Some Received Comments on CS4238 (Computer Security Practice) Module

• AY2016-17 Semester 2
• AY2018-19 Semester 1
• AY2019-20 Semester 2
• AY2020-21 Semester 2

Comments in AY2016-17 Semester 2:

• "It is safe to say that I honestly had a great time reading this module. One particular characteristic about this module that I liked is the availability of hands-on practical lab sessions. It feels rewarding to put theory to practice, so the lab sessions were a great experience."


• "All in all, I think CS4238 has delivered its goals in allowing us to practice our computer security knowledge into practice, which I think is very important if one considers a career in computer security, or even if one does not, the knowledge gained from this module will be very important when he/she designs or develops a system, as he/she will be able to identify potential sources of security vulnerabilities."


• "The practical plays a big part in making sure that I can apply what I learnt in theory in the real world as knowing just the theory sometimes doesn’t give me a full understanding of a security problem. By actually doing, it helps me learn much faster. I am glad that this module is offered in NUS."


• "Security practice has thus allowed me to gain insight to what is expected of a computer security professional."


• "In conclusion, I felt that I learnt a lot from this module as it gave the perfect opportunity to turn theory into practice. I would definitely recommend this module to others who are also interested in security."


• "CS4238 is an interesting module to take. I would encourage my juniors to take this module even if they are not specialising in this area."


• "In conclusion, there are many rewarding experiences and skills that I’ve accomplished in this module that would benefit me in my future career."


• "Security practice has helped me to gain more insight on the importance of security in our everyday lives. The techniques learnt during lesson will be very useful for my future endeavours in cyber/information security areas."


• "Overall, I must say that the module is fun and enjoyable. It is really quite beneficial for people who wants to advance in the security industry."


• "In conclusion, overall, CS4238 - Computer Security Practices - was an interesting and fruitful study experience and I really enjoyed the module."


• "CS4238 has been purposeful in allowing me to deepen my existing theoretical security knowledge as well as applying them on practical scenarios. I believe that regardless of whether I am continuing in the field of cyber security in the future, the valuable lessons taught will allow me to protect myself better in the digital world and adhere to security practices in the future."


• "This module has also exposed us to security tools that allows us to find possible vulnerabilities in our system or application. This is a useful knowledge which will make us a better security or software engineer as we can use these tools to find vulnerabilities which in turn will protect the users of our applications."


• "Overall, it is a rewarding experience by solving the security challenges and understanding concepts through practical hands on."


• "I shall say that I learnt a lot of useful computer security topics through handson experiments in CS4238."


• "I find that the topics covered will be useful in the future, especially since I hope to be able to work in this field of information security. Even at a personal level, knowledge of the tools covered can help in troubleshooting my own network issues."


• "Security practice has helped me to hone my adversarial thinking skills such that almost everything I seen now I see them from a security perspective, such as how I can exploit and break whatever systems and processors that are currently in place to do things which I am not supposed to do."


• "Thus, with this module, I am exposed to the different forms of popular cyber-attacks and also learnt how to carry out those attacks. In some sense, this also helps to develop my skillset as I now know both the methods to attack and the defence mechanisms as well."


• "What I liked about CS4238 was that the syllabus follows the flow of information security practices, from reconnaissance phases to active exploitations and attacks and lastly the maintenance of future access and backdoors."


• "I find and love the way this module is taught. It gave us so much practical opportunities that allow us to hone our skills. The environment that was set up for us to play in the CTF is my favorite of all."


• "I found all the practical materials very interesting, especially since I had no prior experience in doing most of the attacks."


• "However, the module exceeded my expectations and I have obtained new practical knowledge about information security."


• "I have had much fun learning the covered materials."

• "What makes this module different from the other modules I took, is the hands-on experiences. From home assignments to lab sessions and Capture the Flag (CTF), these activities require us to apply almost everything that we have learnt."


• "Having a team based CTF as the final assessment was rather fun and interesting."


• "The group assigned to me was fantastic and I had a great experience working with them during the CTF."


• "However, the CTF was a good learning experience and is my first CTF in NUS. I was quite pleased to have the opportunity to take part in a CTF in my final semester."


• "After the whole CTF event has ended, I am proud to say that the teamwork we had is indescribable."


• "The CTF was quite a stressful period but it still was a memorable one."


• "On the actual day, it is very challenging and thrilling at the same time especially competing with other teams to race against time."


• "However, I would have to say that the most fun part of the module was actually the CTF-like competition conducted in Week 13."


• "Working on the CTF problems with the group was really fun as we tried applying all the knowledge gained during course of module to get the tasks done."


