Skip to main content

Incident Management, Response and SOCLaajuus (5 cr)

Code: TTC6060

Credits

5 op

Teaching language

  • Finnish
  • English

Responsible person

  • Heli Ciszek

Objective

The objective of the course
The student masters the most essential Security Operations Center functionalities such as organizational models, processes and technical environments.

Competences
EUR-ACE: Knowledge and understanding 
EUR-ACE: Engineering practice 

The learning objectives of the course
The student knows how to carry out different functionalities of a SOC: develop technical systems to enhance the detection capabilities of an organization, investigate detected incidents from information systems and work as a part of an organization's processes. The student can effectively work in a SOC and develop his/her work community.

Content

The course contains the concepts of SOC and organizational models. During the course, students design an organizational model for an SOC and technical tools to manage incidents.

Qualifications

Cyber Security

Assessment criteria, satisfactory (1)

Sufficient 1: The student understands some of the theory basis of SOCs. The student is able to design and implement some technical information systems for SOC. The student participates in process design in a group.

Satisfactory 2: The student understands the theory basis of SOCs. The student is able to design and implement the installations of technical information systems for an SOC. The student designs processes for an organization in a group.

Assessment criteria, good (3)

Good 3: The student has a versatile understanding of the theory basis of SOCs. The student is able to versatilely design and implement installations of technical information systems for an SOC. The student designs extensively the processes for an organization in a group.

Very good 4: The student has an in-depth understanding of the theory basis of SOCs. The student is able to thoroughly design and implement installations of technical information systems in a cyber security exercise. The student designs extensively the processes for an organization in a group.

Assessment criteria, excellent (5)

Excellent 5: The student has an out of the ordinary, excellent understanding of the theory basis of SOCs. The student is able to design and implement outstandingly the installations of technical information systems in a cyber security exercise. The student designs superbly the processes for an organization in a group.

Materials

Described in the implementation section.

Enrollment

18.11.2024 - 09.01.2025

Timing

13.01.2025 - 30.04.2025

Number of ECTS credits allocated

5 op

Virtual portion

5 op

Mode of delivery

Online learning

Unit

School of Technology

Teaching languages
  • English
Seats

0 - 35

Degree programmes
  • Bachelor's Degree Programme in Information and Communications Technology
Teachers
  • Jarmo Nevala
  • Heikki Järvinen
Groups
  • TTV22S5
    Tieto- ja viestintätekniikka (AMK)
  • TTV22S2
    Tieto- ja viestintätekniikka (AMK)
  • TTV22S3
    Tieto- ja viestintätekniikka (AMK)
  • TIC22S1
    Bachelor's Degree Programme in Information and Communications Technology
  • TTV22S1
    Tieto- ja viestintätekniikka (AMK)
  • TTV22SM
    Tieto- ja viestintätekniikka (AMK)
  • TTV22S4
    Tieto- ja viestintätekniikka (AMK)
  • TTV22SM2
    Tieto- ja viestintätekniikka (AMK)
  • ZJA25KTIKY2
    Avoin amk, Kyberturvallisuus 2, Verkko

Objectives

The objective of the course
The student masters the most essential Security Operations Center functionalities such as organizational models, processes and technical environments.

Competences
EUR-ACE: Knowledge and understanding 
EUR-ACE: Engineering practice 

The learning objectives of the course
The student knows how to carry out different functionalities of a SOC: develop technical systems to enhance the detection capabilities of an organization, investigate detected incidents from information systems and work as a part of an organization's processes. The student can effectively work in a SOC and develop his/her work community.

Content

The course contains the concepts of SOC and organizational models. During the course, students design an organizational model for an SOC and technical tools to manage incidents.

Learning materials and recommended literature

Materials in the e-learning environment.

Teaching methods

- lectures
- independent study
- distance learning
- webinars
- small group learning
- exercises
- learning tasks

Practical training and working life connections

- visiting lecturers
- projects

Exam dates and retake possibilities

The possible date and method of the exam will be announced in the course opening.

