Information Security Testing and AssessmentLaajuus (5 op)
Tunnus: 5051244
Laajuus
5 op
Osaamistavoitteet
After completing the course the student:
- is able to explain the basic principles of information security testing and assessment
- can list the phases of information security testing process
- is able to organize and conduct information security risk testing to an SME sector enterprise or similar size organization
- can analyse and report the results from information security testing
- is able to give justified improvement proposals to mitigate information security vulnerabilities
Sisältö
- Social Engineering
- Penetration Testing
- Network Discovery
- Network Service Identification
- Vulnerability Scanning
- Password Cracking
Esitietovaatimukset
Opintojaksot Tietoverkkojen ja tietoturvan perusteet ja Linux and Virtualization
Ilmoittautumisaika
02.12.2024 - 13.01.2025
Ajoitus
13.01.2025 - 30.04.2025
Opintopistemäärä
5 op
Toteutustapa
Lähiopetus
Yksikkö
Tekniikka ja liiketoiminta
Toimipiste
Kupittaan kampus
Opetuskielet
- Englanti
Paikat
10 - 65
Koulutus
- Tieto- ja viestintätekniikan koulutus
- Tietojenkäsittelyn koulutus
- Degree Programme in Information and Communications Technology
Opettaja
- Jani Ekqvist
Vastuuopettaja
Jani Ekqvist
Ryhmät
-
PTIETS22dncsPTIETS22 Tietoverkot ja Kyberturva
-
ICTMODictprojSemMOD ICT Projects & Cybersecurity (International Semester)
-
PTIVIS22TData Networks and Cybersecurity
Tavoitteet
After completing the course the student:
- is able to explain the basic principles of information security testing and assessment
- can list the phases of information security testing process
- is able to organize and conduct information security risk testing to an SME sector enterprise or similar size organization
- can analyse and report the results from information security testing
- is able to give justified improvement proposals to mitigate information security vulnerabilities
Sisältö
- Social Engineering
- Penetration Testing
- Network Discovery
- Network Service Identification
- Vulnerability Scanning
- Password Cracking
Oppimateriaalit
We are using the TryHackMe.com training platform in addition to ItsLearning. Licenses for the duration of the course will be provided.
Tenttien ajankohdat ja uusintamahdollisuudet
Mandatory Practical exam is early April, with re-take chance in April.
Toteutuksen valinnaiset suoritustavat
-
Opiskelijan ajankäyttö ja kuormitus
Lectures 8h
Laboratory assignments 35h
Hackathon 8h
Exam and preparations 9h
Testing project 75h
Sisällön jaksotus
Course begins with introductory lecture. In laboratory exercises student learns to use the tools of trade. Finally, students perform a penetration testing engagement and report the results.
Viestintäkanava ja lisätietoja
All communication will be through ItsLearning.
Arviointiasteikko
H-5
Arviointimenetelmät ja arvioinnin perusteet
Project report determines the grade. At least 3 successfully tested machines must be reported following the reporting requirements to get 1. Each successfully tested and reported machine above that will increase grade by 1. Incomplete reporting will lower the grade.
Exam is mandatory to pass. Getting 5 in exam increases overall grade by 1.
Attendance in Hackathon is mandatory to pass the course.
Laboratory assignments: returning at least 90% of the graded assignments will increase overall grade by 1.
Hylätty (0)
Student is unable to perform and report a penetration testing engagement independently.
Arviointikriteerit, tyydyttävä (1-2)
Student understands the basics of penetration testing and is able to perform a penetration test against a web application independently. Student can write an understandable and actionable report about the test results.
Arviointikriteerit, hyvä (3-4)
Student has a good grasp of information security testing methodologies and tools. Student can independently test various types of internet connected applications. Student can write an understandable and actionable report about the test results that contains guidance for both the management and the developers responsible for the application.
Arviointikriteerit, kiitettävä (5)
Student has knowledge and is able to select the best suited tool and methodology for the engagement. Student can independently test most types of internet connected applications. Student can write a clear, concise and actionable report about the test results that effectively guides management decisions and provides the software developers with detailed guidance on both fixing to found issues and methods for avoiding similar issues in the future.
Esitietovaatimukset
Opintojaksot Tietoverkkojen ja tietoturvan perusteet ja Linux and Virtualization
Ilmoittautumisaika
02.12.2023 - 08.01.2024
Ajoitus
01.01.2024 - 30.04.2024
Opintopistemäärä
5 op
Toteutustapa
Lähiopetus
Yksikkö
Tekniikka ja liiketoiminta
Toimipiste
Kupittaan kampus
Opetuskielet
- Englanti
Paikat
30 - 70
Koulutus
- Tieto- ja viestintätekniikan koulutus
- Tietojenkäsittelyn koulutus
- Degree Programme in Information and Communications Technology
Opettaja
- Jani Ekqvist
Vastuuopettaja
Jani Ekqvist
Ryhmät
-
PTIVIS21TData Networks and Cybersecurity
-
PTIETS21dncsPTIETS21 Tietoverkot ja Kyberturva
Tavoitteet
After completing the course the student:
- is able to explain the basic principles of information security testing and assessment
- can list the phases of information security testing process
- is able to organize and conduct information security risk testing to an SME sector enterprise or similar size organization
- can analyse and report the results from information security testing
- is able to give justified improvement proposals to mitigate information security vulnerabilities
Sisältö
- Social Engineering
- Penetration Testing
- Network Discovery
- Network Service Identification
- Vulnerability Scanning
- Password Cracking
Oppimateriaalit
We are using the TryHackMe.com training platform in addition to ItsLearning. Licenses for the duration of the course will be provided.
