Study Guide

Objective

A few students are selected for the Cyber Protection Team course 2 through a separate application process. Other students complete the module's three 5-credit courses normally.

International connections

Pedagogical method follows Problem-Based Learning (PBL). In the cybersecurity training program PBL emphasizes real-world problem-solving, critical thinking, and practical application of knowledge. Students are engaged in active learning through complex, real-world scenarios, enhancing their ability to analyse, collaborate, and develop practical solutions. This method aligns well with the program's goals of preparing students for competitive cybersecurity events by teaching essential skills such as teamwork, incident response, and adaptability.

Content scheduling

The Cyber Protection Team course implementation is designed to prepare students for competitive cybersecurity events by providing training in both offensive (red team) and defensive (blue team) tactics. This course is the second of two 5 credit blocks spread across two semesters. 10 credits combined, the course and covers a wide range of technical aspects of cybersecurity, from foundational concepts to advanced techniques, ensuring participants gain a thorough understanding of operational-level cybersecurity and are prepared to engage in real-world cybersecurity competitions.

After completing the two semesters the students understand the construction, goals, stages, and phases of cyber attacks. Participants will learn to recognise and mitigate web application and system vulnerabilities, utilise network-based defense systems, and analyse endpoint security and logs. The training program also focuses on hardening operating systems, Active Directory, and cloud solutions, while mastering threat emulation, threat hunting, digital forensics, and malware analysis. Additionally, the program emphasizes enhancing teamwork, critical thinking, and incident response skills to ensure students can perform well under pressure. Each student will have the opportunity to customise some of their learning path based on individual interests and specializations.

COMPETENCES:
- Implement and manage cybersecurity frameworks and policies
- Conduct thorough threat and vulnerability assessments
- Plan and execute incident response and forensics investigations
- Utilize advanced tools and techniques for threat hunting and malware analysis
- Develop and implement security operations and monitoring strategies

KNOWLEDGE:
- Cyber Defence Frameworks
- Network and System Security
- Network Traffic Analysis
- Threat and Vulnerability Management
- Security Operations & Monitoring
- Incident Response and Forensics
- Endpoint Security Monitoring
- System and Cloud Hardening
- Threat Hunting
- Malware Analysis
- Red Teaming & Threat Emulation
- Cloud Security
- Scenario, Objectives and Injects in Cyber Exercises

SKILLS:
- Apply cybersecurity policies and best practices
- Use tools like BurpSuite, Nessus, and OpenVAS for vulnerability management
- Perform network and system security assessments
- Conduct threat hunting and utilize threat intelligence
- Analyze network traffic and perform digital forensics
- Execute advanced malware analysis and red teaming exercises
- Implement and manage cloud security measures
- Communicate, coordinate, and cooperate with internal and external stakeholders
- Model and identify threat actors’ tactics, techniques, and procedures (TTPs)

Evaluation scale

H-5

Assessment methods and criteria

The assessment will be based on the completion and performance in technical lab assignments across different modules running on different training and exercise platforms.
Grade criteria, number of successfully completed technical modules or assignments:
<50% = failed
50-59 % = 1
60-69 % = 2
70-79 % = 3
80-89 % = 4
>=90 % = 5