Alternative completion methods

The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.

Student workload

One credit (1 Cr) corresponds to an average of 27 hours of work.

- lectures 52 h
- exercises 15 h
- assignment 36 h
- independent study 32 h
Total 135 h

Further information for students

The course assessment methods will be presented during the first meeting.

Evaluation scale

0-5

Evaluation criteria, satisfactory (1-2)

Sufficient 1: The student understands some of the theory basis of SOCs. The student is able to design and implement some technical information systems for SOC. The student participates in process design in a group.

Satisfactory 2: The student understands the theory basis of SOCs. The student is able to design and implement the installations of technical information systems for an SOC. The student designs processes for an organization in a group.

Evaluation criteria, good (3-4)

Good 3: The student has a versatile understanding of the theory basis of SOCs. The student is able to versatilely design and implement installations of technical information systems for an SOC. The student designs extensively the processes for an organization in a group.

Very good 4: The student has an in-depth understanding of the theory basis of SOCs. The student is able to thoroughly design and implement installations of technical information systems in a cyber security exercise. The student designs extensively the processes for an organization in a group.

Evaluation criteria, excellent (5)

Excellent 5: The student has an out of the ordinary, excellent understanding of the theory basis of SOCs. The student is able to design and implement outstandingly the installations of technical information systems in a cyber security exercise. The student designs superbly the processes for an organization in a group.

Prerequisites

Cyber Security

Enrollment

01.08.2024 - 22.08.2024

Timing

24.10.2024 - 18.12.2024

Number of ECTS credits allocated

5 op

Virtual portion

5 op

Mode of delivery

Online learning

Unit

School of Technology

Teaching languages
  • Finnish
Seats

0 - 35

Degree programmes
  • Bachelor's Degree Programme in Information and Communications Technology
Teachers
  • Jarmo Nevala
  • Heikki Järvinen
Groups
  • TTV22S5
    Tieto- ja viestintätekniikka (AMK)
  • TTV22S2
    Tieto- ja viestintätekniikka (AMK)
  • TTV22S3
    Tieto- ja viestintätekniikka (AMK)
  • TTV22S1
    Tieto- ja viestintätekniikka (AMK)
  • TTV22SM
    Tieto- ja viestintätekniikka (AMK)
  • TTV22S4
    Tieto- ja viestintätekniikka (AMK)
  • ZJA24STIKY2
    Avoin amk, Kyberturvallisuus 2, Verkko
  • TTV22SM2
    Tieto- ja viestintätekniikka (AMK)

Objectives

The objective of the course
The student masters the most essential Security Operations Center functionalities such as organizational models, processes and technical environments.

Competences
EUR-ACE: Knowledge and understanding 
EUR-ACE: Engineering practice 

The learning objectives of the course
The student knows how to carry out different functionalities of a SOC: develop technical systems to enhance the detection capabilities of an organization, investigate detected incidents from information systems and work as a part of an organization's processes. The student can effectively work in a SOC and develop his/her work community.

Content

The course contains the concepts of SOC and organizational models. During the course, students design an organizational model for an SOC and technical tools to manage incidents.

Learning materials and recommended literature

Materials in the e-learning environment.

Teaching methods

- lectures
- independent study
- distance learning
- webinars
- small group learning
- exercises
- learning tasks
- seminars

Practical training and working life connections

- visiting lecturers
- projects

Exam dates and retake possibilities

The possible date and method of the exam will be announced in the course opening.

Alternative completion methods

The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.

Student workload

One credit (1 Cr) corresponds to an average of 27 hours of work.

- lectures 52 h
- exercises 15 h
- assignment 35 h
- independent study 30 h
- company visits 3 h
Total 135 h

Evaluation scale

0-5

Evaluation criteria, satisfactory (1-2)

Sufficient 1: The student understands some of the theory basis of SOCs. The student is able to design and implement some technical information systems for SOC. The student participates in process design in a group.

