Offering Colleges (1)
The specialist skills and knowledge to thoroughly test the security of computer systems, make them secure and investigate properly if they are compromised are not typically taught within a standard computer science course. In contrast, our course has been developed to provide a good practical and theoretical understanding of cybersecurity, hacking, digital forensics and the underlying computer science.
On successful completion, student should be able to:
- Demonstrate knowledge and understanding of the underlying technology, design methods and programming languages required to practice in the domain cybersecurity; the cultural, commercial, ethical and professional issues connected with Ethical Hacking. Digital Forensics and Ethical Hacking and professional practice within them; emergent technologies.
- Apply appropriate design and problem-solving techniques to computing, ethical hacking, cybersecurity and digital forensics requirements or issues.
- Conduct an in-depth investigation and make recommendations relating to the development and implementation of a product in a domain appropriate to Ethical Hacking and Network Security.
- Use design, production and programming tools relevant to cybersecurity in exploit development and associated areas.
- Apply usability human computer interaction (HCI) design techniques in the context of a product relevant to cybersecurity.
Eligibility
The candidates seeking admission in BSc (Hons) Ethical Hacking and Cybersecurity of Coventry University must have completed 10+2 or equivalent from a recognized board.
Curricular Structure
Semester I
1. Programming and Algorithms 1
Introduction to programming languages: C and Python
- To give basics of any programming languages: about operators, conditional statements, loops, functions, data structures, exception and file handling
- To make students familiar with IDEs (codeblocks, pycharms, vscode) , Version Control systems
- To make students able to make systems like Brute Forcing tool, password generator/ manager, key loggers..etc.
2. Legal and Ethical Foundations in Cyber Security
This module introduces students to the legal and ethical landscape in which cyber security and, more generally, computer science sit. Through discussion, case-studies and debate, learners will have the opportunity to examine the impact of technology on society, the opportunities and dangers of connected systems and data collection, and issues around international legislation.
3. Foundations of Cybersecurity
Information about current cybersecurity situation, Types of threats, Various roles in Cybersecurity Cyber Security Goals, CIA triad, How CIA is achieved. Why online security is hard, Critical thinking, Various Linux Commands required to use the system. Scheduling tasks for automation. Writing bash scripts to automate processes. Different wireless cracking scenarios. Basic types of encryptions and its uses. Digital signature and its use. Simple techniques to see how data could be captured over the air. Open-Source Intelligence gathering techniques.
Tools used: Wireshark, Nmap, Macchanger, Open ssl, air-package, crontab, vim, virtual box, vmware, nikto, maltego, etc.
4. Skills Development 1
Fundamental knowledge of Linux, Linux Kernel, Linux Distibution, Virtualization and system ,management, automation strategies
for the system.
Tools Used: Oracle Virtual Box, VMWARE Workstation, UBUNTU, Kali Linux, CentOS.
Semester II
1. Digital and Forensics Fundamentals
Recover, analyze, and preserve computer and related materials in such a manner that it helps the investigation agency to present
them as evidence in a court of law, Recovering deleted files and deleted partitions from digital media.
Tools used: lFTK imager, Volatility, Wireshark, Autopsy/the Sleuth Kit, Bulk Extractor etc.
2. Introduction to Web Development and Database Systems
Web technologies, Database Systems, Relational Database, Software Architecture, Web application security architecture, Secure web programming, Cloud based data storage.
Tools used: HTML, CSS, JavaScript, PHP or Python, MySQL Server, git, unit testing, etc.
3. Computer Systems and Networks
To learn the fundamentals of networking, from standards and protocols to typical hardware and architectures for computer networks. In this module students will learn about basic networking from understanding IP addressing, Subnetting, and various routing protocols like EIGRP, OSPF, STP, etc. Similarly, students will also get hands-on experience relating to Network Security and security devices like firewall including both (software and hardware). Some application layer protocols like http, https, SSH, telnet will be also discussed as a part of Computer System.
Tools used: Physical Hardware like router, switches, cabling, Cisco Packet Tracer
3. The Security Professional
Show evidence of understanding how management and leadership affect teams and organizations broadly and specifically with regard to cyber security, Describe and demonstrate the concepts of threat, vulnerability, and risk.
Tools used: Nmap
4. Creative Thinking for Business
Identifying business opportunities, understanding of business models, creative problem solving, developing a creative culture.
Semester III
1. Platforms and Operating Systems
Understand the concept of Operating System (OS), its type, function, structure. This module also covers the services provided by the OS like memory allocation method in OS, Virtual Memory, Paging and Demand Paging, Process synchronization, various scheduling algorithms, semaphore, mutual exclusion, etc. Students will also learn about the concept of deadlock and its recovery mechanism as well as bootloader and OS Kernel. Students will also get hands-on lab on the various concepts of OS which will be done in Linux OS.
Tools Used: system call, pointers, Linux OS, GCC C.
