Table 4.
Perceptions of students on course topics and teaching strategy (multiple choices and open-ended questions) (n = 19)
| Q1. Topics most enjoyed learning by students |
SQL Injection (15) Cross-site scripting (14) Broken-Authentication (10) Bypassing client-side controls (7) Real-world case studies (5) Broken Access Control (6) Sensitive data exposure (6) Improper input validation (5) CVSS (4) Buffer-overflow, and memory attacks (2) |
| Q2. Reasons why students enjoyed the topics from Q1 |
Fun, engaging and interesting hands-on exercises and projects (8) Related to real-world circumstances that can happen in our lives/ real-world applications (7) Hands-on practice as an attacker and a defender role (4) Understand how an attack works from an attacker's perspective/Real-world attack methods (4) Use of real security tools (1) |
| Q9. How did the materials and activities in this course help students to learn? |
Helps with practical security skills through hands-on exercises and the use of tools (10) Help to develop "security mindset" / be more aware of programming errors/vulnerabilities (4) Helps to understand the web and software security concepts (3) Good gateway for beginner to the world of cybersecurity (1) |