Study Guide

Objectives (course unit)

The digital landscape is evolving at an unprecedented rate with unknown threats lurking around every corner. Cybersecurity resilience in the modern world cannot be just an addon - it's a necessity. Organizations must build cybersecurity resilience, and offensive security professionals like Ethical Hackers and Penetration Testers can help proactively discover unknown threats and address them before cybercriminals do.

This course is designed to prepare learners with the Ethical Hacker skillset. By doing real-world inspired hands-on practice labs, learners develop essential workforce readiness skills to lay a solid foundation in offensive security.

After completing the course, the students will be able to:
- Understand the mindset and tactics of threat actors
- Use several offensive security tools in proficient way
- Scope, execute and report vulnerability assessments
- Recommend mitigation strategies
- Understand the ethical aspect of hacking

By the end of the course, students have learned how to use ethical hacking tools to find, assess, and exploit vulnerabilities in a range of simulated and real-world targets.

Content (course unit)

- Ethical Hacking and Penetration Testing
- Testing tools and environments
- Planning and Scoping a Test
- Information Gathering
- Exploiting Vulnerabilities
- Post-exploitation
- Analysis and Reporting

Prerequisites (course unit)

- Basic knowledge of cybersecurity
- Strong computer usage skills and understanding of how a computer operates
- Fundamentals of the Windows operating system
- Basic proficiency with Linux commands
- Introductory knowledge of programming
- Solid understanding of computer networks and their functionality

Assessment criteria, satisfactory (1-2) (course unit)

The student:
- Understands the basic principles of ethical hacking and penetration testing and explains their relevance to cybersecurity.
- Performs fundamental steps in offensive testing in simulated environments following instructions.
- Uses hacking tools at a basic level.

Assessment criteria, good (3-4) (course unit)

The student:
- Applies ethical hacking methods in practical scenarios.
- Uses hacking tools effectively, documents findings, and critically analyzes them.
- Creates a basic proof-of-concept to demonstrate a discovered vulnerability and its impact in a simulated environment.

Assessment criteria, excellent (5) (course unit)

The student:
- Has the necessary skills to participate in a planned penetration test as an active tester, following the plan and demonstrating an understanding of its details and objectives.
- Effectively utilizes tools and techniques as part of the testing process and interprets findings accurately.
- Prepares professional summaries detailing findings, risks, and relevant recommendations.

Location and time

Online sessions (zoom): Wednesdays 27th Septempber, 4th October and 11th October at 14:00-16
Lab sessions (C3-05): Wednesdays from 25th October to 13th December at 12:00-20

Exam schedules

There isn't a single exam for the course; instead, the completion is based on several different assignments.

Assessment methods and criteria

The course is graded on a pass-fail scale. To receive a passing grade, students must complete the Ethical Hacker online course, perform the laboratory assignments, and conduct a penetration test (case study) followed by reporting its results.

Assessment scale

Pass/Fail

Teaching methods

Hack-2-Learn methodology: Self-study materials, laboratory exercises, case study, collaborative learning, problem and challenge-based approaches, remote instruction, and in-person lessons.

Learning materials

SkillsforAll Ethical Hacker course
Supplementary materials will be distributed during lessons

Student workload

5 credit units correspond to 135 hours of student work. Students are expected to be prepared to devote this amount of time to studying the course materials and completing the assignments. At the beginning of the course, the workload is focused on self-study, while towards the end, the emphasis shifts to laboratory work and case study.

Content scheduling

Details to be clarified later

Completion alternatives

n/a

Practical training and working life cooperation

In designing the course, information from industry representatives and companies was utilized. There may be guest speakers from the business world during the lessons.

International connections

The course uses English-language course materials and internationally recognized frameworks. The course will have participants from both Finnish-speaking and international programs.

Further information

The creation of the implementation plan is still in progress and will be updated in the near future.