2. Skills Development 2
In-depth knowledge of JavaScript with data structure, function, Iteration and Document Object Model manipulation. Also, the advance concept of Object-Oriented Programming will be discussed with practical knowledge transfer. With the concrete foundation of JS, various frameworks such as NODE.JS will be taught with cloud deployment strategy using Docker environment.
Tools used: Cloud, Docker, JavaScript, Node, VS CODE, Virtual Machine.
3. Practical Pen-Testing
In this module students will study the theoretical and practical aspects of penetration testing and security audit. Common tools and techniques will be explored, with a focus on building a good understanding of the underlying theoretical concepts of systems exploitation. Currently standard tools, techniques and frameworks will be explored while building a good understanding of underlying concepts through ground-up development and exploration.
4. Programming and Algorithms 2
Advanced algorithms, algorithm efficiency, secure programming, multi-threading, inter-process communication, memory management, system services, UI/UX design, automated testing, version control.
Tools used: Python, C/C++, Assembly, Git, pytest, MySQL server, etc.
Semester IV
1. Cybersecurity Careers
Understanding the recruitment and selection process and implications relevant in the path. Plan and manage personal development and career path. Development of problem-solving nature, information management and information retrieval skills. Also increase the presentation and communication skills relevant and appropriate to a range of audiences.
2. Applied Forensics
In-depth understanding of the mobile operating system, Extracting and analyzing evidence from mobile devices, Defeating Anti Forensic Techniques, Reporting forensic investigation, E-Mail forensic, Windows and Linux forensic.
Tools used: Registry recon, Adb, Andriller, Redline, TCP dump, Snort etc.
3. Web Security
Learn how websites/web applications are secured and learn how and why vulnerabilities arise and how to address them. Hand-on
labs to find bugs/vulnerabilities like Cross-site scripting (XSS), SQLI, RCE, XXE, CORS etc to break web applications.
Tools used: BurpSuite, SQLmap, ffuf, amass etc
4. Networking
In-depth understanding of networks and security issues for today's internetworking technologies. Protocol like Static, RIP, EIGRP, OSPF, BGP, STP, NAT, ACL, LAN, WAN MAN
Tools used – Cisco Packet Tracer, GNS3 ,EVE-NG, Hands-on Real CISCO Devices Router, Switch, Firewall, Server, Access Server
5. Be Your Own Boss
Feasibility study of a new business, market research, competitor analysis, developing financial planning, developing entrepreneurial mind-set and skills, business model development.
Semester V
1. Exploit Development
Study how a software actually operates within a computer and how it interacts with different components of a computer. Then
learn how to break into the system applications and write exploits and shellcodes to accomplish it
Tools used: gdb, Ghidra, IDA, strace, ltrace
2. Security Audit and Monitoring
Identify security problems and gaps of a system. Make sure the system built complies with internal and external security policies.
Plan and perform system and penetration testing to effectively identify evidence of vulnerabilities and their mitigation process.
Tools used: OpenVAS, Nessus, SIEM Solutions
3. Security Management
Understand the security concepts, methods and principles. understanding of key IT Governance that relates to information security and how it influences the security policy of an organization.
Tools used: IDS, IPS (snort) , Packet Sniffers, SolarWinds
4. Skills Development 3
The test is intended to allow students to demonstrate the core practical skills required to progress to the next level of study. The
third iteration of this module will simulate a CTF style exercise commonly used by security organizations as part of the recruitment process. This course level practical skills test is intended to allow students to demonstrate the core practical skills in Cyber Security. A skills test, examined formally in a separate module, will be administered that requires students to demonstrate their abilities.
5. Managing Red Teams and Pen-Tests
The following will all be covered in this course.
- Students will learn how red team assessment differs from
traditional pen testing. - Social engineering attacks.
- The objective of red teaming
- Red team techniques
- Red teaming frameworks/guidelines
- Red team tools and usages/use cases
- Red team report writing and some red team related lab
hands-on.
5. Practical Cryptography
Secret to convey messages that feel need to be kept confidential, coverage of risk management techniques and the application of risk management in the SDLC. Symmetric Key encryption, Public Key encryption, Digital Certificates, IPsec ,RSA
Tools-Firewall, Different types of VPN, IPS/IDS
Semester VI
1. Cybersecurity Project
Undertake a substantial project which will exercise the in-depth technical, problem-solving, creative and other skills required of a professional practitioner. Students will be required to ensure that their work conforms to appropriate codes of practice and meets the ethical requirements.(Individual research project)
2. Reverse Engineering
Used to identify the details of a breach that how the attacker entered the system, and what steps were taken to breach the system. De- obfuscation of obfuscated code, analysis of viruses, [worms, Trojan horses, to isolate their signatures and create means of protection (anti-virus software)
3. Design Thinking and Innovation
To embrace team and independent working on tasks, focus on solving complex problems and finding the most appropriate solution for the end user.
Entrepreneurship and Design Thinking
- Business applications of Design Thinking
- Creativity and Innovation
Business Feasibility - Personal Entrepreneurial Assessment