Ethical Hacking (Tleuberdin Saken)
Ethical Hacking (Tleuberdin Saken)
Ethical Hacking (Tleuberdin Saken)
Dean
________________________
«____» _____________ 2020
Syllabus
Academic Year 2020 - 2021
1. General information
Course title Penetration testing and ethical hacking
Degree cycle (level)/ 6B06301 “Cyber Security”
major
Year, semester 2, 3
Number of credits 5
Language of English
delivery:
Prerequisites “Fundamentals of programming C++”, “Introduction to cyber security”
Postrequisites No postrequisites
Lecturer(s) Saken Tleuberdin, master of networks and security, lecturer,
[email protected]. Astana IT University, Expo, C1 block,
2nd floor.
2. Goals, objectives and learning outcomes of the course
1. Course “Penetration testing and ethical hacking” is a 10-week course. This
description course covers fundamentals of penetration testing, the concepts of ethical
hacking.
2. Course goal(s) Course goal is to introduce the students to ethical hacking. These course
materials will assist you in developing the skills necessary to work as a
cyber security engineer and as a penetration tester.
3. Course Course objectives include:
objectives: To understand the concept of penetration testing.
To understand the role of ethical hacking to conduct security
assessments.
4. Skills & The course designed for people who are new to the study of cyber
competences security, and does not require any prior skills.
5. Course learning Upon completion of the course, students will be able to perform the
outcomes: following tasks:
Know and apply the hacking skills to perform a penetration test.
Understand basic principles of penetration testing.
Be acquainted with the concepts of information security controls and
countermeasures.
Know and understand enumeration techniques, network scanning
techniques and perform vulnerability analysis
6. Methods of Theoretical and practical assessments
assessment Quizzes
7. Reading list https://dmcxblue.gitbook.io/red-team-notes/
https://book.hacktricks.xyz/
1
8. Resources Online journals, article, papers, books and internet resources.
9. Course policy Course and university policies include:
The student won’t obtain additional points for course attendance, but the
attendance is important to pass the course. In case the student is not able
to attend the classes for some reasons, he/she must inform the dean’s
office in advance and the student itself is responsible for learning all
materials, which were given during unattended lessons.
In case if the student did not attend more than 30% of the classes
without any reasonable excuses, the teacher has a right to mark him as
“not graded”, and the student wouldn’t be admitted to the exam. In other
words, students must participate in at least 70% of all class time,
otherwise he/she fails the course.
Being late on class: When students come to class late, it can disrupt the
flow of a lecture or discussion, distract other students, impede learning,
and generally erode class morale. Moreover, if left unchecked, lateness
can become chronic and spread throughout the class. By the policy of this
course, students who come late to class for more than 5 minutes are not
allowed to get in to class and consequently, they will be marked as
“absent” for the specific hour.
Attestation I and II: Students with score less than 25% for Attestation
period I or Attestation period II (RK1/RK2) are automatically failed and
should take the course again.
2
students and may be a subject of additional disciplinary measures.
Final exam: The final exam for the course “Penetration testing and
ethical hacking” is a multiple-choice test for one hour which covers the
most theoretical part of the course.
Laptops and mobile devices can only be used for classroom purposes
when directed by the teacher. Misuse of laptops or handheld devices will
be considered a breach of discipline and appropriate action will be
initiated by the teacher.
Any student who is found cheating or plagiarizing on any work for this
course will receive 0 (zero) for that work and further actions will also be
taken regarding academic conduct policies of the university.
Academic Conduct Policies of the university: The full texts of all the
academic conduct code will be posted to the students using the learning
management system (moodle.astanait.edu.kz).
Contacting the Instructor (Teacher): The easiest and the most reliable
way to get in touch with the teacher is by email. Students must feel free
to send emails if they have a question related to the course. The teacher
will respond as soon as he can but not always instantaneously. Besides
that, students are also welcomed to arrange a one-to-one meeting with the
teacher by their office during office hours to discuss the class using both
offline and online ways.
3. Course Content
# Abbreviation Meaning
1 TSIS Teacher-supervised independent work
2 SIS Students’ independent work
3
3 IP Individual project
4 PA Practical assignment
5 LW Laboratory work
6 MCQ Multiple choice quiz
(H/W)Lectures
Practice
sessions
Lab. sessions
(H/W)
(H/W)
We
TSIS
(H/W)
SIS
ek Course Topic
(H/W)
No
4
7 Practice locally for hacking web Books, internet resources Exercises
servers and web applications 9
Mid-term test 50
nd
2 Assignments: 100
attestation Assignment 3 25
Assignment 4 25
End-term test 50
Final exam multiple-choice test and practical 100
questions
Total 0,3 * 1st Att + 0,3 * 2nd Att + 0,4*Final 100
Achievement level as per course curriculum shall be assessed according to the evaluation
chart adopted by the academic credit system.
Based on the specific grade for each assignment, and the final grade, following criteria
must be satisfied:
Grade Criteria to be satisfied
5
- Work would be worthy of further dissemination under appropriate conditions
- Mastery of advanced methods and techniques at a level beyond that explicitly
taught
- Ability to synthesize and employ in an original way idea from across the subject
90-100 - Outstanding command of critical analysis and judgment
- Excellent range and depth of attainment of intended outcomes
- Mastery of a wide range of methods and techniques
- Evidence of study and originality of what has been taught
80-89 - Able to display a command of critical analysis and judgement
- Attained all the intended learning outcomes for a unit
- Able to use well a range of methods and techniques to come to conclusions
70-79 - Able to employ critical analysis and judgement
- Some limitations in attainment of learning objectives, but has managed to grasp
most of them
- Able to use most of the methods and techniques taught
- Evidence of study and comprehension of what has been taught but grasp insecure
- Some grasp of the issues and concepts underlying the techniques and material
60-69 taught, but weak and incomplete
- Attainment of only a minority of the learning outcomes
- Able to demonstrate a clear but limited use of some of the basic methods and
techniques taught
- Weak and incomplete grasp of what has been taught
- Deficient understanding of the issues and concepts underlying the techniques and
50-59 material taught
- Attainment of nearly all the intended learning outcomes deficient
- Lack of ability to use at all or the right methods and techniques taught
- Inadequately and incoherently presented
- Wholly deficient grasp of what has been taught
- Lack of understanding of the issues and concepts underlying the techniques and
25-49 material taught
No significant assessable material, absent or assessment missing a must pass
0-24 component
5. Methodological Guidelines
Assessment is administered continuously throughout the course. The students are rated
against their performance in continuous rating administered throughout the semester (60%)
and summative rating done during the examination session (40%), total 100%. Continuous
rating is students’ on-going performance in class and independent work. Class work is assessed
for attendance, laboratory works' defense and in- class assessments.