Penetration Testing
Testimonials
Aleksandra Shcherbakova
Master of Management
“I have met some truly impressive talents and kind personalities among our lecturers."
Angelica Balajadia
Master of Management
“I have found my people here, I have networked here. I am open to doors opening and so many doors are opening already."
Wiranpatchara (Sandy) Wongchanapai
Master of International Business
"Whilst studying at ICMS, I was able to have a strong work/study life balance".
Cameron Colvin
Bachelor of Business (Marketing)
"My work experience boosted my confidence and allowed me to apply theoretical knowledge in practical settings."
Taylor McLeod
Bachelor of Business (Sports Management)
“The small, intimate environment in my lectures makes me feel like I am being heard and that I am getting the most out of my studies."
Julie Williams
Bachelor of Business (Fashion and Global Brand Management)
"I chose ICMS because they have provided me with the opportunity to kickstart my career through their many industry partners".
Keegan Du Preez
Bachelor of Business Management (Accounting)
"ICMS is realistic. They understand the realistic expectations of various markets. It’s not just textbook knowledge, especially compared to every other competitor".
Michaela Mayes
Bachelor of Business (Marketing)
"ICMS' Work Integrated Learning gave me the ability to gain real life experience before I even graduated".
Alana Williams
Bachelor of Business (Accounting)
“I worked full time whilst studying, with ICMS allowing for such a great work to study ratio and balance, where I was flexibly allowed to do both.”
Juliette Wilson
Bachelor of Business (Marketing)
"I think the biggest thing is that you get a personalised experience, and you’ll be treated like a person, not a number".
Calum McKnight
Bachelor of Business (Marketing)
“Very quickly, ICMS gave me a circle of friends who are pretty driven – but who also like to have fun – and when I see where they are now it’s pretty exciting and it drives me further.”
Ewan Metcalfe
Bachelor of Business (Sports Management)
"Through being at this college and the geographical location, it always reminded me to stay grounded, keep working hard to further improve my life and stay happy".
This subject is available under ICMS undergraduate degrees, please click the button below to find an undergraduate course for you.
Subject Code:
CYB304A
Subject Type:
Specialisation
Credit Points:
3 credit points
Pre-requisite/Co-requisite:
ICT103A Programming Principles
CYB201A Network Security
Course level pre-requisite: a total of 24 credit points (15 credit points, including ICT101A, ICT102A, ICT103A, DAT101A from level 100 and 9 credit points from level 200 core subjects) prior enrolling into level 300 core and specialisation subjects
Subject Level:
300
Subject Rationale:
Hackers are exploring new ways to access private networks every day. Their ultimate goal is to identify weaknesses in digital systems and network security and gain unauthorised access to sensitive information to exploit digital assets for their benefit. The road to accomplishing their endgame lies within their ability to identify weaknesses in digital systems and silently intrude into their target destination.
Penetration testing is a powerful tool that enables businesses to analyse organisational capabilities and defence against hackers and cyberattacks. It is an essential element of a cybersecurity assessment as it provides the opportunity to identify vulnerabilities and risks in the organisation’s systems, which hackers are tirelessly seeking.
This subject equips students with the theoretical foundation and practical aspects of discovering system vulnerabilities using penetration testing methods, tools, and techniques. Students will explore various approaches to conduct system vulnerability analysis from an attacker’s viewpoint and use this threat intelligence to mitigate cyberattacks from a defender’s perspective.
Students will plan and implement computer system exploitation cases and scenarios, applying a range of penetration testing approaches, practices, and skills. In addition to the technical aspects of penetration testing, the subject also covers the legal, professional, and ethical considerations, including reporting requirements.
Learning Outcomes:
a) Explain the objectives, role, and applications of penetration testing in cybersecurity vulnerability analysis and organisational information security management systems.
b) Select and apply penetration testing methods, tools, and techniques appropriate to the target digital infrastructure components.
c) Plan and implement penetrating testing to identify and investigate vulnerabilities in computer networks, operating systems, applications, and processes
d) Critically analyse penetration testing outcomes, derive threat intelligence, and evaluate organisational information security design for improvements.
e) Develop and present a penetration testing report exhibiting professional standards and insightfully interpreting findings.
f) Critically evaluate ethical, professional, and legal considerations associated with penetration testing practices and their application.
Student Assessment:
| No | Assessment Task | Weighting | Learning Outcomes |
| 1 | Practical Lab Work | 15% | a, b, c |
| 2 | Case Study | 20% | a, d |
| 3 | Practical – Black-Box Testing | 25% | a -f |
| 4 | White-Box Testing Project (G) | ||
| Part A) Report | 30% | a-f | |
| Part B) Presentation | 10% |
Broad Topics to be Covered:
| Topic: |
Week 1: Introduction and Methodologies
|
Week 2: Reconnaissance
|
Week 3: Kali Linux and Penetration Testing
|
Week 4: Network testing
|
Week 5: Testing a Web Server and Web Application
|
Week 6: Wireless Testing
|
Week 7: Testing a Database
|
Week 8: Testing Windows Operating System and Linux Operating System
|
Week 9: Cyber Threat Intelligence
|
Week 10: Metasploit
|
Week 11: Other Topics
|
Please note that these topics are often refined and subject to change so for up to date weekly topics and suggested reading resources, please refer to the Moodle subject page.