Introducing Penetration Test with Case Study and Course Project in Cybersecurity Education

Abstract

Teaching college students ethical hacking skills is considered a necessary component of a computer security curriculum and an effective method for teaching defensive techniques. However, there is a shortage of textbooks and technical papers that describe the teaching materials and implementation of penetration testing techniques for hands-on exercises. In our teaching practice, we have been using case studies and course projects as a means to help students learn the fundamental concepts of, primary techniques and commonly used tools for penetration testing. We think this is a beneficiary complement of a cybersecurity course that is taught in a defensive approach. Through these activities, students have gained hands-on experience and developed their ethical hacking skills. Feedback from them is positive and student learning outcomes are promising. In this paper, we describe the principles of developing and implementing case studies and course projects along with associated considerations for specified educational objectives when introducing penetration test. An example case study and course project that we have been using in our courses are described to introduce the major design ideas and activities to complete them. Experience, lessons and the feedback from students are discussed. Our results will provide a good point of reference for those educators who teach a cybersecurity course at a college or university and would like to offer an introduction to ethical hacking. This work can also be a reference for a college that wants to integrate