Abstract
Teaching offensive security (ethical hacking) is becoming a necessary component of information security curricula with a goal of developing better security professionals. The offensive security components extend curricula beyond system defense strategies. This paper identifies and discusses the learning outcomes achieved as a result of hands-on lab exercises which focus on attacking systems. The paper includes the ethical implications associated with including such labs. The discussion is informed by analyses of log data on student malicious activities, and student survey results. The examination of student behavior after acquiring these skills demonstrates that there is potentially a high risk of inappropriate and illegal behavior associated with this type learning. While acknowledging these risks and problems, the paper recommends that curricula should opt for a teaching approach that offers students both offensive and defensive hands-on lab exercises in conjunction with lecture material. The authors propose steps to minimize the risk of inappropriate behavior and reduce institutional liability.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Information and Communication Technology Education
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
