Main page | Study Branches/Specializations | Groups of Courses | All Courses | Roles                Instructions

A course is the basic teaching unit, it's design as a medium for a student to acquire comprehensive knowledge and skills indispensable in the given field. A course guarantor is responsible for the factual content of the course.
For each course, there is a department responsible for the course organisation. A person responsible for timetabling for a given department sets a time schedule of teaching and for each class, s/he assigns an instructor and/or an examiner.
Expected time consumption of the course is expressed by a course attribute extent of teaching. For example, extent = 2 +2 indicates two teaching hours of lectures and two teaching hours of seminar (lab) per week.
At the end of each semester, the course instructor has to evaluate the extent to which a student has acquired the expected knowledge and skills. The type of this evaluation is indicated by the attribute completion. So, a course can be completed by just an assessment ('pouze zápočet'), by a graded assessment ('klasifikovaný zápočet'), or by just an examination ('pouze zkouška') or by an assessment and examination ('zápočet a zkouška') .
The difficulty of a given course is evaluated by the amount of ECTS credits.
The course is in session (cf. teaching is going on) during a semester. Each course is offered either in the winter ('zimní') or summer ('letní') semester of an academic year. Exceptionally, a course might be offered in both semesters.
The subject matter of a course is described in various texts.

BI-EHA Ethical Hacking Extent of teaching: 2P+2C
Instructor: Completion: Z,ZK
Department: 18106 Credits: 5 Semester: L

Annotation:
The course gives a professional and academic introduction to computer and information security using the ethical hacking approach, which enables improved defence thanks to adopting an attacker mindset when discovering vulnerabilities, hands-on experience with different attacks, facilitates linking theory and practice in significant areas of one's digital literacy, and can therefore be utilized by (future) security professionals, (informed) decision-makers, (savvy) users and developers alike. This course is taught in English.

Lecture syllabus:
1. Introduction to Ethical Hacking and Penetration Testing
2. Sniffing, Spoofing & Traffic Analysis
3. Web Security I 4. Web Security II
5. Web Security III
6. Wireless Security
7. Authentication, Credentials, Passwords
8. Scoring
9. Operating Systems Security
10. Android Security
11. Embedded Systems Security, Automotive
12. Cloud Security

Seminar syllabus:
Lectures are intertwined with exercises/tutorials.

Literature:
[1] P. Engebretson, The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy, 2nd edition. Amsterdam; Boston: Syngress, 2013.
[2] G. Weidman, Penetration Testing: A Hands-On Introduction to Hacking, 1st edition. San Francisco: No Starch Press, 2014.
[3] D. Regalado et al., Gray Hat Hacking The Ethical Hacker's Handbook, 4th edition. McGraw-Hill Education, 2015.
[4] P. Kim, The Hacker Playbook 2: Practical Guide To Penetration Testing. CreateSpace Independent Publishing Platform, 2015.
[5] T. J. O'Connor, Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers, 1st edition. Amsterdam; Boston: Syngress, 2012.
[6] J. Seitz, Black Hat Python: Python Programming for Hackers and Pentesters, 1st edition. San Francisco: No Starch Press, 2014.
[7] J. Seitz, Gray Hat Python: Python Programming for Hackers and Reverse Engineers, 1st edition. San Francisco: No Starch Press, 2009.
[8] D. Kennedy et al., Metasploit: The Penetration Tester's Guide, 1st edition. San Francisco: No Starch Press, 2011.
[9] C. P. Paulino, Nmap 6: Network Exploration and Security Auditing Cookbook. Birmingham, UK: Packt Publishing, 2012.
[10] C. Sanders, Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems, 2nd edition. San Francisco, CA: No Starch Press, 2011.
[11] T. Heriyanto et al., Kali Linux: Assuring Security By Penetration Testing. Birmingham, UK: Packt Publishing, 2014

Requirements:
Recommended knowledge: OS Linux, web applications, database systems (SQL), basics of computer networks, and cryptography. It is an advantage to have the following courses completed or take them together with BI-EHA: BI-PS1, BI-DBS, BI-BEZ, BI-PSI a BI-TWA.1

Tento kurz je vyučován v anglickém jazyce. // Informace o předmětu a výukové materiály naleznete na https://courses.fit.cvut.cz/BI-EHA/

The course is also part of the following Study plans:
Study Plan Study Branch/Specialization Role Recommended semester
BI-BIT.2015 Computer Security and Information technology V 4


Page updated 29. 3. 2024, semester: L/2021-2, Z,L/2023-4, Z/2021-2, Z/2020-1, Z/2019-20, L/2020-1, Z,L/2022-3, L/2019-20, Send comments to the content presented here to Administrator of study plans Design and implementation: J. Novák, I. Halaška