Skip to main content

Auditing and Penetration TestingLaajuus (5 cr)

Code: TT00CE09

Credits

5 op

Teaching language

  • Finnish
  • English

Responsible person

  • Joonatan Ovaska

Objective

After completing the course, the student knows the general assessment and auditing criteria used in safety testing. The student also knows how to apply safety testing methods, techniques, and tools in practice. In addition, the student masters the basic concepts and implementation criteria of safety testing.

EUR-ACE Knowledge and understanding
You will know the basic methods of penetration testing by applying theory and practice. You will understand their significance when performing the audit.

EUR-ACE Engineering practice
You can analyze methods related to auditing and penetration testing, applying practice and theory.

EUR-ACE: Multidisciplinary competence
You understand the multidimensional nature of auditing and its impact on the environment being tested, as well as understand the auditor's great responsibility in this. You recognize that the field is constantly developing and changing, and you are ready to develop with it.

EUR-ACE Investigations and information retrieval
You know how to plan and carry out tests in the environment, interpret documents, other input data and results, and evaluate the correctness of measurements, and work in the device environment safely and following good practices.

Content

In this course, you will learn the basic concepts and implementation criteria of security testing, as well as general evaluation and audit principles. You will be able to practically apply security testing methods, techniques, and tools. You will understand the basic methods of penetration testing and their importance in auditing. The course equips you with the skills to analyze methods related to auditing and penetration testing, and to work safely and effectively in a device environment.

The course teaches the basics of auditing as well as security testing both from the point of view of auditing and more generally. The course focuses on practical skills and theoretical foundation, which is indispensable in modern security.
During the course the participants get an in-depth perspective to security testing and auditing, thus learning practical skills and theoretical foundation and practices for protection of their organisations from security risks and vulnerabilities.

Penetration testing / Security testing
Auditing
Standards, practices, processes and frameworks

Qualifications

Linux basics
Cyber security
Data networks

Assessment criteria, satisfactory (1)

Sufficient (1)
The student knows and understands the basic concepts and theory related to auditing and penetration testing. The student can use the tools needed for information security testing with assistance. The student knows about the criteria needed for auditing and that they affect the target companies in many areas. The student is able to participate and communicate as part of the audit team with assistance.

Satisfactory (2)
The student knows and understands the basic concepts and theory related to auditing and penetration testing. The student knows how to use the tools needed for information security testing with instruction. The student knows about the criteria needed for auditing and that they affect the target companies in many areas. The student is able to participate and communicate as part of the audit team with guidance.

Assessment criteria, good (3)

Good (3)
The student knows and understands the basic concepts of auditing and penetration testing and the related theory in a versatile way. The student knows how to use the tools needed for information security testing. The student knows about the criteria needed for auditing and how they affect the target companies in various fields. The student is able to participate and communicate as part of the audit team.

Very good (4)
The student knows and understands auditing and penetration testing concepts and related theory in a versatile way. The student knows how to use the tools needed for information security testing in an advanced manner. The student knows and understands audit criteria and how they affect target companies and their stakeholders in a multidisciplinary way. The student is able to participate and communicate, either alone or as part of the audit team.

Assessment criteria, excellent (5)

Excellent (5)
The student knows and understands auditing and penetration testing concepts and related theory excellently. The student knows how to use and select suitable tools for information security testing in an advanced manner. The student knows and understands the audit criteria and how they affect the target companies and their stakeholders, both indirectly and directly. The student can participate and communicate as part of the audit team or be in charge of the audit team.