Operational Cybersecurity (5 cr)
Code: MS00CR17-3001
General information
Enrollment
01.06.2024 - 20.08.2024
Timing
01.08.2024 - 31.12.2024
Number of ECTS credits allocated
5 op
Mode of delivery
Contact teaching
Unit
Engineering and Business
Teaching languages
- Finnish
Degree programmes
- Expert training in Cyber Security
Teachers
- Pia Satopää
- Mikko Kiuru
- Jani Vanharanta
Groups
-
OSKYBEK24Cyber Security Expert in Higher Education Administration
- 20.08.2024 08:00 - 12:00, Operatiivinen kyberturvallisuus MS00CR17-3001
- 16.09.2024 08:00 - 16:00, Operatiivinen kyberturvallisuus MS00CR17-3001
- 07.10.2024 08:00 - 12:00, Operatiivinen kyberturvallisuus MS00CR17-3001
- 08.10.2024 08:00 - 12:00, Operatiivinen kyberturvallisuus MS00CR17-3001
- 26.11.2024 08:00 - 12:00, Operatiivinen kyberturvallisuus MS00CR17-3001
Objective
Students are expected to extend their knowledge of the security operations centre’s concept and activities, to trial, compare and promote technical solutions suitable for SOC operation, and to implement threat hunting and monitoring controls and tools as part of the security operations centre’s tasks and processes.
After completing the course the students are expected to plan, implement and conduct different cyber security incident handling and threat-hunting activities to enhance the overall security posture of computer systems and the network infrastructure.
This course focuses on the enhancement of networked infrastructure monitoring as part of organisations’ operational activities with emphasis on reactive actions in anomaly detection and respective control processes.
Content
COMPETENCES
• List the relevant standards overarching information security management
• Perform structurisation for various data types
• Build capabilities for visualising and monitoring anomalies and correlated threats in computer networks
• Plan and document cyber security incident handling processes and workflows for various SOC tiers and operators
• Utilise threat intelligence information in threat-hunting
KNOWLEDGE
• Cybersecurity policies
• Cybersecurity recommendations and best practices
• Incident handling standards, methodologies and frameworks
• Incident handling tools
• Incident handling communication procedures
• Security Operation Centres (SOC) operation
• Computer Security Incident Response Teams (CSIRTs) operation
• Cybersecurity-related technologies
• Computer system vulnerabilities
SKILLS
• Practice technical, functional and operational aspects of cybersecurity incident handling and response
• Utilise cyber threat information in threat-hunting activities
• Work on operating systems and relevant infrastructures
• Analyse network traffic semantics
• Integrate cybersecurity solutions to the organisation’s infrastructure
• Configure solutions according to the organisation’s security policy
• Use XDR platform for threat-hunting
Evaluation scale
H-5