SECTION A: DEFINITIVE MODULE RECORD. Proposed changes must be submitted via
Faculty/AP Quality Procedures for approval and issue of new module code.
MODULE CODE: PUSL3132
CREDITS: 20
MODULE TITLE: Ethical Hacking
FHEQ LEVEL:6
HECOS CODE: 100376
JACS CODE: I100
PRE-REQUISITES:
CO-REQUISITES:
COMPENSATABLE: Y
SHORT MODULE DESCRIPTOR: (max 425 characters)
Understanding the security and vulnerabilities of IT systems is critical in their protection. This
module seeks to develop the knowledge and skills to undertake penetration testing of systems. A
range of passive and active offensive techniques will be taught, alongside an in-depth
understanding of the legal and ethical issues surrounding such activity.
ELEMENTS OF ASSESSMENT
Components of Assessment
E1
50%
(Examination)
E2 (Clinical
Examination)
T1 (Test)
[Use HESA KIS definitions] – see Definitions of Elements and
C1 (Coursework)
50%
P1 (Practical)
A1 (Generic
assessment)
SUBJECT ASSESSMENT PANEL to which module should be linked: NSBM Computing
Professional body minimum pass mark requirement: N/A
MODULE AIMS:

To introduce and understand the role and responsibilities of a penetration tester, including
relevant legal and operational consequences.

To introduce strategies that can be utilised in enabling a structured and methodical analysis of
organisational systems and vulnerabilities.

To introduce the tools and techniques that are applied within the field and be able to explain
the findings in a meaningful fashion.
ASSESSED LEARNING OUTCOMES: (additional guidance below; please refer to the
Programme Specification for relevant award/ programme Learning Outcomes.
At the end of the module the learner will be expected to be able to:
Assessed Module Learning Outcomes
Award/ Programme Learning Outcomes
contributed to
1.
Demonstrate a systematic understanding BSc (Hons) Cyber Security
and critique the roles and responsibilities of a
8.1.1, 8.1.3, 8.1.4
Penetration Tester with consideration for legal
8.2.1, 8.2.2, 8.2.5
and ethical issues.
8.3.1
2.
Apply appropriate tools and techniques 8.4.2, 8.4.3
that can be used to both attack and defend
8.5.3, 8.5.4, 8.5.7
systems in given scenarios.
8.6.3
3.
Interpret and analyse results from a
range of tools and document findings in an
BSc (Hons) Computer Networks
appropriate manner.
Setting 2; Knowledge & understanding 5,7,8,9;
Cognitive skills 1,2,3,5; Performance & practice
1,2,6; Personal and enabling skills 1,4,5;
DATE OF APPROVAL: July 21
DATE OF IMPLEMENTATION: 01/09/2022
DATE(S) OF APPROVED CHANGE: July
2023
Notes:
FACULTY/OFFICE: Academic Partnerships
SCHOOL/PARTNER: NSBM
SEMESTER: Semester 2
Additional Guidance for Learning Outcomes:
To ensure that the module is pitched at the right level check your intended learning
outcomes against the following nationally agreed standards
 Framework for Higher Education Qualifications
http://www.qaa.ac.uk/publications/information-andguidance/publication/?PubID=2718#.VW2INtJVikp
 Subject benchmark statements
http://www.qaa.ac.uk/ASSURINGSTANDARDSANDQUALITY/SUBJECTGUIDANCE/Pages/Subject-benchmark-statements.aspx
 Professional, regulatory and statutory (PSRB) accreditation requirements (where necessary
e.g. health and social care, medicine, engineering, psychology, architecture, teaching, law)
 QAA Quality Code http://www.qaa.ac.uk/AssuringStandardsAndQuality/qualitycode/Pages/default.aspx
Page Break
SECTION B: DETAILS OF TEACHING, LEARNING AND ASSESSMENT
Items in this section must be considered annually and amended as appropriate, in conjunction
with the Module Review Process. Some parts of this page may be used in the KIS return and
published on the extranet as a guide for prospective students. Further details for current students
should be provided in module guidance notes.
ACADEMIC YEAR: 2022/23
MODULE LEADER: TBC
NATIONAL COST CENTRE:121
OTHER MODULE STAFF: TBC
Summary of Module Content
The module will consider the principles of Penetration Testing (roles, responsibilities, legal, ethical,
etc.); tools and techniques for undertaking a Penetration Test (footprinting / reconnaissance / scanning
/ access / exploitation techniques etc.); and, the documentation of findings. The module also considers
a range of protective mechanisms that can be deployed to protect or mitigate such attacks.
Indicative topics: Legal/ethical context, footprinting, scanning, enumeration, sniffing, social engineering,
application level attacks, wireless networks, firewalls, network access control, traffic auditing, exfiltration
techniques, anonymisation.
SUMMARY OF TEACHING AND LEARNING [Use HESA KIS definitions]
Scheduled
Hours
Comments/Additional Information (briefly explain
Activities
activities, including formative assessment
opportunities)
Lectures
24
To deliver the core body of knowledge
Labs
24
Assessment
4
Self-Study
148
Total
200
Practical based activities to reinforce knowledge introduced
in lectures
Formative and summative assessment opportunities
An opportunity to read around the subject, to
obtain greater depth of understanding of the
subject.
(NB: 1 credit = 10 hours of learning; 10 credits = 100
hours, etc.)
SUMMATIVE ASSESSMENT
Element
Category
Component Name
Component
Weighting
E1 (Examination)
Written exam
100%
Test
%
%
100%
C1 - Assignment
Coursework
100%
Practical
%
%
100%
Clinical
Examination
%
%
100%
Generic
Assessment
Pass/Fail
REFERRAL ASSESSMENT
Element Category
Written exam
Component Name
Component
Weighting
%
%
100%
Coursework (in lieu
of the original
assessment)
E1 – Coursework in lieu of
referred exam
100%
C1 - Referral Assignment
Coursework
100%
Practical
%
%
100%
Clinical Examination
%
%
100%
Generic
Assessment
Test
Pass/Fail
%
%
100%
To be completed when presented for Minor Change approval and/or annually updated
Updated by:
R
Approved by:
Stuhlmeier
Date: 1/7/2021
Date: XX/XX/XXXX