This subject explores authorised simulated cyber-attacks on a computer system, network, and web application to identify vulnerabilities in an organisation. Students are therefore taught about the protocols related to the prevention of security breaches and the countermeasures that can potentially mitigate the risk of unauthorised access, hacks and exploits to the organisation’s systems, networks, and applications.