Ethical Hacking

On completion of the course, students will be able to

• explain the basic principles and techniques related to how cyber criminals can gain access to IT systems,
• assess and evaluate the strengths and weaknesses of IT systems in terms of data security,
• implement solutions to strengthen IT security in IT systems,
• perform and present ethical pen tests for educational purposes.

The course begins with a brief description of important concepts needed for ethical hacking, such as operating systems, software, network protocols, network functions, virtualisation, cloud computing and the way cyber-attacks can be carried out.

Aspects that are covered are scouting and information search, as well as identification of the target IT system. Network scanning of the target computer network and network services by vulnerabilities are described.

The course describes how vulnerabilities in OS, applications, network protocols, and network functions can be identified and used to escalate privileges, exfiltrate data, or cause damage.

The course further describes how to protect IT systems from attacks, and it also describes incident management and solutions that can detect computer fraud. The course also covers cryptographic algorithms, reverse engineering of software, and the way malware functions.

• Individual assignment
• Lab reports 
• Presentation
• Seminar 

The grading scale used for the final course grade is U–VG.

Grades are reported as follows:

• Lab reports - 5 Credits | U–G
• Seminar, individual assignment, and presentation - 2.5 Credits | U–VG

Overlaps GDT28Y and GDT2Y3.