Satisfactory 2: The student understands the theory basis of SOCs. The student is able to design and implement the installations of technical information systems for an SOC. The student designs processes for an organization in a group.

Evaluation criteria, good (3-4)

Good 3: The student has a versatile understanding of the theory basis of SOCs. The student is able to versatilely design and implement installations of technical information systems for an SOC. The student designs extensively the processes for an organization in a group.

Very good 4: The student has an in-depth understanding of the theory basis of SOCs. The student is able to thoroughly design and implement installations of technical information systems in a cyber security exercise. The student designs extensively the processes for an organization in a group.

Evaluation criteria, excellent (5)

Excellent 5: The student has an out of the ordinary, excellent understanding of the theory basis of SOCs. The student is able to design and implement outstandingly the installations of technical information systems in a cyber security exercise. The student designs superbly the processes for an organization in a group.

Prerequisites

Cyber Security

Enrollment

20.11.2023 - 04.01.2024

Timing

08.01.2024 - 30.04.2024

Number of ECTS credits allocated

5 op

Virtual portion

5 op

Mode of delivery

Online learning

Unit

School of Technology

Teaching languages
  • Finnish
Seats

0 - 30

Degree programmes
  • Bachelor's Degree Programme in Information and Communications Technology
Teachers
  • Jarmo Nevala
  • Heli Ciszek
Groups
  • TTV21S3
    Tieto- ja viestintätekniikka (AMK)
  • TTV21S5
    Tieto- ja viestintätekniikka (AMK)
  • TTV21SM
    Tieto- ja viestintätekniikka (AMK)
  • ZJA24KTIKY2
    Avoin amk, Kyberturvallisuus 2, Verkko
  • TTV21S2
    Tieto- ja viestintätekniikka (AMK)
  • TTV21S1
    Tieto- ja viestintätekniikka (AMK)

Objectives

The objective of the course
The student masters the most essential Security Operations Center functionalities such as organizational models, processes and technical environments.

Competences
EUR-ACE: Knowledge and understanding 
EUR-ACE: Engineering practice 

The learning objectives of the course
The student knows how to carry out different functionalities of a SOC: develop technical systems to enhance the detection capabilities of an organization, investigate detected incidents from information systems and work as a part of an organization's processes. The student can effectively work in a SOC and develop his/her work community.

Content

The course contains the concepts of SOC and organizational models. During the course, students design an organizational model for an SOC and technical tools to manage incidents.

Learning materials and recommended literature

Materials in the e-learning environment.

Teaching methods

- lectures
- independent study
- distance learning
- webinars
- small group learning
- exercises
- learning tasks
- seminars

Practical training and working life connections

- excursions
- visiting lecturers
- projects

Exam dates and retake possibilities

The possible date and method of the exam will be announced in the course opening.

Alternative completion methods

The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.

Student workload

One credit (1 Cr) corresponds to an average of 27 hours of work.

- lectures 52 h
- exercises 15 h
- assignment 35 h
- independent study 30 h
- company visits 3 h
Total 135 h

Evaluation scale

0-5

Evaluation criteria, satisfactory (1-2)

Sufficient 1: The student understands some of the theory basis of SOCs. The student is able to design and implement some technical information systems for SOC. The student participates in process design in a group.

Satisfactory 2: The student understands the theory basis of SOCs. The student is able to design and implement the installations of technical information systems for an SOC. The student designs processes for an organization in a group.

Evaluation criteria, good (3-4)

Good 3: The student has a versatile understanding of the theory basis of SOCs. The student is able to versatilely design and implement installations of technical information systems for an SOC. The student designs extensively the processes for an organization in a group.

Very good 4: The student has an in-depth understanding of the theory basis of SOCs. The student is able to thoroughly design and implement installations of technical information systems in a cyber security exercise. The student designs extensively the processes for an organization in a group.

Evaluation criteria, excellent (5)

Excellent 5: The student has an out of the ordinary, excellent understanding of the theory basis of SOCs. The student is able to design and implement outstandingly the installations of technical information systems in a cyber security exercise. The student designs superbly the processes for an organization in a group.

Prerequisites

Cyber Security

Enrollment

01.08.2023 - 24.08.2023

Timing

28.08.2023 - 19.12.2023

Number of ECTS credits allocated

5 op

Virtual portion

5 op

Mode of delivery

Online learning

Unit

School of Technology

Teaching languages
  • Finnish
Seats

0 - 30

Degree programmes
  • Bachelor's Degree Programme in Information and Communications Technology
Teachers
  • Jarmo Nevala
  • Heli Ciszek
Groups
  • TTV21S3
    Tieto- ja viestintätekniikka (AMK)
  • TTV21S5
    Tieto- ja viestintätekniikka (AMK)
  • TTV21SM
    Tieto- ja viestintätekniikka (AMK)
  • TTV21S2
    Tieto- ja viestintätekniikka (AMK)
  • ZJA23STIKY2
    Avoin amk, Kyberturvallisuus 2, Verkko
  • TTV21S1
    Tieto- ja viestintätekniikka (AMK)

Objectives

The objective of the course
The student masters the most essential Security Operations Center functionalities such as organizational models, processes and technical environments.

Competences
EUR-ACE: Knowledge and understanding 
EUR-ACE: Engineering practice 

The learning objectives of the course
The student knows how to carry out different functionalities of a SOC: develop technical systems to enhance the detection capabilities of an organization, investigate detected incidents from information systems and work as a part of an organization's processes. The student can effectively work in a SOC and develop his/her work community.

Content

The course contains the concepts of SOC and organizational models. During the course, students design an organizational model for an SOC and technical tools to manage incidents.

Learning materials and recommended literature

Materials in the e-learning environment.

Teaching methods

- lectures
- independent study
- distance learning
- webinars
- small group learning
- exercises
- learning tasks
- seminars

Practical training and working life connections

- excursions
- visiting lecturers
- projects

Exam dates and retake possibilities

The possible date and method of the exam will be announced in the course opening.

Alternative completion methods

The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.

Student workload

One credit (1 Cr) corresponds to an average of 27 hours of work.

- lectures 52 h
- exercises 15 h
- assignment 35 h
- independent study 30 h
- company visits 3 h
Total 135 h

Evaluation scale

0-5

Evaluation criteria, satisfactory (1-2)

Sufficient 1: The student understands some of the theory basis of SOCs. The student is able to design and implement some technical information systems for SOC. The student participates in process design in a group.

Satisfactory 2: The student understands the theory basis of SOCs. The student is able to design and implement the installations of technical information systems for an SOC. The student designs processes for an organization in a group.

Evaluation criteria, good (3-4)

Good 3: The student has a versatile understanding of the theory basis of SOCs. The student is able to versatilely design and implement installations of technical information systems for an SOC. The student designs extensively the processes for an organization in a group.

Very good 4: The student has an in-depth understanding of the theory basis of SOCs. The student is able to thoroughly design and implement installations of technical information systems in a cyber security exercise. The student designs extensively the processes for an organization in a group.

Evaluation criteria, excellent (5)

Excellent 5: The student has an out of the ordinary, excellent understanding of the theory basis of SOCs. The student is able to design and implement outstandingly the installations of technical information systems in a cyber security exercise. The student designs superbly the processes for an organization in a group.

Prerequisites

Cyber Security

Enrollment

01.11.2022 - 05.01.2023

Timing

09.01.2023 - 28.04.2023

Number of ECTS credits allocated

5 op

Virtual portion

5 op

Mode of delivery

Online learning

Unit

School of Technology

Campus

Lutakko Campus

Teaching languages
  • Finnish
Seats

0 - 30

Degree programmes
  • Bachelor's Degree Programme in Information and Communications Technology
Teachers
  • Joonatan Ovaska
Groups
  • ZJA23KTIKY2
    Avoin amk, Kyberturvallisuus 2, Verkko

Objectives

The objective of the course
The student masters the most essential Security Operations Center functionalities such as organizational models, processes and technical environments.

Competences
EUR-ACE: Knowledge and understanding 
EUR-ACE: Engineering practice 

The learning objectives of the course
The student knows how to carry out different functionalities of a SOC: develop technical systems to enhance the detection capabilities of an organization, investigate detected incidents from information systems and work as a part of an organization's processes. The student can effectively work in a SOC and develop his/her work community.

Content

The course contains the concepts of SOC and organizational models. During the course, students design an organizational model for an SOC and technical tools to manage incidents.

Learning materials and recommended literature

Materials in the e-learning environment.

Teaching methods

- lectures
- independent study
- distance learning
- webinars
- small group learning
- exercises
- learning tasks
- seminars

Practical training and working life connections

- excursions
- visiting lecturers
- projects

Exam dates and retake possibilities

The possible date and method of the exam will be announced in the course opening.

Alternative completion methods

The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.

Student workload

One credit (1 Cr) corresponds to an average of 27 hours of work.

- lectures 52 h
- exercises 15 h
- assignment 35 h
- independent study 30 h
- company visits 3 h
Total 135 h

Evaluation scale

0-5

Evaluation criteria, satisfactory (1-2)

Sufficient 1: The student understands some of the theory basis of SOCs. The student is able to design and implement some technical information systems for SOC. The student participates in process design in a group.

Satisfactory 2: The student understands the theory basis of SOCs. The student is able to design and implement the installations of technical information systems for an SOC. The student designs processes for an organization in a group.

Evaluation criteria, good (3-4)

Good 3: The student has a versatile understanding of the theory basis of SOCs. The student is able to versatilely design and implement installations of technical information systems for an SOC. The student designs extensively the processes for an organization in a group.

Very good 4: The student has an in-depth understanding of the theory basis of SOCs. The student is able to thoroughly design and implement installations of technical information systems in a cyber security exercise. The student designs extensively the processes for an organization in a group.

Evaluation criteria, excellent (5)

Excellent 5: The student has an out of the ordinary, excellent understanding of the theory basis of SOCs. The student is able to design and implement outstandingly the installations of technical information systems in a cyber security exercise. The student designs superbly the processes for an organization in a group.

Prerequisites

Cyber Security

Enrollment

01.08.2022 - 25.08.2022

Timing

29.08.2022 - 16.12.2022

Number of ECTS credits allocated

5 op

Virtual portion

5 op

Mode of delivery

Online learning

Unit

School of Technology

Campus

Lutakko Campus

Teaching languages
  • Finnish
Seats

0 - 30

Degree programmes
  • Bachelor's Degree Programme in Information and Communications Technology
Teachers
  • Heli Ciszek
Groups
  • ZJA22STIKY2
    Avoin amk, Kyberturvallisuus 2, Verkko

Objectives

The objective of the course
The student masters the most essential Security Operations Center functionalities such as organizational models, processes and technical environments.

Competences
EUR-ACE: Knowledge and understanding 
EUR-ACE: Engineering practice 

The learning objectives of the course
The student knows how to carry out different functionalities of a SOC: develop technical systems to enhance the detection capabilities of an organization, investigate detected incidents from information systems and work as a part of an organization's processes. The student can effectively work in a SOC and develop his/her work community.

Content

The course contains the concepts of SOC and organizational models. During the course, students design an organizational model for an SOC and technical tools to manage incidents.

Learning materials and recommended literature

Materials in the e-learning environment.

Teaching methods

- lectures
- independent study
- distance learning
- webinars
- small group learning
- exercises
- learning tasks
- seminars

Practical training and working life connections

- excursions
- visiting lecturers
- projects

Exam dates and retake possibilities

The possible date and method of the exam will be announced in the course opening.

Alternative completion methods

The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.

Student workload

One credit (1 Cr) corresponds to an average of 27 hours of work.

