Skip to main content

Development and Implementation of Information Security ControlsLaajuus (8 cr)

Code: TTKW0110

Credits

8 op

Teaching language

  • Finnish

Responsible person

  • Henrik Saari

Objective

The student understands the significance of various data security controls in the protection of a company's critical information systems. The student understands the purpose of technical audits for an environment. The students knows how to implement various data security controls to protect companies' critical information systems.

Content

The course contains design and implementation of various data security controls in a real, virtualized network environment, however, with an imagined, non-operative business model. Additionally, the course discusses the dependencies and potentials of various data security controls as well as their operations. E.g.

o Firewalls and network segmenting
o Remote workers and Virtual Private Network -connections
o Hardening networking equipment
o Public Key Infrastructure

Qualifications

Basic knowledge of protocols used in data networks and theory on data security technologies.

Assessment criteria, satisfactory (1)

Excellent 5: The student shows exceptional practical command of the theory on information security control design and its implementation in an environment The student is able to design data security controls needed in an environment exceptionally well and implement the data security control designs in practice in a technical environment flawlessly.

Very good 4: The student shows in practice very good knowledge and understanding of the theory on data security control design and its implementation in an environment. The student is able to commendably design data security controls needed in an environment and commendably implement their information security control designs in practice in a technical environment.

Good 3: The student shows in practice good knowledge and understanding of theory on data security control design and its implementation in an environment. The student is able to design data security controls needed in an environment and implement their data security control designs in practice in a technical environment.

Satisfactory 2: The student shows practical knowledge and understanding of the basics of data security control design and its implementation in an environment. The student is able to design the basic data security controls needed in an environment and implement the basics of their data security control designs in practice in a technical environment.

Sufficient 1: The student shows some practical knowledge and understanding about the theory on data security control design and implementation in an environment. The student is able to design some data security controls needed in an environment and implement some of their data security control designs in practice in a technical environment.

Fail 0: The student does not meet the minimum criteria set for the course.