Skip to main content

Module

CSC8210 : Security Fundamentals and Tools

  • Offered for Year: 2020/21
  • Module Leader(s):
  • Lecturer: Dr Charles Morisset
  • Owning School: Computing
  • Teaching Location: Newcastle City Campus
Semesters
Semester 1 Credit Value: 10
ECTS Credits: 5.0

Aims

It is often impossible to guarantee the complete security of a system, and a cyber-security analyst often aims instead to reveal gaps in security provisioning. The aim of this module is to develop skills to select and apply tools for carrying out security testing strategies including vulnerability scanning, penetration testing and ethical hacking.

Outline Of Syllabus

This module will look at a range of security tools and analysis, covering:
-       Definition of Ethical Hacking
-       Network Analysis (including host discovery and traffic analysis)
-       Web Application Analysis (including XSS and vulnerability reporting)
-       Operating System Analysis (including privilege escalation and buffer exploitation)

Teaching Methods

Please note that module leaders are reviewing the module teaching and assessment methods for Semester 2 modules, in light of the Covid-19 restrictions. There may also be a few further changes to Semester 1 modules. Final information will be available by the end of August 2020 in for Semester 1 modules and the end of October 2020 for Semester 2 modules.

Teaching Activities
Category Activity Number Length Student Hours Comment
Structured Guided LearningLecture materials200:155:00Short videos explaining the concepts and demonstrating the tools and techniques.
Structured Guided LearningLecture materials200:3010:00Written and interactive material about the tools and techniques.
Guided Independent StudyAssessment preparation and completion201:0020:00Completion of practical exercises in the lab.
Guided Independent StudyAssessment preparation and completion201:0020:00Writing of the report accounting for and reflecting on the practical exercises (max 2,000 words)
Structured Guided LearningStructured non-synchronous discussion200:3010:00Engagement on discussion forums, discussion with demonstrators, module leaders and other students.
Scheduled Learning And Teaching ActivitiesDrop-in/surgery31:003:00Drop-in sessions organised with demonstrators (in-person or online, depending on availability)
Guided Independent StudyIndependent study201:3030:00Follow-up on the lecture material.
Scheduled Learning And Teaching ActivitiesModule talk21:002:00Online sessions by module leader, with Q&A session.
Total100:00
Jointly Taught With
Code Title
CSC8414Security Tools and Analysis
Teaching Rationale And Relationship

This module follows a blended learning delivery method, articulated around 20 units of practical skill material. Each unit of material consists of a short video, accompanied by written and interactive material, including short formative quizzes. Learners are expected to discuss about the material on the discussion forum, curated by demonstrators and module lecturers. In addition, drop-in sessions (either online, using Zoom/Teams, or present-in-person, depending on availability) will offer learners the possibility to ask specific questions in small groups to demonstrators, and module talks will enable module leaders to reflect on the online discussion forums, and to discuss about points repeatedly mentioned. The assessment is done by realising a sequence of individualised practical exercises (i.e., given an exercise, the specific solution is different for each learner, even though the difficulty is the same), which are gradually released. Each practical corresponds to one or two units of material. Practical exercises are automatically verified, providing instant feedback to the learners. The final report consists of a reflection from the student on the different exercises done, steered by a specific essay question.
Note: This module corresponds to the first part of CSC8414.

Assessment Methods

Please note that module leaders are reviewing the module teaching and assessment methods for Semester 2 modules, in light of the Covid-19 restrictions. There may also be a few further changes to Semester 1 modules. Final information will be available by the end of August 2020 in for Semester 1 modules and the end of October 2020 for Semester 2 modules.

The format of resits will be determined by the Board of Examiners

Other Assessment
Description Semester When Set Percentage Comment
Report1M1002000 word report on practical work
Formative Assessments
Description Semester When Set Comment
Report1MDraft report including sample of reflective work, structure of the final report, and formatting style.
Assessment Rationale And Relationship

The coursework consists of a series of practical tasks that need to be solved using security tools and analysis techniques covered in the module, as described in the syllabus. Most practical tasks will be automatically assessed during the module, following a Capture-the-Flag approach, thus enabling module participants to keep track of their progress. A final report should be submitted, including a reflection on the practical exercises, and how the student informed their choices. The report is worth 100% of the final mark and should be submitted at the end of the module.

Reading Lists

Timetable