Moses - IT Security Lab: Vulnerability Assessment

Display language

Diese Modulbeschreibung gilt nicht im aktuellen Semester.

Die Modulbeschreibung gilt nur für den Zeitraum WS 2019/20 - SoSe 2021. Die Version für das aktuelle Semester (SoSe 2024) finden Sie hier: Modulbeschreibung des SoSe 2024

Module / Version:
#40520 / #3

Validity:
WS 2019/20 - SoSe 2021

Default display language:
English

Module title:
IT Security Lab: Vulnerability Assessment

Credits:
6

Responsible person:
Seifert, Jean-Pierre

Grading:
benotet

Type of exam:
Portfolioprüfung

Zugehörigkeit

Faculty:
Fakultät IV

Institute:
Institut für Softwaretechnik und Theoretische Informatik

Area of expertise:
34355100 FG S-Professur Security in Telecommunications

Prüfungsausschuss:
No information

Kontakt

Office:
TEL 16

Contact person:
Schneider, Jörg

E-mail address:
lehre@sect.tu-berlin.de

Website:

https://tu.berlin/sect

Learning Outcomes

Students who have successfully finished the course will be able to select the right approach and tools to analyze unknown software for security problems. They will be able to assess the significance of their findings and to explain it to a non-expert. The course is principally designed to impart: technical skills 50%, method skills 40%, system skills 0%, social skills 10%.

Content

Manual and semi-automated code reviews of server software, web applications, and client software. Fixing problems with low impact on the existing system and its usability as well as documenting the findings in advisories.

Module Components

Pflichtteil:

All Courses are mandatory.

Course Name	Type	Number	Cycle	Language	SWS	VZ
IT-Security Lab: Vulnerability Assessment	PR	0432 L 554	SoSe	German	4

Workload and Credit Points

IT-Security Lab: Vulnerability Assessment (PR):

Workload description	Multiplier	Hours	Total
Practical cases	1.0	90.0h	90.0h
Preparation for and participation in a security contest	1.0	30.0h	30.0h
Preparing a talk	1.0	30.0h	30.0h
Presence	15.0	2.0h	30.0h
			180.0h(~6 LP)

The Workload of the module sums up to 180.0 Hours. Therefore the module contains 6 Credits.

Description of Teaching and Learning Methods

The main teaching method of this module is problem based learning. In order to get to know the tools and best practices, a series of interactive lectures is given. There will be small hands-on exercises to get familiar with the topics taught. To get practical experience, the participants will then work on multiple complex cases. The exercises are concluded with a general discussion on the results of the exercise, but also on the strategies employed by the participants. Additionally, each student will give a talk on recent developments in the security area. The learned skills will be applied in an international security contest during the semester (if no contest is organized during a given semester, this part will be substituted by a local exercise with a similar setting).

Requirements for participation and examination

Desirable prerequisites for participation in the courses:

Programming skills in at least one of the following languages: C, PHP, shell script and experience operating a Linux system are required. Knowledge of a basic/undergrad security lecture is recommended.

Mandatory requirements for the module test application:

This module has no requirements.

Module completion

Grading

graded

Type of exam

Portfolio examination

Type of portfolio examination

100 Punkte insgesamt

Language

English

Test elements

Name	Points	Categorie	Duration/Extent
4 kleine Programmieraufgaben	36	practical	6 Stunden
Programmieraufgabe (große Semesteraufgabe)	32	practical	10 Stunden
Referat	32	oral	20 Minuten

Grading scale

Notenschlüssel »Notenschlüssel 2: Fak IV (2)«

Gesamtpunktzahl	1.0	1.3	1.7	2.0	2.3	2.7	3.0	3.3	3.7	4.0
100.0pt	95.0pt	90.0pt	85.0pt	80.0pt	75.0pt	70.0pt	65.0pt	60.0pt	55.0pt	50.0pt

Test description (Module completion)

Insgesamt können 100 Portfoliopunkte erreicht werden: • ein Referat (32 Portfoliopunkte), • Programmieraufgabe (große Semesteraufgabe, 32 Portfoliopunkte), • 4 Programmieraufgaben (kleine Aufgaben, je 9 Portfoliopunkte), Die Gesamtnote gemäß § 47 (2) AllgStuPO wird nach dem Notenschlüssel 2 der Fakultät IV ermittelt.

Duration of the Module

The following number of semesters is estimated for taking and completing the module:
1 Semester.

This module may be commenced in the following semesters:
Sommersemester.

Maximum Number of Participants

This module is not limited to a number of students.

Registration Procedures

No information

Recommended literature
No recommended literature given

Assigned Degree Programs

Semester:

Zeige auch ausgelaufene Studiengänge und StuPOs

This module is used in the following Degree Programs (new System):

	Studiengang / StuPO	StuPOs	Verwendungen	Erste Verwendung	Letzte Verwendung
This module is not used in any degree program.

Students of other degrees can participate in this module without capacity testing.

Miscellaneous

The module is offered every year.

IT Security Lab: Vulnerability Assessment