Cybersecurity Operations (5 cr)

Objectives (course unit)

By the end of this course students will be able to:
- Explain the role of the Cybersecurity Operations Analyst in the enterprise.
- Analyze the operation of network protocols and services.
- Explain the operation of the network infrastructure.
- Classify the various types of network attacks.
- Use network monitoring tools to identify attacks against network protocols and services.
- Use various methods to prevent malicious access to computer networks, hosts, and data.
- Explain the impacts of cryptography on network security monitoring.
- Explain how to investigate endpoint vulnerabilities and attacks.
- Evaluate network security alerts.
- Analyze network intrusion data to identify compromised hosts and vulnerabilities.
- Apply incident response models to manage network security incidents.

Content (course unit)

This course covers core security knowledge and skills needed for monitoring, detecting, investigating, analyzing and responding to security events, thus protecting systems and organizations from cybersecurity risks, threats and vulnerabilities.

Prerequisites (course unit)

Reititys ja kytkentäisyys

Assessment criteria, satisfactory (1-2) (course unit)

Student
- can use network monitoring tool
- can collect network traffic

Assessment criteria, good (3-4) (course unit)

Student
- can use network monitoring tool
- can collect network traffic
- is able to make basic analysis in case of network exceptions

Assessment criteria, excellent (5) (course unit)

Student
- can collect network traffic for monitoring
- is able to identify network exceptions and analyze them comprehensively

Location and time

Lesson 1: (Wednesday 1/9/2021 (8h00 – 12h00))
Lesson 2: (Wednesday 8/9/2021 (8h00 – 12h00))
Lesson 3: (Wednesday 15/9/2021 (8h00 – 12h00))
Lesson 4: (Wednesday 22/9/2021 (8h00 – 12h00))
Lesson 5: (Wednesday 29/9/2021 (8h00 – 12h00))
Lesson 6: (Wednesday 6/10/2021 (8h00 – 12h00))
Lesson 7: (Wednesday 13/10/2021 (8h00 – 12h00))
Lesson 8: (Wednesday 20/10/2021 (8h00 – 12h00)) => No online meeting
Lesson 9: (Wednesday 27/10/2021 (8h00 – 12h00))
Lesson 10: (Wednesday 3/11/2021 (8h00 – 12h00)) => No online meeting
Lesson 11: (Wednesday 10/11/2021 (8h00 – 12h00))
Lesson 12: (Wednesday 17/11/2021 (8h00 – 12h00))
Lesson 13: (Wednesday 24/11/2021 (8h00 – 12h00))
Lesson 14: (Wednesday 1/12/2021 (8h00 – 12h00))
Lesson 15: (Wednesday 8/12/2021 (8h00 – 12h00))
Lesson 16: (Wednesday 15/12/2021 (8h00 – 12h00)) => Online examination

Room C4-03 at the campus is available for labs (if necessary)

Exam schedules

Wednesday 15/12/2021

Evaluation methods and criteria

The evaluation is based on 4 pillars:
The average score on the module exams (Netacad.com)
The score on the final exam (Netacad.com)
A personal lab report
An oral defense of a specified lab exercise

Assessment scale

0-5

Teaching methods

Online lectures
Labs
Assignments

Learning materials

https://moodle.tuni.fi/
https://www.netacad.com/
https://edulabs.netlify.app/

Student workload

A total of 135 hours. (5 ECTS x 27 hours)

Content scheduling

Module 1: The Danger
Module 2: Fighters in the War Against Cybercrime
Module 3: The Windows Operating System
Module 4: Linux Overview
Module 5: Network Protocols
Module 6: Ethernet and Internet Protocol(IP)
Module 7: Connectivity Verification
Module 8: Address Resolution Protocol
Module 9: The Transport Layer
Module 10: Network Services
Module 11: Network Communication Devices
Module 12: Network Security Infrastructure
Module 13:Attackers and Their Tools
Module 14: Common Threats and Attacks
Module 15: Network Monitoring and Tools
Module 16: Attacking the Foundation
Module 17:Attacking What We Do
Module 18: Understanding Defense
Module 19: Access Control
Module 20: Threat Intelligence
Module 21: Cryptography
Module 22: Endpoint Protection
Module 23: Endpoint Vulnerability Assessment
Module 24: Technologies and Protocols
Module 25: Network Security Data
Module 26: Evaluating Alerts
Module 27: Working with Network Security Data
Module 28: Digital Forensics and Incident Analysis and Response

Completion alternatives

/

Practical training and working life cooperation

/

International connections

A collaboration between Tampere University of Applied Sciences and VIVES University of Applied Sciences (Belgium)

Further information

Deadline 1: 1/11/2021
Module exam 1‐2
Module exam 3‐4
Module exam 5‐10
Module exam 11‐12
Module exam 13‐17
Module exam 18‐20
Current version of the lab report (lab exercises)

Deadline 2: 10/12/2021
Module exam 21‐23
Module exam 24‐25
Module exam 26‐28
Course Feedback
Final Exam
Final version of the lab report (lab exercises)

Assessment criteria - fail (0) (Not in use, Look at the Assessment criteria above)

An average score of less than 50% on the module exams
or a score less than 50% on the final exam
or no delivery of a complete lab report
or a weak oral defense of a specified lab exercise.

Assessment criteria - satisfactory (1-2) (Not in use, Look at the Assessment criteria above)

An average score of more than 50% on the module exams
and a score of more than 50% on the final exam
and the delivery of a complete lab report
and a moderate oral defense of a specified lab exercise.

Assessment criteria - good (3-4) (Not in use, Look at the Assessment criteria above)

An average score of more than 70% on the module exams
and a score of more than 70% on the final exam
and the delivery of a complete lab report
and a good oral defense of a specified lab exercise.

Assessment criteria - excellent (5) (Not in use, Look at the Assessment criteria above)

An average score of more than 90% on the module exams
and a score of more than 90% on the final exam
and the delivery of a complete lab report
and an excellent oral defense of a specified lab exercise.