Ethical hacking

1.

Subject title

Ethical hacking

Етичко хакирање

2.

Code

F23L3S101

3.

Study program

Примена на информациски технологии, Софтверско инженерство и информациски системи, Компјутерски науки, Компјутерско инженерство, Интернет, мрежи и безбедност, Информатичка едукација, Software engineering and information systems, Примена на информациски технологии, Софтверско инженерство и информациски системи, Компјутерски науки, Компјутерско инженерство, Интернет, мрежи и безбедност, Software engineering and information systems, Стручни студии за програмирање, Стручни студии за програмирање,

4.

Organizer of the study program (unit, institute, department, division)

Faculty of Information Sciences and Computer Engineering

5.

Study cycle (first, second, third)

Прв циклус

6.

Academic year / semester

4 / Летен

7. Number of ECTS credits

6.0

8.

Instructor

проф. д-р Анастас Мишев ворн. проф. д-р Христина Михајлоска Трпческа

9.

Prerequisites for enrollment

Компјутерски мрежи или компјутерски мрежи и безбедност

10.

Subject goals and competencies:

The student will learn the basic concepts, techniques and tools used in the field of systems security. By assuming the role of "attacker" the student will gain knowledge about most of the security weaknesses in his environment and how to protect against them.

11.

Subject content:

Lectures: 1. Introduction to the subject 2. Ethics, security concepts, introduction to ethical hacking 3. Stages of Ethical Hacking - Scouting and Scanning 4. Stages of Ethical Hacking - Gaining Access 5. Stages of Ethical Hacking - Maintaining Access 6. Stages of Ethical Hacking - Covering Your Tracks and Reporting 7. Session hijacking 8. Hacking web applications and servers 9. Hacking with social engineering. 10. Buffer overflow 11. SQL Injection 12. Pen testing and protection of systems from attacks Exercises: 1. Introduction to the exercises 2. Introduction and establishment of the working environment 3. Attacks to intercept network traffic 4. Scouting and scanning tools 5. Exploitation with Metasploit 6. Movement through the network 7. Post Exploitation, Trojans, access maintenance, traffic hiding (ICMP, DNS tunneling) 8. Web attacks 1 9. Web attacks 2 10. Social Engineering 11. Cracking passwords 12. Practical projects

12.

Learning methods:

Предавања поддржани со презентации преку слајдови, интерактивни предавања, вежби (користење на опрема и софтверски пакети), тимска работа, пример случаи, поканети гости предавачи, самостојна изработка и одбрана на проектна задача и семинарска работа, учење во електронско опкружување (форуми, консултации).

13.

Total available time fund

6.0 ECTS x 30 hours = 180 hours

14.

Time distribution

30 + 45 + 15 + 15 + 75 = 180 hours

15.

Forms of teaching activities

15.1.

Lectures - theoretical teaching

30 hours

15.2.

Exercises (laboratory, classroom), seminars, team work

45 hours

16.

Other forms of activities

16.1.

Project tasks

15 hours

16.2.

Independent tasks

15 hours

16.3.

Homework

75 hours

17.

Grading method

17.1.

Tests

10 points

17.2.

Seminar work / project (presentation: written and oral)

15 points

17.3.

Activities and learning

10 points

17.4.

Final exam

70 points

18.

Grading criteria (points / grade)

up to 50 points

5 (five) (F)

from 51 to 60 points

6 (six) (E)

from 61 to 70 points

7 (seven) (D)

from 71 to 80 points

8 (eight) (C)

from 81 to 90 points

9 (nine) (B)

from 91 to 100 points

10 (ten) (A)

19.

Condition for signature and taking final exam

реализирани лабораториски вежби

20.

Language of instruction

македонски и англиски

21.

Quality assurance method

механизам на интерна евалуација и анкети

22.

Literature

22.1.

Mandatory literature

22.2.

Additional literature