CSC8212 : Security Tools and Analysis (Inactive)
- Inactive for Year: 2024/25
- Module Leader(s): Dr Rasha Ibrahim
- Owning School: Computing
- Teaching Location: Newcastle City Campus
Semesters
Your programme is made up of credits, the total differs on programme to programme.
| Semester 1 Credit Value: | 20 |
| ECTS Credits: | 10.0 |
| European Credit Transfer System | |
Aims
It is often impossible to guarantee the complete security of a system, and a cyber-security analyst often aims instead to reveal gaps in security provisioning. The aim of this module is to develop skills to select and apply tools and techniques for carrying out security testing strategies including vulnerability scanning, penetration testing and ethical hacking.
Outline Of Syllabus
• This module will look at a range of security tools and analysis, covering:
• Definition of Ethical Hacking
• Network Analysis (such as host discovery and traffic analysis)
• Web Application Analysis (such as XSS and vulnerability reporting)
• Operating System Analysis (such as privilege escalation and buffer exploitation)
• Cryptography Analysis (such as brute-force on hashing)
• Malware Analysis (such as reverse engineering and intrusion detection)
• Forensics Analysis (such as steganography and log analysis)
Teaching Methods
Teaching Activities
| Category | Activity | Number | Length | Student Hours | Comment |
|---|---|---|---|---|---|
| Structured Guided Learning | Lecture materials | 40 | 0:15 | 10:00 | Short videos explaining the concepts and demonstrating the tools & techniques [Online non-synch] |
| Guided Independent Study | Assessment preparation and completion | 44 | 1:00 | 44:00 | Writing of the report accounting for and reflecting on the practical exercises (max 4,000 words) |
| Guided Independent Study | Assessment preparation and completion | 40 | 1:00 | 40:00 | Completion of practical exercises |
| Structured Guided Learning | Lecture materials | 40 | 0:30 | 20:00 | Written and interactive material about the tools and techniques. [Online non-synchronous] |
| Scheduled Learning And Teaching Activities | Practical | 6 | 1:00 | 6:00 | Work in a supervised environment to develop skills and professional practical exercises. [PIP] |
| Scheduled Learning And Teaching Activities | Drop-in/surgery | 40 | 0:30 | 20:00 | Engagement on discussion forums, discussion with demonstrators, mod leaders & students [Online Sync] |
| Guided Independent Study | Independent study | 40 | 1:30 | 60:00 | Follow-up on the lecture material. |
| Total | 200:00 |
Jointly Taught With
| Code | Title |
|---|---|
| CSC8210 | Security Fundamentals and Tools |
Teaching Rationale And Relationship
This module follows a blended learning delivery method; articulated around 40 units of practical skill material. Each unit of material consists of a short video, accompanied by written and interactive material, including short formative quizzes. Learners are expected to discuss about the material on the discussion forum, curated by demonstrators and module lecturers. In addition, drop-in sessions (either online, using Zoom/Teams, or present-in-person, depending on availability) will offer learners the possibility to ask specific questions in small groups to demonstrators, and module talks will enable module leaders to reflect on the online discussion forums, and to discuss about points repeatedly mentioned. The assessment is done by realising a sequence of individualised practical exercises (i.e., given an exercise, the specific solution is different for each learner, even though the difficulty is the same), which are gradually released. Each practical corresponds to one or two units of material. Practical exercises are automatically verified, providing instant feedback to the learners. The final report consists of a reflection from the student on the different exercises done, steered by specific questions.
Assessment Methods
The format of resits will be determined by the Board of Examiners
Other Assessment
| Description | Semester | When Set | Percentage | Comment |
|---|---|---|---|---|
| Report | 1 | M | 100 | A 4000-word security Analysis report including Individual exercises to be completed based on the module practical sessions |
Formative Assessments
Formative Assessment is an assessment which develops your skills in being assessed, allows for you to receive feedback, and prepares you for being assessed. However, it does not count to your final mark.
| Description | Semester | When Set | Comment |
|---|---|---|---|
| Report | 1 | M | Draft report including sample of reflective work, final report structure and formatting |
Assessment Rationale And Relationship
The coursework consists of a series of practical tasks that need to be solved using security tools and analysis techniques covered in the module, as described in the syllabus. Most practical tasks will be automatically assessed during the module, enabling module participants to keep track of their progress. A final report should be submitted, including a reflection on the practical exercises, and how the student informed their choices. The report is worth 100% of the final mark and should be submitted at the end of the module. A formative assessment covering the overall structure and sample of reflective writing is conducted in the first third of the module, in order to receive feedback on the general approach, including the formatting.
Reading Lists
Timetable
- Timetable Website: www.ncl.ac.uk/timetable/
- CSC8212's Timetable