Tenttien ajankohdat ja uusintamahdollisuudet
Practical exam is in late March / early April, with re-take chance in April.
Opiskelijan ajankäyttö ja kuormitus
Lectures 8h
Laboratory assignments 27h
Homework 27h
Exam 3h
Testing project 70h
Sisällön jaksotus
Course begins with introductory lecture. In laboratory exercises student learns to use the tools of trade. Finally, students perform a penetration testing engagement and report the results.
Viestintäkanava ja lisätietoja
All communication will be through ItsLearning.
Arviointiasteikko
H-5
Arviointimenetelmät ja arvioinnin perusteet
Laboratory and homework assignments 10-20% of grade
Exam 10-20% of grade
Project report 60-70% of grade
Hylätty (0)
Student is unable to perform and report a penetration testing engagement independently.
Arviointikriteerit, tyydyttävä (1-2)
Student understands the basics of penetration testing and is able to perform a penetration test against a web application independently. Student can write an understandable and actionable report about the test results.
Arviointikriteerit, hyvä (3-4)
Student has a good grasp of information security testing methodologies and tools. Student can independently test various types of internet connected applications. Student can write an understandable and actionable report about the test results that contains guidance for both the management and the developers responsible for the application.
Arviointikriteerit, kiitettävä (5)
Student is has knowledge and is able to select the best suited tool and methodology for the engagement. Student can independently test most types of internet connected applications. Student can write a clear, concise and actionable report about the test results that effectively guides management decisions and provides the software developers with detailed guidance on both fixing to found issues and methods for avoiding similar issues in the future.
Esitietovaatimukset
Opintojaksot Tietoverkkojen ja tietoturvan perusteet ja Linux and Virtualization
Ilmoittautumisaika
02.12.2022 - 15.01.2023
Ajoitus
01.01.2023 - 30.04.2023
Opintopistemäärä
5 op
Toteutustapa
Lähiopetus
Yksikkö
Tekniikka ja liiketoiminta
Toimipiste
Kupittaan kampus
Opetuskielet
- Englanti
Koulutus
- Tieto- ja viestintätekniikan koulutus
- Degree Programme in Information and Communications Technology
Opettaja
- Jani Ekqvist
Vastuuopettaja
Jani Ekqvist
Ryhmät
-
ICTMODictprojSemMOD ICT Projects & Cybersecurity (International Semester)
-
PTIVIS20TData Networks and Cybersecurity
Tavoitteet
After completing the course the student:
- is able to explain the basic principles of information security testing and assessment
- can list the phases of information security testing process
- is able to organize and conduct information security risk testing to an SME sector enterprise or similar size organization
- can analyse and report the results from information security testing
- is able to give justified improvement proposals to mitigate information security vulnerabilities
Sisältö
- Social Engineering
- Penetration Testing
- Network Discovery
- Network Service Identification
- Vulnerability Scanning
- Password Cracking
Arviointiasteikko
H-5
Esitietovaatimukset
Opintojaksot Tietoverkkojen ja tietoturvan perusteet ja Linux and Virtualization
Ilmoittautumisaika
02.12.2021 - 16.01.2022
Ajoitus
01.01.2022 - 30.04.2022
Opintopistemäärä
5 op
Toteutustapa
Lähiopetus
Yksikkö
Tekniikka ja liiketoiminta
Opetuskielet
- Englanti
Paikat
0 - 40
Koulutus
- Tieto- ja viestintätekniikan koulutus
- Degree Programme in Information and Communications Technology
Opettaja
- Jani Ekqvist
Vastuuopettaja
Jani Ekqvist
Ryhmät
-
PTIVIS19TData Networks and Cybersecurity
Tavoitteet
After completing the course the student:
- is able to explain the basic principles of information security testing and assessment
- can list the phases of information security testing process
- is able to organize and conduct information security risk testing to an SME sector enterprise or similar size organization
- can analyse and report the results from information security testing
- is able to give justified improvement proposals to mitigate information security vulnerabilities
Sisältö
- Social Engineering
- Penetration Testing
- Network Discovery
- Network Service Identification
- Vulnerability Scanning
- Password Cracking
Arviointiasteikko
H-5
Esitietovaatimukset
Opintojaksot Tietoverkkojen ja tietoturvan perusteet ja Linux and Virtualization