Qualifications
| # | Program Qualifications / Competencies | Level of Contribution | ||||
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | ||
| 1 | To be able to use mathematics, science and engineering knowledge in solving engineering problems related to information systems. | X | ||||
| 2 | Design and conduct experiments in the field of informatics, analyze and interpret the results of experiments. | X | ||||
| 3 | Designs an information system, component and process according to the specified requirements. | X | ||||
| 4 | Can work effectively in disciplinary and multidisciplinary teams. | |||||
| 5 | Identify, formulate and solve engineering problems in the field of informatics. | X | ||||
| 6 | Acts in accordance with professional ethical rules. | |||||
| 7 | Communicates effectively both orally and in writing. | |||||
| 8 | Gains awareness of the necessity of lifelong learning. | |||||
| 9 | Learn about contemporary issues. | X | ||||
| 10 | To be able to use modern engineering tools, techniques and skills required for engineering practice. | X | ||||
| 11 | Knows project management methods and recognizes international standards. | X | ||||
| 12 | Develop informatics-related engineering products and prototypes for real-life problems. | X | ||||
| 13 | Contributes to professional knowledge. | |||||
| 14 | Can do methodological scientific research. | |||||
| 15 | Produce, report and present a scientific work based on an original or existing body of knowledge. | |||||
| 16 | Can defend the original idea generated. | |||||
ECTS/Workload Table
| Activities | Number | Duration (Hours) | Total Workload |
|---|---|---|---|
| Course Hours (Including Exam Week: 16 x Total Hours) | 16 | 3 | 48 |
| Laboratory | |||
| Application | |||
| Special Course Internship | |||
| Field Work | |||
| Study Hours Out of Class | 16 | 2 | 32 |
| Presentation/Seminar Prepration | |||
| Project | 1 | 15 | 15 |
| Report | |||
| Homework Assignments | |||
| Quizzes/Studio Critics | |||
| Prepration of Midterm Exams/Midterm Jury | 1 | 15 | 15 |
| Prepration of Final Exams/Final Jury | 1 | 20 | 20 |
| Total Workload | 130 | ||