Return to homepage Skip to navigation Skip to site search Skip to main content Skip to footer

Module Catalogue

SCQF Level: 07  

Module Code: CMP110

Credit Value: 20  

Year: 2017/8

Term: Term 2

School: School of Arts, Media and Games

Description

This module introduces students to the broad area of computer security within the context of current legal frameworks.

Aims

The aim of this Module is to provide the student with : The aim of this module is to provide knowledge of the issues and practicalities involved in securing computer systems and the framework within which computer security specialists (for example an ethical hacker or digital forensic investigator) would need to operate.

Learning Outcomes

By the end of this module the student should be able to:

1.  Describe the fundamental laws that relate to computer security

2.  Describe some techniques that can be used to improve or evade computer security defences

3.  Conduct an investigation into an area of computer security within a legal framework

Indicative Content

1 Relevant laws and ethical framework

Computer misuse act, copyright act and data protection act will be explored. Discussion of the issues and constraints that these laws pose to computer security experts. How computer security experts can ensure they are working within the constraints of the law. Consideration of the ethical issues.

2 Security models

Discussion of various different security models, for example the CIA triad and Parkerian Hexad. Understanding of the different ‘nodes’ in an organisation which can impact on security.

3 Techniques for improving computer security defences

The role of firewalls, IDS/IPS and honeynets in security. Antivirus limitations. Acceptable use policies and password policies. The role of education in security. Physical security measures

4 Techniques for evading computer security defences

Various difference attack strategies for example phishing, spearphishing, social engineering will be explored. Tools such as the social engineering toolkit will be explored.

5 Malware

Types of viruses and worms. Writing simple viruses using virus creation kits. Anti-virus and anti-malware methodologies for malware removal

6 Header 6

Commands that a hacker can use to manipulate a comprised computer. Information gathering commands, file transfer commands, computer defence manipulation (e.g. firewall and anti-virus manipulation)

7 Passwords

Password cracking. The importance of developing a good password. Techniques for password management. Uses of Dictionary, brute force, hybrid techniques. Cracking passwords (NetBIOS, web server). Password guessing. Rainbow tables. Password alternatives.

8 Command Line Tools

Using python to create our own network tools, for example TCP and UDP host discovery, packet sniffing, ICMP

9 Traffic analysis

Using scapy to explore network traffic and carve files from http traffic

Statement on Teaching, Learning and Assessment

Content will be presented by a mixture of lectures and practicals. Assessment will be by means of coursework reports on laboratory work and case studies. A purpose-built and regularly-updated module website is used to provide links to lecture notes, laboratory tasks, assessment briefs, operational matters, and external information. Student project or lab work and student-suggested links are incorporated as and when appropriate.

Teaching and Learning Work Loads

Total 200
Lecture 12
Tutorial/Seminar 0
Supervised Practical Activity 28
Unsupervised Practical Activity 14
Assessment 60
Independent 86

Back


Guidance notes:

Credit Value – The total value of SCQF credits for the module. 20 credits are the equivalent of 10 ECTS credits. A full-time student should normally register for 60 SCQF credits per semester.

Disclaimer: We make every effort to ensure that the information on our website is accurate but it is possible that some changes may occur prior to the academic year of entry. The modules listed in this catalogue are offered subject to availability during academic year 2017/18 , and may be subject to change for future years.

Top