Increasing the robustness and resiliency of systems against threats and attacks is a key cyber security goal. Although, cyber security practitioners should be involved in system design early enough to design cyber-resiliency into the system, quite often, they are presented with legacy systems designed with little consideration to cyber-security. Notwithstanding, even well-designed systems are prone to cyber-attacks from both organised and ill-organised perpetrators.
Penetration testers must possess a good understanding of network protocols and design. This enables practitioners to gain a basic understanding of the root causes of network vulnerabilities and the associated remedial measures that can be taken, particularly where the root cause relates to network misconfiguration issues (both hardware and protocol related).
This module aims to equip participants with the knowledge and practical experience of performing penetration/vulnerability testing and producing professional penetration testing reports for client organisations.
This module begins by providing an extensive understanding of networks including knowledge of network technology such as IPv4/6, and TCP/UDP. Participants proceed to understand the function and role that devices such as routers, switches and firewalls play in the security of a network and the way that these devices should be configured to enable optimal security. Through the use of industry-standard simulation tools, the module equips participants with an in-depth practical applied knowledge of the importance of segregating differing trust domains via security devices such as routers, switches and stateful packet filtering firewalls as well as an understanding of how layered defence in depth aids the security of a network.
Having gained this practical knowledge, participants proceed to develop an in-depth knowledge of how to conduct a professional penetration test on a network. Participants are given an extensive knowledge of the phases of a penetration test which involve (for example) information gathering (reconnaissance), threat modelling, vulnerability analysis, exploitation. post-exploitation and reporting.
There is a fundamental emphasis on professionalism. Participants are made aware of the need to act professionally, in an ethical manner and are made aware of ‘responsible reporting’ programmes.
This module is partly taught by professional practitioners involved with professional penetration testing on a daily basis and also equipped with years of university academic experience*.
* reviewed on an annual basis.
- Appraise the security posture of a network by analysing the network configuration using appropriate tools where necessary.
- Critically evaluate the configuration of network security devices to achieve a desired security posture recommending adjustments where appropriate.
- Demonstrate a comprehensive understanding of vulnerability exploitation techniques.
- Assess the results of system security tests and recommend appropriate mitigation strategies – which may include possible design and configuration changes.
- Background. IP4/6 networks, addressing, routing, network architecture, trust domains; TCP/UDP, packet capture and analysis using tools such as Wireshark; Ingress and egress filtering via (stateful) packet firewalls.
- Network design. Enacting basic network design using tools such as packet tracer.
- Network security. Network security monitoring, passive, proactive, technical, non-technical, consequences; Operating system security, web security, embedded security, cloud and virtualisation security, security as a service
- Information gathering methods, techniques and tools. Footprinting, reconnaissance, network port scanning.
- Vulnerability exploitation. Gaining and maintaining access, covering tracks, enumeration techniques and vulnerability assessment, static and dynamic analysis of malware, social engineering, SQL injection, and zero-day exploits, session hijacking, denial-of-Service, password cracking, firewalking techniques, evading intrusion detection systems and firewalls, hacking web applications and SQL injection attacks.
- Penetration testing. Professionalism, ethics and responsible reporting; penetrations testing methodologies, standards and plans.
- Post module assessment - Penetration test of a corporate network (80%)
- In module test (20%)
2 weeks including 13 hours of lectures, 27 hours of tutorials