Hochschule Darmstadt - Fb Informatik

Drucken| Layout| Design| Schriftgröße English|
Modulbeschreibung
Course:Penetration Testing
Attached to module:
Penetration Testing deutsch 30.2608
Module numbers:30.2606 [PVL 30.2607; Module 30.26060]
Language:english
Study programme:Bachelor 2021 - Wahlpflichtkatalog I
Bachelor dual KITS 2021 - Wahlpflichtkatalog ITS
Bachelor dual KITS 2021 - Wahlpflichtkatalog I
Bachelor dual KoSI 2021 - Wahlpflichtkatalog I
Bachelor KMI 2021 - Wahlpflichtkatalog I
Bachelor 2014 - Katalog I: Anwendungs- und systemorientierte Module
Bachelor dual KITS 2014 - Katalog ITS: IT-Sicherheit
Bachelor dual KoSI 2014 - Katalog I: Anwendungs- und systemorientierte Module
Bachelor KMI 2014 - Katalog I: Anwendungs- und systemorientierte Module
Type of course:V+P = Lecture+Practical
Weekly hours:2+2
Credit Points:5
Exam:written exam
Registering for examexplicitly and independent of booking
PVL (e.g. Practical):graded (graded report)
PVL percentage:50%
Frequency of offering:each year (lastly in SS 2021)
Required knowledge:Operating systems, Networking, Developing of web applications, Distributed systems
Learning objectives:Knowledge:
  • Definition and classification of hacking and penetration testing
  • Relevant standards regarding stack phases and risk assessment
  • Best practices for documentation and reporting
  • Tools and techniques for identifying and exploiting of vulnerabilities
Skills:
  • Identification of vulnerabilities in IT systems and utilizing them to penetrate the system
  • Risk-based evaluation of vulnerabilities
  • Documenting the approach and results
Competencies:
  • Conducting a reproduceable technical security analysis of an IT infrastructure
  • Generating a structured report on the results of a technical security analysis of an IT infrastructure
Content:
  • Differences between hacking and penetration testing
  • Classification of penetration tests (White-, Gray- und Blackboxtest)
  • Penetration Testing Standards, e.g. OWASP (Open Web Application Security Project), OSSTMM (Open Source Security Testing Methodology Manual)
  • Anatomy of an attack - from information gathering to exploitation of a vulnerability
  • Risk assessment of identified vulnerabilities
  • Structure of documentation and reporting
Literature:
Lecture style / Teaching aids:Seminar lecture, script
Responsibility:Christoph Krauß
Released:SS 2022

[Fachbereich Informatik] [Hochschule Darmstadt]
© 2008 - 2022 FBI OBS Team. Alle Rechte vorbehalten.