Data Security Testing (3 cr)
Code: TTKS0700-3001
General information
- Enrollment
-
03.08.2020 - 30.08.2020
Registration for the implementation has ended.
- Timing
-
31.08.2020 - 18.12.2020
Implementation has ended.
- Number of ECTS credits allocated
- 3 cr
- Local portion
- 2 cr
- Virtual portion
- 1 cr
- Mode of delivery
- Blended learning
- Unit
- TA10 - IT-instituutti
- Campus
- Lutakko Campus
- Teaching languages
- English
- Seats
- 0 - 28
- Degree programmes
- Bachelor's Degree Programme in Information and Communications Technology
Evaluation scale
0-5
Objective
After completing the course, the student knows the common evaluation and auditing criteria used in security testing. The student is also able to apply security testing methods, techniques and tools into practice. In addition, the student masters the basic concepts and implementation criteria of security testing.
Content
The course covers the following areas
o Information security and privacy
o Information classification and security methods
o Good practice on information management and data processing
o Security assessment and auditing
o Standardization and security standards
o Certification and accreditation
o Security testing and testing process
o Security testing methods and techniques
o Security testing tools and testing results
o Documentation and reporting of security testing
o Network security testing
o System software security testing
o Client-side application security testing
o Server-side application security testing
o Vulnerability management
Materials
The materials required to pass the course o lecture material o PCI Data Security Standard Council, Penetration Testing Guidance o NIST, Technical guide to information security testing and assessment
Completion alternatives
The items of assessment affecting the grade and the weighting of the grade o Exam (66%) o Group assignment (34%)
Student workload
One credit (1 Cr) corresponds to an average of 27 hours of work.
Lectures 30 h, independent study 20h, assignments 30 h, other 1 h
Assessment criteria, satisfactory (1)
Sufficient (1): The student knows the course-related terminology and is able to utilize the security testing methods, techniques and tools studied in the course when assisted. In addition, the student knows criteria and practices concerning security testing.
Satisfactory (2): The student knows the course-related terminology and is able to utilize the security testing methods, techniques and tools in practice when guided. In addition, the student knows criteria and practices concerning criteria and practices.
Assessment criteria, good (3)
Good (3): The student knows the terminology the course-related terminology and is able to utilize the security testing methods, techniques and tools studied in the course in practice when instructed. In addition, the student knows criteria and practices concerning security testing and is able to apply them limitedly to testing situations and results.
Very good (4): The student masters the course-related terminology and is able to almost independently apply the security testing methods, techniques and tools studied in the course into practice. In addition, the student knows criteria and practices concerning security testing and is able to apply them generally to testing situations and results
Assessment criteria, excellent (5)
Excellent (5): The student masters the course-related terminology and is able to independently apply the security testing methods, techniques and tools studied in the course into practice. In addition, the student knows the criteria and practices concerning security testing and is able to apply them extensively to testing situations and results.
Qualifications
Operating Systems