Cyber Protection Team 1 (5op)

Arviointiasteikko

H-5

Sisällön jaksotus

INTRODUCTION
By the end of this programme, students should be well-versed in both offensive (red team) and defensive (blue team) tactics, have a clear understanding of operational-level cyber security, and be prepared to engage in real-world cyber security competitions.
The trainees will learn, for example, how cyber attacks are constructed, what goals, stages and phases they consist of; how to recognise web application and system vulnerabilities; use network-based defence systems; analyse and monitor endpoint security and logs; and harden operating systems, Active Directory and cloud solutions. The trainees will also learn threat emulation and threat hunting, as well as digital forensics and malware analysis.
Throughout the programme, competition-relevant aspects such as teamwork, critical thinking, and incident response are trained cyclically to ensure students can perform well under pressure.
The number of tasks, rooms and modules may vary based on students’ individual interests and preferences. Each student will follow their own specialisation path, focusing on areas such as network traffic investigation, digital forensics, malware analysis or red teaming.

OBJECTIVES

The Cyber Protection Team course implementation consists of two 5-credit modules delivered across two semesters, totalling 10 ECTS. It is designed to prepare students for competitive cyber security events by providing comprehensive training in both offensive (red team) and defensive (blue team) tactics. The programme covers a wide range of technical topics – from foundational concepts to advanced techniques – ensuring participants gain a thorough understanding of operational-level cyber security and are well-equipped to engage in real-world cyber security competitions.

After completing both semesters, students will understand the structure, objectives, stages, and phases of cyberattacks. Participants will learn to recognise and mitigate web application and system vulnerabilities, utilise network-based defence systems, and analyse endpoint security and logs. The training program also focuses on hardening operating systems, Active Directory, and cloud solutions, while mastering threat emulation, threat hunting, digital forensics, and malware analysis. Additionally, the program emphasises enhancing teamwork, critical thinking, and incident response skills to ensure students can perform well under pressure. Each student will have the opportunity to tailor parts of their learning path based on individual interests and specialisations.

COMPETENCES:
• Implement and manage cyber security frameworks and policies
• Conduct thorough threat and vulnerability assessments
• Plan and execute incident response and forensics investigations
• Utilise advanced tools and techniques for threat hunting and malware analysis
• Develop and implement security operations and monitoring strategies

KNOWLEDGE:
• Cyber Defence Frameworks
• Network and System Security
• Network Traffic Analysis
• Threat and Vulnerability Management
• Security Operations & Monitoring
• Incident Response and Forensics
• Endpoint Security Monitoring
• System and Cloud Hardening
• Threat Hunting
• Malware Analysis
• Red Teaming & Threat Emulation
• Cloud Security
• Scenarios, Objectives and Injects in Cyber Exercises

SKILLS:
• Apply cyber security policies and best practices
• Use tools like Burp Suite, Nessus, and OpenVAS for vulnerability management
• Perform network and system security assessments
• Conduct threat hunting and utilise threat intelligence
• Analyse network traffic and perform digital forensics
• Execute advanced malware analysis and red teaming exercises
• Implement and manage cloud security measures
• Communicate, coordinate, and cooperate with internal and external stakeholders
• Model and identify threat actors’ tactics, techniques, and procedures (TTPs)

Tavoitteet

Huom! Tähän haetaan opiskelijoita erillishaulla. Tätä ei voi vapaasti valita.

Oppimateriaalit

Specific to the training platform used

Opetusmenetelmät

Problem-based learning

Tenttien ajankohdat ja uusintamahdollisuudet

This course does not include an exam

Pedagogiset toimintatavat ja kestävä kehitys

Pedagogical method follows Problem-Based Learning (PBL). In the cybersecurity training program PBL emphasizes real-world problem-solving, critical thinking, and practical application of knowledge. Students are engaged in active learning through complex, real-world scenarios, enhancing their ability to analyse, collaborate, and develop practical solutions. This method aligns well with the program's goals of preparing students for competitive cybersecurity events by teaching essential skills such as teamwork, incident response, and adaptability.

Opiskelijan ajankäyttö ja kuormitus

Practical laboratory-intensive assignments conducted in training environment(s)

Arviointimenetelmät ja arvioinnin perusteet

The assessment will be based on the completion and performance in technical lab assignments across different modules running on different training and exercise platforms.
Grade criteria, number of successfully completed technical modules or assignments:
<50% = failed
50-59 % = 1
60-69 % = 2
70-79 % = 3
80-89 % = 4
>=90 % = 5

Lisätiedot

Communication channel: E-mail
Guidelines on the use of Artificial Intelligence: The use of artificial intelligence is generally prohibited in this course. However, exceptions may be made on a case-by-case basis for specific assignments, exercises, or learning activities. Detailed instructions will be provided where applicable.