• "Of course, the CTF was a group effort and I think that it was a very fun assessment."


• "Overall, CS4238 was a very enjoyable module which has equipped me with the knowledge and skills necessary to take my first step towards a career in cyber security."


• "The group activity assigned to our class was the CTF activity, which was really interesting as I had never experienced anything of this sort before. It pushed us to think outside the box and apply everything that we have learnt in the previous few weeks. Overall, it was really fun and really gave us a chance to play at being the red team".

• "This module gives me lots of insight into Computer Security, from the lecture notes, to the lab practices and also the assignments."


• "I think where CS4238 truly shines are the homework that are given to us. The homeworks marries the different analytical thinking and security concepts required to perform the tasks outlined in the documents. It guides us enough from one task to another that I am not lost when I attempt the homework, but the instructions remain ambiguous and flexible enough for me to come up with my own solution without it seeming like I was spoonfed the solution."


• "I enjoyed doing the labs as they enabled us to get a better idea of the topics taught during the lecture."


• "The assignments were extremely interesting and fun."


• "This module helped me gain some deeper understandings about knowledge that I have learnt before, especially the lab sessions and the homework practice."


• "For me, the best part of this module is the lab sessions. The lab sessions helped me to get a hands-on experience on the topic that was taught throughout the module."


• "I have definitely learnt a lot from this module. What I feel distinguishes this module from the other security modules is the great deal of focus on practical lab sessions. The weekly lab sessions were insightful as we picked up skills on using the hacking tools, rather than only learning the theory behind it during lectures. We could thus, see for ourselves how each command worked and the resulting output of the command."


• "I think this module has helped me to understand the various attacks much better through the laboratory and homework practices."


• "The labs for the module was structured well to give us an introduction to the various tools taught during a lecture."

Additional Comments in AY2018-19 Semester 1:

• "CS4238 Computer Security Practice did not fail me when it mentioned that “This is a practice security module with emphasis on hands-on experiences of computer security.” in the module synopsis. It did provide me all the hands-on experiences where I get to learn offensive tools and commands and the Capture the Flag (CTF) at the final week."


• "Security practice also equipped me with the knowledge on how exploitations work, the possible methods that attackers can employ to exploit the vulnerabilities (so we know what kinds of exploitation techniques to look out for when trying to keep a system secure), and the best practices and possible defences against such exploitations."


• "I had an excellent learning experience with the covered materials, and I feel that the content covered is relevant, broad enough, and has enough depth to get us started to explore these concepts on our own."


• "All in all, this module has been interesting and beneficial for me. It is a very different module from the ones that I have taken as it mainly focuses on the practical aspect. While the CTF was slightly challenging, it was certainly the highlight of this module. I would say that this module has certainly peaked my interest in cybersecurity even more."


• "It equipped me with the necessary knowledge and foundation to further my career in the Cyber Security industry."


• "I am grateful for this course as it is very useful for any computing student."


• "I will definitely suggest others to take this module as well to get hands on experience on legally breaking stuff."


• "I think the course delivered what it has designed, introduce students to the world of cybersecurity. The process of learning and practicing from this course is fulfilling. Additionally, it is an eye-opening to look at what I have known before in a different angle in this course."


• "In conclusion, this module CS4238 computer security practice has been an enriching and interesting module for me. I enjoy the full hands-on experience with the introduction of many offensive tools that different types of hats use and knowing the theory behind the different vectors of attack and prevention. These skills and knowledge will assist me when I decide to pursue a career in the security domain soon."


• "Overall I will recommend this module to my schoolmates whom have been hearing good reviews from me."


• "All in all, security practice has allowed me to experience all of this first hand, which leaves the most lasting impression, and the best form of learning possible."


• "In conclusion, I found CS4238 to be interesting and unique. I have enjoyed doing the practical lab and taking part in the CTF. I look forward to more of these modules in the future."


• "When I graduate and look for a job, I am confident that my familiarity with these hacking tools will also be invaluable should I take up a cyber security role in future."


• "After learning about security practise and cyber-attacks, I will be able to apply security practises in my work and work environment later."


• "It was very refreshing to be able to put to test what was taught in the lab directly after, and I really enjoyed attending the lessons."


• "In conclusion, I feel that the journey in CS4238 has been fruitful. Not only has it broadened my view on cybersecurity but it has also equipped me with knowledge of useful tools."


• "The great thing about this module is that going through all these real-world tools gives us the experience to allow us to apply our theoretical knowledge to actual attacks(or more likely, defenses)."


