Course Learning Outcomes (CLOs) are those describing the knowledge, skills and competencies that students are expected to achieve upon successful completion of the course. In this context, Course Learning Outcomes defined for this course unit are as follows:
|
|
|
|
| Knowledge
(Described as Theoritical and/or Factual Knowledge.)
|
| Skills
(Describe as Cognitive and/or Practical Skills.)
|
1) Defines basic concepts and terminology about penetration testing and vulnerabilities.
|
2) Gains the ability to detect and analyze security vulnerabilities in different systems and applications.
|
3) Gains the ability to effectively use popular tools used for penetration testing (e.g. Metasploit, Nmap).
|
4) Gains the ability to professionally report detected security vulnerabilities and make recommendations.
|
5) Gains knowledge of ethical rules and legal frameworks during penetration tests and the ability to act in accordance with these principles.
|
| Competences
(Described as "Ability of the learner to apply knowledge and skills autonomously with responsibility", "Learning to learn"," Communication and social" and "Field specific" competences.)
|
| Week |
Subject |
Materials Sharing * |
|
Related Preparation |
Further Study |
| 1) |
Penetration Testing Basic Concepts |
Fully comprehensive virtual test laboratory installation and applied penetration tests: Pentest lab / Mehmet Ali Yalçınkaya.
AuthorYalçınkaya, Mehmet Ali
|
|
| 2) |
Penetration Testing General Concepts |
Fully comprehensive virtual test laboratory installation and applied penetration tests: Pentest lab / Mehmet Ali Yalçınkaya.
AuthorYalçınkaya, Mehmet Ali
|
|
| 3) |
Penetration Testing Methodologies |
Fully comprehensive virtual test laboratory installation and applied penetration tests: Pentest lab / Mehmet Ali Yalçınkaya.
AuthorYalçınkaya, Mehmet Ali
|
|
| 4) |
Social Engineering and Institutional Structures |
Çakır, H., & Taşer, M. (2023). Evaluation of Cyber Security Activities and Training Studies Conducted in Turkey. Gazi University Journal of Science Part C: Design and Technology, 11(2), 347-366. https://doi.org/10.29109/gujsc.1165131
|
|
| 5) |
Cyber Kill Chain |
Introduction to cyber security with applications / M. Alparslan Akyıldız.
AuthorAkyıldız, M. Alparslan
|
|
| 6) |
Mitre Attack Freamwork |
Introduction to cyber security with applications / M. Alparslan Akyıldız.
AuthorAkyıldız, M. Alparslan
|
|
| 7) |
Data collection |
Introduction to cyber security with applications / M. Alparslan Akyıldız.
AuthorAkyıldız, M. Alparslan
|
|
| 8) |
Midterm |
|
|
| 9) |
Penetration Testing Tools |
Introduction to cyber security with applications / M. Alparslan Akyıldız.
AuthorAkyıldız, M. Alparslan
|
|
| 10) |
Metasploit Framework |
Introduction to cyber security with applications / M. Alparslan Akyıldız.
AuthorAkyıldız, M. Alparslan
|
|
| 11) |
System and Network Penetration Testing |
Introduction to cyber security with applications / M. Alparslan Akyıldız.
AuthorAkyıldız, M. Alparslan
|
|
| 12) |
Post Exploitation |
Introduction to cyber security with applications / M. Alparslan Akyıldız.
AuthorAkyıldız, M. Alparslan
|
|
| 13) |
Active Directory Attacks |
The Art of Hacking and Defense
Okan Kurtuluş
|
|
| 14) |
Web Penetration and Wireless Network Penetration Testing |
Introduction to applied cyber security / M. Alparslan Akyıldız.
AuthorAkyıldız, M. Alparslan
|
|
| 15) |
CTF Solution and Reports |
Cyber security and hacking / Mustafa Altınkaynak.
AuthorAltınkaynak, Mustafa
|
|
| 16) |
Final Exam |
|
|
| |
Programme Learning Outcomes |
Contribution Level (from 1 to 5) |
| 1) |
Defines the corporate cyber security rules and guidelines.
|
4 |
| 1) |
Explains the basic, theoretical and practical information in the field of information security technology. |
|
| 1) |
Experiences all processes in business life. |
1 |
| 1) |
Acquires competency of analyzing and solving the problems. |
3 |
| 1) |
Lists the tasks and responsibilities required to identify and prevent any exploitation of hardware. |
2 |
| 1) |
Follow the patches of information technology systems published against known cyber security gaps. |
4 |
| 2) |
Explains the importance of authorizing users as much as they can. |
4 |
| 2) |
Has awareness for ethical and social responsibility. |
3 |
| 2) |
Information Security Creates procedure and control components |
4 |
| 2) |
Lists the tasks and responsibilities required to identify and prevent any abuse that may occur in software components. |
3 |
| 2) |
Know and analyze cyber assets in terms of information security. |
|
| 2) |
Takes part in activities related to the field of education in a business operating in the field. |
2 |
| 3) |
Identify non-technological tools and methods against cyber attack. |
4 |
| 3) |
Takes responsibility as a team member in works and operations of his/her field. |
3 |
| 3) |
Experience the cyber security risk management system. |
|
| 3) |
Lists the tasks and responsibilities required to identify and prevent any abuse that may occur in local area networks. |
4 |
| 3) |
Explains the necessary policies and processes for effective event management. |
3 |
| 3) |
Questions the application with theoretical knowledge. |
3 |
| 4) |
Is aware of written, verbal communication and interaction. |
1 |
| 4) |
Compiles the knowledge and experience gained in the field. |
|
| 4) |
He/she applies the theoretical knowledge he/she has acquired in his/her lesson, which is a 21st century skill, in business life. |
1 |
| 4) |
Applies the theoretical knowledge learned in business life for a semester. |
|
| 4) |
Explains the importance of monitoring the cyber systems for the correct structuring of the powers, the realization of the realized, failed or failed cyber attacks, the timely response to the protection and the fulfillment of the legal requirements. |
4 |
| 4) |
Identifies the methods and methods of technological methods against cyber attack. |
5 |
| 5) |
Acquires the competencies defined as the institutional outcomes of Beykoz University on the basic level, inline with the expectations of business world and the society. |
|
| 5) |
Follows the developments of advanced technology and digital transformation. |
3 |
| 5) |
User training and security awareness describes the importance of cyberspace. |
4 |
| 6) |
Recall national and international legislation and regulations related to the field of Information Security Technology. |
2 |
| 6) |
Acquires the awareness for lifelong learning. |
2 |
| 7) |
Defines the fundamentals of programming and algorithm information. |
3 |
| 7) |
Has awareness about citizenship competency. |
|
| 8) |
Evaluates the developments of his/her field with the understanding of an entrepreneur. |
1 |
| 9) |
Acquires communication in a Foreign Language (English) competence defined on the level of at least A2 in European Language Portfolio. (In programs whose medium of instruction is English, on the level of B1). |
|
| WORKLOAD OF TEACHING & LEARNING ACTIVITIES |
| Teaching & Learning Activities |
# of Activities per semester |
Duration (hour) |
Total Workload |
| Course |
14 |
1 |
14 |
| Laboratory |
14 |
1 |
14 |
| Application |
0 |
0 |
0 |
| Special Course Internship (Work Placement) |
0 |
0 |
0 |
| Field Work |
0 |
0 |
0 |
| Study Hours Out of Class |
0 |
0 |
0 |
| Presentations / Seminar |
2 |
10 |
20 |
| Project |
0 |
0 |
0 |
| Homework Assignments |
0 |
0 |
0 |
| Total Workload of Teaching & Learning Activities |
- |
- |
48 |
| WORKLOAD OF ASSESMENT & EVALUATION ACTIVITIES |
| Assesment & Evaluation Activities |
# of Activities per semester |
Duration (hour) |
Total Workload |
| Quizzes |
2 |
10 |
20 |
| Midterms |
1 |
10 |
10 |
| Semester Final Exam |
1 |
20 |
20 |
| Total Workload of Assesment & Evaluation Activities |
- |
- |
50 |
| TOTAL WORKLOAD (Teaching & Learning + Assesment & Evaluation Activities) |
98 |
| ECTS CREDITS OF THE COURSE (Total Workload/25.5 h) |
4 |