You should decide how many students you want to take the class at one time. Smaller is better, of course.

40 hours seems like alot, but in lab settings those hours will be eaten up.

I would teach the same thing two ways. One way if you just need the information off a box and you don't care about finding out who did it, and the other way would be to preserve information in case something goes to court.

With local access to a box, breaking it is easy. I would cover that with Knopix live cd distros you can get. Since most hackers are not local, you want to teach how to secure over a network ,and how to TEST to be sure that an enviroment is secure.

Etheral would be a must. Check out the tutorial that IronGeek wrote. I can't find it but here is a link to his site that has it (and lots of other good things too) http://www.irongeek.com/

good luck and keep us posted with what you plan on doing.

~Halv