Hide menu

TDDE61 Ethical hacking

Examination

Overview

The examination in this course consists of four parts:
  • Computer labs (LAB1), 4.5 credits. A series of computer lab assignments. Most of your efforts will be on this part. The lab series is composed of a number of flags. To pass the lab series you need to pass all the flags. More details about the labs can be found here.
  • Exam on rules and regulation (DAT1), 0.5 credits. A computer exam that ensures that the student has sufficient knowledge of rules and policies associated with ethical hacking and work in cybersecurity. Passing this examination is mandatory to get access to the computer labs.
  • Seminar (UPG1), 0.5 credits. A seminar with a written preparation where you discuss ethical aspects of working with adversarial tools and scenarios. More details about the seminar can be found here.
  • Online quiz (UPG2), 0.5 credits. A set of online quizzes relating to subjects discussed in lectures.

Exam on rules and regulation (DAT1)

The purpose of this examination is to make sure that you are familiar with what rules apply in this course, as a student at Linköping University, and in general for anyone engaging in ethical hacking activities. You must pass this exam in order to get access to the computer labs. The exam will give at most 20 points, and 15 are required to pass. To prepare for this exam you should:

  • Attend the lecture on laws and regulation on Friday January 19 at 10.15
  • Read the material on this topic available on the course material page.
  • Sign up to the exam in Lisam. Deadline for signing up is January 15

If you fail the exam, a retake opportunity will be arranged within two weeks from the original exam

Online quiz (UPG2)

During the course a number of guest lectures will be given by experts from industry. In connection to each lecture, there will be a quiz. To pass a quiz, you need 4 out of 7 points in total. To pass UPG2, you need to pass at least (n-1) out of n quizzes where n=5.

Grading

The course has three passing grades, 3, 4, and 5.

To acheive grade 3 on the course the student should be able to (based on the learning outcomes of the course):

  • State and interpret laws, regulations and policies related to ethical hacking. This is demonstrated by passing the exam on rules and regulation (DAT1)
  • Reflect orally and in writing on ethics of work and studies related to cyber security. This is demonstrated by submitting a written reflection on an ethical problem, and discussing it in a seminar (UPG1).
  • Perform reconnaissance and identification of systems, protocols, software, vulnerabilities and possible attack vectors. Adapt and analyze existing exploits, and use these to attack isolated test systems in multiple stages. Protect systems attacked by others. This is demonstrated by passing all the flags in the lab series (LAB1) and achieving a total of 20 out of 100 total points.
  • Identify and relate relevant concepts in, for example, vulnerability analysis, threat modeling, and incident management. This is demonstrated by passing at least 4 out of 5 quizzes.

To acheieve grade 5 on the course the student shoudl meet all the criteria for grade 3 as well as the following additional criteria:

  • To independently analyze problems, gather relevant knowledge and find solutions related to ethical hacking.
  • To perform penetration testing tasks of high complexity which require lateral movement, persistence, and detection avoidance

These criteria are demonstrated by achieveing at least 80 out of 100 total points in the lab series (LAB1). Finally, grade 4 requires partly fulfilling the critera for grade 5, translating to at least 50 points put of 100 total points in the lab series.

Rules

Rules for examination of computer lab assignments at IDA

You are expected to do lab assignments in group or individually, as instructed for a course. However, examination is always based on individual performance.

It is not allowed to hand in solutions copied from other students, or from elsewhere, even if you make changes to the solutions. If there is suspicion of such, or any other form of cheating, teachers are obliged to report it to the University Disciplinary Board.

Be prepared to answer questions about details in specific code and its connection to theory. You may also be asked to explain why you have chosen a specific solution. This applies to all group members.

If you foresee problems meeting a deadline, contact your teacher. You can then get some help and maybe the deadline can be set to a later date. It is always better to discuss problems, instead of, e.g., to cheat.

Any kind of academic dishonesty, such as cheating (e.g., plagiarism, use of unauthorized assistance, and use of prohibited AI-based assistants) and failure to comply with university examination rules, may result in the filing of a complaint to the University Disciplinary Board. The potential penalties include suspension, warning.

Policy for handing in computer lab assignments at IDA

For all IDA courses having computer lab assignments there will be one deadline during or at the end of the course. If you fail to make the deadline, you must retake the, possibly new, lab course the next time the course is given.

If a course deviates from this policy, information will be given on the course web pages.


Page responsible: Mikael Asplund
Last updated: 2024-02-14