• "As with the entire focus of the module, CS4238 covers these security concepts more in-depth, and offers more practical and hands on exposure to these concepts, which allowed me to better learn and understand why these vulnerabilities can take place, and how these vulnerabilities can be exploited to launch attacks."


• "Overall, this module covered a lot of interesting topics throughout the semester, ranging from the classic to modern, and I enjoyed it very much."


• "More importantly, security practice has helped me in a greater way - helping me figure out what I wish to pursue in my career. After 2 courses in security that have both been very interesting as well as satisfying to learn and execute(e.g exploits in assignments), I’ve decided to pursue computer security either in further studies and eventually as a career."


• "I am glad to say, at the end of the module, that it has benefited me in ways that I initially wished it would."


• "Overall, I felt that I have learnt a lot from this course, as the course covers many aspects of cybersecurity."


• "In general, I feel that the covered materials were well paced and flowed well. I got to appreciate the general flow of penetration testing, which is reconnaissance > scanning > break-in > malware > hiding."


• "I believe this module has helped me appreciate the risks and challenges when building large scale computer networks and systems. By examining how the the red team operates, I can build more secure applications and systems. It is also useful to be able to see things from the attacker's perspective."


• "It has helped me to look at things from attackers’ mindsets, like how they attack (e.g. by twisting the original usage), then think of ways to defend against such attacks. It was interesting to see how different applications of the same technique, technology, protocols or tools, could be so different from its original intended usage and result in malicious actions."


• "Taking CS4238 has been rather fun and interesting due to learning and trying out how to carry out certain attacks to exploit known vulnerabilities."


• "In general, I enjoyed a lot in this module and I think the focus on the hands-on practice is great bonus for students who are relatively new in cybersecurity. Additionally, the knowledge and skills taught are useful for my work."

• "The CTF is the most interesting and fun final exam I have sat for."


• "Lastly, the CTF was quite fun and interesting, as I got to apply the concepts learnt in a more ‘realistic’ environment as compared to when learning and testing us the concepts individually."


• "Most of us would agree the CTF to be the highlight of this module. The team really had the most fun in the CTF. The score will be forgotten soon after we graduate but the fun we had that CTF night will keep beating in our heart."


• "The CTF at the end of the semester was the most interesting to me. Since this was my first CTF, it was nice to soak in the atmosphere of how a real CTF might somewhat be like."


• "I think the topic that intrigued me the most was the CTF session. It was fun to put what we learned over the past few weeks together and engage in a healthy time-based competition with the rest of the class. It was a also a good time to work together with my team to solve the problems together."


• "The Capture The Flag (CTF) session was one of the most memorable session. The CTF brought fun into learning, and the requirement for teamwork made it essential for students to work as a team."


• "The CTF is interesting and is the highlight for this module particularly the ending music."


• "I found the CTF to be an extremely enjoyable and memorable addition to the module."


• "The CTF was extremely exciting and enjoyable particularly when the team worked together and manage to solve for a flag."


• "CTF was where this “set-up” really paid off."


• "CTF provided a good starting point for me to participate in future CTFs."


• "Participating in the CTF was unique, interesting, and fun as it was the first time a module that I took in NUS has ever hosted one."


• "CTF was something rather new to me and it was an interesting and fun experience to have done it in this module."


• "I have personally learnt a lot from my group members and from group-based tasks."

• "I love the method this module was taught, which has a greater focus on lab and assignments, as I find it more interesting to learn with a hands-on approach."


• "I really appreciate this module because it emphasizes a lot on the hands-on practice part and doing the labs, assignments as well as the CTF allowed me to learn and really use what I have learnt."


• "Furthermore, I like how the labs are carried out to enforce the theory concepts covered during the lecture, enabling us to understand and see how the concepts come into play and apply to practical scenarios."


• "The labs after the lecture were also useful as they helped me to reinforce the concepts taught in the lecture."


• "The lab sessions were particularly useful for me, as they provided the hands-on experience that the student so needed, in order to gain confidence to dive further in future."


• "Additionally, the lab exercises and assignments familiarised me with the usage of tools discussed during lectures and reinforced my understanding of the tools."


• "The lab exercises were useful as they help to reinforce the concepts that we had learnt in lectures and help us familiarize with the tools covered in lectures."


• "Having hands-on practice facilitates our understanding on the inner workings and mechanisms of different types of attacks as discussed in the lectures."


• "Moreover, all the hands-on practices were valuable, especially the assignments on buffer overflow and network attacks."

Additional Comments in AY2019-20 Semester 2:

Additional Comments in AY2020-21 Semester 2: