Siirry suoraan sisältöön

Web Application Security (5 op)

Toteutuksen tunnus: TTKW0210-3002

Toteutuksen perustiedot


Ilmoittautumisaika
01.11.2021 - 09.01.2022
Ilmoittautuminen toteutukselle on päättynyt.
Ajoitus
10.01.2022 - 11.02.2022
Toteutus on päättynyt.
Opintopistemäärä
5 op
Lähiosuus
0 op
Virtuaaliosuus
5 op
Toteutustapa
Verkko-opetus
Yksikkö
Teknologiayksikkö
Toimipiste
Lutakon kampus
Opetuskielet
englanti
Paikat
0 - 35
Koulutus
Tieto- ja viestintätekniikka (AMK)
Opettajat
Joonatan Ovaska
Ryhmät
TTV19S1
Tieto- ja viestintätekniikka
Opintojakso
TTKW0210
Toteutukselle TTKW0210-3002 ei löytynyt varauksia!

Arviointiasteikko

0-5

Tavoitteet

This course enables the student to think about web application security in a holistic fashion. The student will learn an effective toolset and methodology for finding, exploiting, and fixing common web application vulnerabilities.

Sisältö

This is a course about applied cyber security. We will consider common web application vulnerabilities through a series of hands-on exercises using real-world examples (mostly).

We will address various topics related to web and web applications, such as the browser security model, input validation, servlet containers, databases and injections.

We will address current trends in cyber security landscape, and their effect on the web.

Oppimateriaalit

Real-World Bug Hunting: A Field Guide to Web Hacking

Opetusmenetelmät

Lecture videos, assignment solving, book

Toteutuksen valinnaiset suoritustavat

The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.

Opiskelijan ajankäyttö ja kuormitus

One credit (1 Cr) corresponds to an average of 27 hours of work.

- lectures 10 h
- assignments 60 h
- independent study 45 h
- reading and reflecting documentation 20 h
Total 135 h

Arviointikriteerit, tyydyttävä (1)

5: The student is able to independently find, exploit, and mitigate common web application vulnerabilities. The student can create and modify exploits to achieve the desired goals. The student can write a succinct report that covers all the salient findings and mitigation recommendations for all vulnerability types addressed by this course. The student is able to update their knowledge independently by following various news and research outlets.

4: The student is able to find and mitigate common web application vulnerabilities. The student can modify and create simple exploits to achieve desired goals. The student can write a report that covers findings and mitigation recommendations for most vulnerability types addressed by this course. The student is able to update their knowledge independently by following various news and research outlets.

3: The student is able to find and mitigate common web application vulnerabilities. The student can understand the working principles of existing exploit techniques. The student can write a report that covers most findings and mitigation recommendations for most vulnerability types addressed by this course. The student is able to update their knowledge independently by following various news and research outlets.

2: The student is able to find common web application vulnerabilities. The student can understand the working principles of existing exploit techniques. The student can write a report that covers most findings and mitigation recommendations for most vulnerability types addressed by this course. The student is able to update their knowledge independently by following various news and research outlets.


1: The student is able to find simple web application vulnerabilities. The student can understand the basics of existing exploit techniques. The student can write a report that covers findings and mitigation recommendations for some vulnerability types addressed by this course. The student is able to find information about major news and events.

0: The student does not meet the criteria set for grade 1.

The learning outcomes of individual courses are assessed in relation to the objectives of the course concerned. Unless otherwise defined in the curriculum, a course accepted as completed is assessed either on the following five-step scale: 5 (Excellent), 4 (Very Good), 3 (Good), 2 (Satisfactory), 1 (Sufficient) or it is graded as Pass/Fail, marked as “S (Pass)” and “0 (Fail)”.
If the student does not meet the minimum criteria set for the course, the grade is 0 (Fail).

Esitietovaatimukset

The course requires a solid understanding of programming and previous experience in web technologies. The student must be comfortable using command line tools.

Lisätiedot

Exchange Student: 5

Siirry alkuun