- lectures 52 h
- exercises 15 h
- assignment 35 h
- independent study 30 h
- company visits 3 h
Total 135 h

Evaluation scale

0-5

Evaluation criteria, satisfactory (1-2)

Sufficient 1: The student understands some of the theory basis of SOCs. The student is able to design and implement some technical information systems for SOC. The student participates in process design in a group.

Satisfactory 2: The student understands the theory basis of SOCs. The student is able to design and implement the installations of technical information systems for an SOC. The student designs processes for an organization in a group.

Evaluation criteria, good (3-4)

Good 3: The student has a versatile understanding of the theory basis of SOCs. The student is able to versatilely design and implement installations of technical information systems for an SOC. The student designs extensively the processes for an organization in a group.

Very good 4: The student has an in-depth understanding of the theory basis of SOCs. The student is able to thoroughly design and implement installations of technical information systems in a cyber security exercise. The student designs extensively the processes for an organization in a group.

Evaluation criteria, excellent (5)

Excellent 5: The student has an out of the ordinary, excellent understanding of the theory basis of SOCs. The student is able to design and implement outstandingly the installations of technical information systems in a cyber security exercise. The student designs superbly the processes for an organization in a group.

Prerequisites

Cyber Security

Enrollment

01.08.2022 - 25.08.2022

Timing

01.08.2022 - 31.12.2022

Number of ECTS credits allocated

5 op

Mode of delivery

Face-to-face

Unit

School of Technology

Teaching languages
  • Finnish
Degree programmes
  • Bachelor's Degree Programme in Information and Communications Technology
Teachers
  • Heli Ciszek

Objectives

The objective of the course
The student masters the most essential Security Operations Center functionalities such as organizational models, processes and technical environments.

Competences
EUR-ACE: Knowledge and understanding 
EUR-ACE: Engineering practice 

The learning objectives of the course
The student knows how to carry out different functionalities of a SOC: develop technical systems to enhance the detection capabilities of an organization, investigate detected incidents from information systems and work as a part of an organization's processes. The student can effectively work in a SOC and develop his/her work community.

Content

The course contains the concepts of SOC and organizational models. During the course, students design an organizational model for an SOC and technical tools to manage incidents.

Learning materials and recommended literature

Materials in the e-learning environment.

Teaching methods

- lectures
- independent study
- distance learning
- webinars
- small group learning
- exercises
- learning tasks
- seminars

Practical training and working life connections

- excursions
- visiting lecturers
- projects

Exam dates and retake possibilities

The possible date and method of the exam will be announced in the course opening.

Alternative completion methods

The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.

Student workload

One credit (1 Cr) corresponds to an average of 27 hours of work.

- lectures 52 h
- exercises 15 h
- assignment 35 h
- independent study 30 h
- company visits 3 h
Total 135 h

Evaluation scale

0-5

Evaluation criteria, satisfactory (1-2)

Sufficient 1: The student understands some of the theory basis of SOCs. The student is able to design and implement some technical information systems for SOC. The student participates in process design in a group.

Satisfactory 2: The student understands the theory basis of SOCs. The student is able to design and implement the installations of technical information systems for an SOC. The student designs processes for an organization in a group.

Evaluation criteria, good (3-4)

Good 3: The student has a versatile understanding of the theory basis of SOCs. The student is able to versatilely design and implement installations of technical information systems for an SOC. The student designs extensively the processes for an organization in a group.

Very good 4: The student has an in-depth understanding of the theory basis of SOCs. The student is able to thoroughly design and implement installations of technical information systems in a cyber security exercise. The student designs extensively the processes for an organization in a group.

Evaluation criteria, excellent (5)

Excellent 5: The student has an out of the ordinary, excellent understanding of the theory basis of SOCs. The student is able to design and implement outstandingly the installations of technical information systems in a cyber security exercise. The student designs superbly the processes for an organization in a group.

Prerequisites

Cyber Security