Ethical Hacking and Penetration Testing
2008-2009 - IMT3491 - 5sp

Anbefalt forkunnskap

IMT2282 Operating systems and IMT3381 Application security

Forventet læringsutbytte

The course will address the vulnerabilities of released software and of network applications. The students should after the end of the course have a good overview of the threats that exists towards released software, networks, and network services. A deeper analysis and a set of practical exercises will be the foundation for a deeper understanding into some specific security vulnerabilities that exists with and without available source code.

Emnets temaer

Ethical Hacking and Penetration Testing – definitions
Password attacks
Privilege escalation
DNS vulnerabilities
Network mapping
Wireless problems
Software vulnerabilities
- Buffer overflow, format strings, integer overflow
Web application problems
- XSS, parameters, persistence
- SQL-injection
Data mining
Fuzzing

Pedagogiske metoder

Forelesninger
Gruppearbeid
Lab.øvelser
Oppgaveløsning

Vurderingsformer

Skriftlig eksamen, 2 timer

Karakterskala

Bokstavkarakterer, A (best) - F (ikke bestått)

Sensorordning

Evaluation by the lecturer

Utsatt eksamen (tidl. kontinuasjon)

Ordinary re-sit examination

New project(s) at next course dates

Tillatte hjelpemidler (gjelder kun skriftlig eksamen)

None

Obligatoriske arbeidskrav

1-3 Project(s), must be approved. Specifics to be announced at course start.

Læremidler

Articles and book chapters. Specifics to be announced at course start.