Course Name: Systems Vulnerability Assessment and Testing

Course Code: CIE 452

Version: 2

Creator: Anisah Aminu Ahmad

Course Description: This course introduces students to the process of identifying, classifying, and
Priotizing vulnerabilities in computer systems, networks, and applications. This unit will cover
vulnerability assessment methodologies, network system scanning, web application security testing,
wireless network security testing, risk assessment and management and security controls and
countermeasures. Overall, the course is designed to provide students with a clear understanding of
computer security and the tools and techniques used to access and test the security of computer
systems, networks and applications.

Course Learning Outcomes:

Upon successful completion of this course, students should be able to:

1. Identify and analyze Systems vulnerability

2. Develop and implement testing and assessment methodologies
3. Recommend security controls to eradicate identified vulnerabilities.
4. Understanding the effect of security vulnerabilities
5. Understanding the legal and ethical considerations in regards to vulnerability assessments.

Assessment Description

A combination of written assignments, a 3000-word term paper, a quiz and a final exam to determine
the students understanding of the course and their ability to apply the concepts taught in real life and
also analyze security vulnerability.

Story Board

WEEK TITTLE TOPIC 1 TOPIC 2 TOPIC 3 TOPIC 4 TOPIC 5

S
1 Introduction to Meaning and The goals and The Cryptography The different
Overview of objectives of development and Encryption, techniques and
computer computer security, security types and tools used in
computer
security security,
the security policies and techniques. Network security.
controls and procedures Access control
security countermeasures and also the and
threats and of the computer security Authentication.
vulnerabilities security and guidelines and
and also risk networks. standards.
management.
2 Vulnerability The basic The different The different The standards The different
concepts and types and processes and and guidelines of vulnerability case
Assessment principles of techniques used types of vulnerability studies,regulatory
Methodologies vulnerability to identify vulnerabilities assessments. requirements and
assessments vulnerabilities. assessment also ethical
reports. considerations in
Vulnerable
 assessments
3 Network and The basic The different tools The different The best The different
principles and and techniques scanning practices and regulatory
System Scanning types of used in network processes and also case studies requirements for
network and scanning and different types for system scanning and
system scanning system scanning of scanning scanning scanning ethical
reports considerations
involved in
scanning
4 Web Application The meaning The different tools The different The best The regulatory
and concepts of and techniques web practices and requirements for
security Testing web application used to test web application also case studies web application
testing, including applications processes and for web such as GDPR and
the different different types application also the ethics
types of testing of web security testing involved
application
reports
5 Wireless The introduction The different tools The different The best The regulatory
to wireless and techniques for wireless practices and requirements for
Network security network security wireless network network also case studies wireless network
testing which include and security such security for wireless and security and
the concepts as wireless processes and network testing ethics involved.
and Principles scanners and different types and security
involved wireless of wireless
vulnerability network
scanning security
6 Vulnerability What is The importance of The tools and The different The regulatory
Vulnerability vulnerability techniques of processes, requirements and
Management management. management and vulnerability reports, case ethics of
The types of the different management studies and best vulnerability
vulnerability stages of practices of management
management vulnerability vulnerability
management management
7 Risks The introduction The importance of The different The case studies The Prevention of
to risk risk management assessment and effects of risk and the
Assessments and assessment tools and risks regulatory
Management management. techniques requirement of
The basic risk management
concepts and
types of risk
8 Security Controls Types of security Importance of The different The different The different
control security control ways to assessment tools case studies and
and and measures implement and techniques ethics involved.
Countermeasure security
control
s
9 Legal and Ethical What legal and The legal and The different Vulnerability The different case
ethical ethical structure ways in scanning and studies
Considerations in considerations is maintain disclosure
Vulnerable all about. The confidentiality
types and
Assessment and importance.
Testing
10 Security Policies Introduction of Risk management Authentication Ways of Privacy and
security policies enforcing protection of
and Procedures and procedures security policies data protection
and procedures
-
Course Content

Course Code CIE 452

Course Title Systems Vulnerability Assessment and Testing
Week 1 Reference Week 1
Lesson Title Introduction to Computer Security

Page Input Section

001 Course overview

002 Do you know that: Getting started

Computer security or cyber security became increasingly important due to
the introduction of modems in the late 1960’ and the growth of personal
computers in 1980s.
The first known computer virus was created in 1971.
The first recorded occurrence of computer hacking was in 1903.

003 Introduction Week introduction

With the high rate of cyber threats such as hacking attempts, viruses,
malware etc, computer security is very important in today’s world. In this
topic, we would have knowledge on how to safeguard our digital devices
and data, and also networks from unauthorized users.

004 Sample content below Topic 1

Meaning of computer security:
Computer security can be defined as the process of protecting computer
systems and networks from unauthorized users. It involves different tools
and techniques used in safeguarding networks and devices from cyber
threats such as hacking.
Meaning of Security threats:
Security threats refers to any potential harm to computer systems,
networks and data.
Purpose
 To maintain a safe network
To prevent loss of information
To prevented access to unauthorized personnel
Aspects of computer security
- Authorization: means deciding who has permission to access
information on a computer. It helps protect against hackers.
- Confidentiality: this basically means that the information is to be a
secret. The information should not be disclosed to unauthorized
users.
- Integrity: This means that if someone tries to alters the
information, then the computer system will detect it and let the
owner know.
- Authentication: this is the process of identifying the identity of a
user or system
Ways of maintaining Computer security:
-By using strong passwords

005 Use textbook to learn further on computer security and its importance. Self prep

006 1) What is cyber threat intelligence TEST

2) What is the use of cyber threat intelligence

007 Benefits of cyber threat intelligence Topic 2

1. Informs you on potential attacks

2. Improves detection on threat
3. Improved situation management
Benefits of cyber threat intelligence ?

008 TEST

009 Ue the internet for further research on benefits Self prep

010 Ways to prevent cyber attacks ? what is cyber attack? Topic 3

Cyber attack , this is the use of technology to try and gain access to
unauthorized asset or to cause harm to an individual or organization
 Ways to prevent ?
1. Use strong password
2. Enable two factor verification
3. Use anti virus
4. Limit access to other people

011 What are the ways to prevent cyber attacks? TEST

Which of the following is a from of cyber attack
a. Malware attack
b. SPAM
c. Password cracking
d. All of the above

012 Read note on previous topic Self prep

013 Types of cyber threat Topic 4

Malware : using certain software to gain information
Phishing : using emails , websites to trick individuals into given up
information

014 Types of cyber threat ? TEST

015 Use of textbook Self prep

016 Importance of cyber threat intelligence ? Topic 5

1. Strategic planning
2. Risk assessment
3. Threat reduction
4. Competitive Advantage

017 What is the importance threat intelligence ? Self prep

018 Revision of work Lesson summary

019 Examination EXAM