This compulsory course strengthens the acquisition of the following basic and general competences:
- CB6: Master the knowledge required to propose original designs or developments, often in a research process within the area of cyber security.
- CB7: Ability to apply acquired knowledge to solve problems under novel or almost novel situations or within broader (multidisciplinar) contexts related with cyber security.
- CB8: Ability to state critical opinions and judgements having incomplete or limited information in the field of cyber security. These judgements must take into account include considerations about social and ethical responsibilities
- CB9: Discuss in a public audience about their acquired knowledge, and the conclusions from the work. Students will be able to give their foundational and most convincing reasons to a specialized and non specialized audience in a clear way, without ambiguities.
- CB10: Students should have the learning skills required to continue studying in a autonomous or self-directed way.
- CG1: Create and refine concise and comprehensively documents, plans and projects in the scope of cyber security.
- CG3: Understand and apply methods and techniques to investigate vulnerabilities of a given site.
- CG4: Know the relevant technique part of the legal regulation in cyber security and its implications in the design of systems and security tools.
This compulsory course strengthens the acquisition of the following specific competences:
- CE1: Annalyze and detect anomalies and attack signatures y systems and networks.
- CE2: Analyze and detect ocultation techniques in attacks to systems and networks.
- CE3: Knowledge of trends in the cyber attacks techniques and about learned experiences in real cases.
- CE7: Know and apply the cryptographic and steganographic mechanisms required to protect data stored in a system or data transiting a network.
This course contributes to the following learning outcomes:
Acquire remotely intelligence of technical origin about the components of a target system, using open sources as well as enumeration and reconnaissance techniques.
Detect, in a fixed time, a high percentage of the vulnerabilities of a given network system
Explain at least one way of compromising a system which have detected vulnerabilities.
Justify through reasoned reports the detected vulnerabilities and the detailed procedure to be followed to perform the intrusion.
Explain other attack techniques to a system that is not vulnerable to direct intrusion.
Given the dependencies among the different network services of a system, explain how different proposed attack would evolve and how the different parts and the total would be affected of each of those attacks.
Knowing the type of information and defense mechanisms deployed in a system, explain the impact of different threats and intrusions and, in particular, information leaks.
Propose different attacks that may be performed from inside a system in a controlled environment and explain the consequences.
Explain the mechanisms that can be used to conceal an intrusion in a system.