BN323 - Ethical Hacking and Security Governance

Unit Overview

Credit Points: Prerequisite: Co-requisite: Workload:
15.00 BN223 Cyber Security Principles N/A 48 contact hours

Aims & Objectives

This is a core unit out of a total of 24 units in the Bachelor of Networking (BNet). This unit addresses the BNet course learning outcomes and complements other courses in a related field by developing students’ specialised knowledge in ethical hacking and vulnerability testing for enterprise systems under the framework of ethical, professional, and legal standards.

This unit is part of the AQF level 7 (BNet) course.

Students will be able to perform ethical hacking and vulnerability testing on enterprise systems with demonstrated knowledge of network vulnerabilities and security protocols. They will be able to provide cybersecurity solutions with in‐depth knowledge of ethical, legal, and professional governance and standards.

This unit will cover the following topics:

  • Vulnerability testing (reconnaissance, scanning, and penetration testing tools and technologies)
  • Network vulnerabilities (TCP/IP and network devices vulnerabilities, wireless network vulnerabilities, and web application
  • vulnerabilities)
  • Legal, ethical, and professional issues in information security
  • Information security architecture planning and ICT governance

Learning Outcomes

At the completion of this unit students should be able to:

  1. Analyse security vulnerabilities using ethical hacking methodologies
  2. Evaluate advanced network security tools and technologies for enterprise‐level security
  3. Analyse ethical hacking performance in a realistic computing environment
  4. Apply security solutions in accordance with the relevant governance policies, laws and standards
  5. Develop and apply information security architecture in consideration of ethical and professional standards

Teaching Method

Lecture: 2 hours
Tutorial/Workshop: 2 hours
Face to Face


Assessment Task Learning Outcomes Assessed* Weighting
Mid term test a,b 10%
Assignment 1 b,c 15%
Assignment 2 d,e 15%
Laboratory participation &
a-e 10%
Final Examination (2 hours) a-e 50%
Total   100%

*refer to learning outcomes above.


Note: Students are required to purchase the prescribed text book and have it available each week in class.

Prescribed Text Book:

M. T. Simpson, N. Antill, Hands‐On Ethical Hacking and Network Defense, Cengage, 3rd Ed., 2018

Reference Reading

  • A. Basta, N. Basta, M. Brown, Computer Security and Penetration Testing, Cengage, 2nd Ed., 2014
  • M. E. Whitman, H. J. Mattord, Principles of Information Security, Cengage, 6th Ed., 2018
  • R. S. McNeal, S. M. Kunkle, M. Schmeida, Cyber Harassment and Policy Reform in the Digital Age: Emerging Research and Opportunities, Information Science Reference; 1st Ed., 2018
  • J. M. Kizza, Computer Network Security and Cyber Ethics, 4th ed., McFarland, 2014
  • M. Manjikian, Cybersecurity Ethics: An Introduction, Routledge, Oxon, 2018

Adopted Reference Style: IEEE

MIT is committed to ensure the course is current, practical and relevant so that graduates are “work ready” and equipped for life-long learning. In order to accomplish this, the MIT Graduate Attributes identify the required knowledge, skills and attributes that prepare students for the industry.
The level to which Graduate Attributes covered in this unit are as follows:

Ability to communicate Independent and Lifelong Learning Ethics Analytical and Problem Solving  Cultural and Global Awareness Team work Specialist knowledge of a field of study



Levels of attainmentExtent covered
5The standard is covered by theory and practice, and addressed by assessed activities in which the students always play an active role, e.g. workshops, lab submissions, assignments, demonstrations, tests, examinations
4The standard is covered by theory or practice, and addressed by assessed activities in which the students mostly play an active role, e.g. discussions, reading, intepreting documents, tests, examinations
3The standard is discussed in theory or practice; it is addressed by assessed activities in which the students may play an active role, e.g. lectures and discussions, reading, interpretation, workshops, presentations 
2The standard is presented as a side issue in theory or practice; it is not specifically assessed, but it is addressed by  activities such as lectures or tutorials
The standard is not considered, there is no theory or practice or activities associated with this standard