Systems penetration testing
Qualification dates
Start |
End |
|
|
Penetration testing is a highly technical area of cybersecurity. It requires knowledge of multiple subjects: operating systems, databases, networking, programming, vulnerability and malware analysis, web services, cryptography, and social engineering. Penetration testers also need to understand the adversary mindset. You’ll learn to design and implement penetration tests to stakeholder requirements and gain skills to help mitigate cyber-attacks by implementing countermeasures and security controls. You’ll develop knowledge and understanding aligned with the Certified Ethical Hacker (CEH) programme through our EC-Council partnership.
What you will study
The module comprises five blocks:
Block 1: Module introduction
This block provides an overview of TM359 and introduces the pedagogic approach and the EC-Council CEH content. You’ll study customer engagement, report writing, frameworks and standards, and legal requirements of a penetration test.
Block 2: Reconnaissance, scanning and enumeration
In the second block, you’ll study footprinting and reconnaissance, scanning networks, enumeration, and vulnerability analysis.
Block 3: System hacking and gaining access
Block 3 covers system hacking, malware threats, sniffing, social engineering, denial-of-service attacks, session hijacking, evading IDS, firewalls, honeypots, hacking web servers, hacking web applications and SQL injection.
Block 4: Stakeholder engagement, independent study and automation
In this block, you’ll study stakeholder engagement and reporting plus one of the following topics: hacking wireless networks, hacking mobile platforms, IoT and OT (Operational Technology) hacking, cloud computing or cryptography. You’ll learn about the essential components of bash scripting and the Python programming language to support penetration testing scripting and automation. You’ll learn how to install and configure Python and Python basics, including handling data and variable types, and using conditions, loops, error handling and functions.
Block 5: Countermeasures
In the final block, you’ll study countermeasures, plus how to mitigate the vulnerabilities and prevent the associated exploits, averting system breaches.
Throughout the module, you’ll have access to online labs for hands-on exercises and the opportunity to hack systems in a controlled and safe environment.
Entry requirements
TM359 is an OU level 3 module; therefore, you need a good knowledge of computer science obtained through OU level 1 and 2 study or another higher education institution.
You must have passed:
We strongly recommend that you check your background and experience are sufficient to tackle this module. We’ve found that appropriately prepared students have the best chance of completing their studies and get the most enjoyment from the module.
Talk to an advisor if you’re not sure you’re ready.
What's included
You’ll have access to a module website, which includes:
- a week-by-week study planner
- audio and video content
- interactive activities
- third-party resources
- assessment
- online tutorial access
- student and tutor group forums.
The module uses an ebook Certified Ethical Hacker from EC-Council. You’ll also have access to EC-Council iLabs to practice penetration tests in a safe and secure environment.
The CEH material is also delivered as a series of video lectures on the EC-Council iClass platform, accessible by a standard web browser.
Computing requirements
You’ll need broadband internet access and a desktop or laptop computer with an up-to-date version of Windows (10 or 11) or macOS Ventura or higher.
Any additional software will be provided or is generally freely available.
To join in spoken conversations in tutorials, we recommend a wired headset (headphones/earphones with a built-in microphone).
Our module websites comply with web standards, and any modern browser is suitable for most activities.
Our OU Study mobile app will operate on all current, supported versions of Android and iOS. It’s not available on Kindle.
It’s also possible to access some module materials on a mobile phone, tablet device or Chromebook. However, as you may be asked to install additional software or use certain applications, you’ll also require a desktop or laptop, as described above.