• Auditing and Testing Technical Security (YTCP0300-3003),
         29.08.2022 – 16.12.2022,  5 cr  (YTC21S1) — Face-to-face +-
    Learning outcomes of the course
    The student understands the purpose of security auditing and knows the restrictions of related legislations and regulations. He (she) knows the security testing methods and techniques. The student can design testing processes and the activities needed when applying technical security.

    Course Competences
    EUR-ACE: Engineering Design, Master's Degree
    EUR-ACE: Engineering Practice, Master's Degree
    EUR-ACE: Investigations, Master's Degree
    Prerequisites and co-requisites
    YTCP0100 Security Management in Cyber Domain
    Course contents
    The key topics of the course are:
    - Restrictions of legislation and regulations
    - Security testing, examination overview and techniques
    - Target and environment identification and analysis techniques
    - Target vulnerability validation techniques
    - Testing process, activities and reporting (Remediation/Mitigation)
    Assessment criteria
    Assessment criteria - grade 1 and 2
    Sufficient 1: Student has sufficient knowledge of auditing and testing process and is able to choose some of the appropriate tools and methods as a part of a testing process designing. Student is able to form a partially comprehensive analysis from technical results and can create appropriate suggestions for mitigating and remediating some of the vulnerabilities found during the auditing and testing process. In addition, student understands the restrictions of legislation and regulations affecting the operations of actors in sufficient level.

    Satisfactory 2: Student has satisfying knowledge of auditing and testing process and is able to choose some of the appropriate tools and methods as a part of a testing process designing. Student is able to form a partially comprehensive analysis from technical results and can create appropriate suggestions for mitigating and remediating all critical vulnerabilities found during the auditing and testing process. In addition, student understands the restrictions of legislation and regulations affecting the operations of actors in satisfying level.
    Assessment criteria - grade 3 and 4
    Good 3: Student has good knowledge of auditing and testing process and is able to choose most of the appropriate tools and methods as a part of a testing process designing. Student is able to form a partially comprehensive analysis from technical results and can create appropriate suggestions for mitigating and remediating all critical vulnerabilities found during the auditing and testing process. In addition, student understands the restrictions of legislation and regulations affecting the operations of actors well.

    Very Good 4: Student has very good knowledge of auditing and testing process and is able to choose appropriate tools and methods as a part of a testing process designing. Student is able to form a comprehensive analysis from technical results and can create appropriate suggestions for mitigating and remediating most vulnerabilities found during the auditing and testing process. In addition, student understands the restrictions of legislation and regulations affecting the operations of actors very well.
    Assessment criteria - grade 5
    Excellent 5: Student has excellent knowledge of auditing and testing process and is able to choose appropriate tools and methods as a part of a testing process designing. Student is able to form a comprehensive analysis from technical results and can create appropriate suggestions for mitigating and remediating most vulnerabilities found during the auditing and testing process. In addition, student understands excellently the restrictions of legislation and regulations affecting the operations of actors.
    Language of instruction

    English

    Planned learning activities, teaching methods and guidance

    - lectures
    - independent study
    - distance learning
    - webinars
    - small group learning
    - exercises
    - learning tasks
    - seminars

    Learning materials and recommended literature

    Materials in the e-learning environment.

    Lecturer(s)

    Jarmo Nevala, Joonatan Ovaska

    Working life cooperation

    - visiting lecturers
    - projects

    Exam dates and re-exam possibilities

    The possible date and method of the exam will be announced in the course opening.

    Timing

    29.08.2022 - 16.12.2022

    Learning assignments and student workload

    One credit (1 Cr) corresponds to an average of 27 hours of work.

    - lectures 52 h
    - exercises 15 h
    - assignment 35 h
    - independent study 30 h
    - company visits 3 h
    Total 135 h

    Groups
    • YTC21S1
    Alternative learning methods

    The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.

    Seats

    0 - 35

    Degree Programme

    Master's Degree Programme in Information Technology, Cyber Security

    Mode of delivery

    Face-to-face

    Credits
    • 5 cr
    Unit

    School of Technology