Description
This module introduces students to the broad area of computer security within the context of current legal frameworks.
Aims
The aim of this module is to provide the student with knowledge of the issues and practicalities involved in securing computer systems and the framework within which computer security specialists (for example an ethical hacker or digital forensic investigator) would need to operate.
Learning Outcomes
By the end of this module the student should be able to:
- Describe the fundamental laws that relate to computer security
- Describe some techniques that can be used to improve or evade computer security defences
- Conduct an investigation into an area of computer security within a legal framework
Indicative Content
1 Relevant laws and ethical framework
Computer Misuse Act, Copyright Act and Data Protection Act will be explored. Discussion of the issues and constraints that these laws pose to computer security experts. How computer security experts can ensure they are working within the constraints of the law. Consideration of the ethical issues.
2 IoT Security
The Internet of Things, what this is, and common security flaws that can be found on IoT devices in both consumer and industrial environments.
3 Techniques for improving computer security defences
The role of firewalls, IDS/IPS and honeynets in security. Antivirus limitations. Acceptable use policies and password policies. The role of education in security. Physical security measures
4 Techniques for evading computer security defences
Open-Source Intelligence, including various different attack strategies. For example, phishing, spearphishing and social engineering will be explored.
5 Malware
Types of viruses and worms. Writing simple viruses using virus creation kits. Anti-virus and anti-malware methodologies for malware removal.
6 Passwords
Password cracking. The importance of developing a good password. Techniques for password management. Uses of Dictionary, brute force, hybrid techniques. Cracking passwords (NetBIOS, web server). Password guessing. Rainbow tables. Password alternatives.
7 Command Line Tools
Commands that a hacker can use to manipulate a comprised computer. Information gathering commands, file transfer commands, computer defence manipulation (e.g. firewall and anti-virus manipulation)
8 Wi-Fi Security
Good practices and how to crack Wi-Fi security. Wi-Fi standards.
9 Biometrics
Securing systems using biometrics. Security flaws in biometric systems.
| Teaching and Learning Method | Hours |
|---|---|
| Lecture | 12 |
| Tutorial/Seminar | 0 |
| Supervised Practical Activity | 24 |
| Unsupervised Practical Activity | 0 |
| Assessment | 64 |
| Independent | 100 |
Guidance Notes
SCQF Level - The Scottish Credit and Qualifications Framework provides an indication of the complexity of award qualifications and associated learning and operates on an ascending numeric scale from Levels 1-12 with SCQF Level 10 equating to a Scottish undergraduate Honours degree.
Credit Value – The total value of SCQF credits for the module. 20 credits are the equivalent of 10 ECTS credits. A full-time student should normally register for 60 SCQF credits per semester.
Disclaimer
We make every effort to ensure that the information on our website is accurate but it is possible that some changes may occur prior to the academic year of entry. The modules listed in this catalogue are offered subject to availability during academic year 2024/5, and may be subject to change for future years.