Auditing, Penetration Testing and Red Teaming (5 cr)
Code: TTC6550-3009
General information
Enrollment
18.11.2024 - 09.01.2025
Timing
13.01.2025 - 30.04.2025
Number of ECTS credits allocated
5 op
Virtual portion
5 op
Mode of delivery
Online learning
Unit
School of Technology
Teaching languages
- English
Seats
0 - 35
Degree programmes
- Bachelor's Degree Programme in Information and Communications Technology
Teachers
- Heikki Järvinen
Groups
-
TTV22S5Tieto- ja viestintätekniikka (AMK)
-
TTV22S2Tieto- ja viestintätekniikka (AMK)
-
TTV22S3Tieto- ja viestintätekniikka (AMK)
-
TIC22S1Bachelor's Degree Programme in Information and Communications Technology
-
TTV22S1Tieto- ja viestintätekniikka (AMK)
-
TTV22SMTieto- ja viestintätekniikka (AMK)
-
TTV22S4Tieto- ja viestintätekniikka (AMK)
-
TTV22SM2Tieto- ja viestintätekniikka (AMK)
- 13.01.2025 12:15 - 16:00, Ethical Hacking -moduulin opintojaksoinfo
- 15.01.2025 08:15 - 10:45, Auditointi, Penetraatiotestaus ja Red Team -toiminta TTC6550-3009
- 22.01.2025 08:15 - 10:45, Auditointi, Penetraatiotestaus ja Red Team -toiminta TTC6550-3009
- 29.01.2025 08:15 - 10:45, Auditointi, Penetraatiotestaus ja Red Team -toiminta TTC6550-3009
- 05.02.2025 08:15 - 10:45, Auditointi, Penetraatiotestaus ja Red Team -toiminta TTC6550-3009
- 12.02.2025 08:15 - 10:45, Auditointi, Penetraatiotestaus ja Red Team -toiminta TTC6550-3009
- 19.02.2025 08:15 - 10:45, Auditointi, Penetraatiotestaus ja Red Team -toiminta TTC6550-3009
- 05.03.2025 08:15 - 10:45, Auditointi, Penetraatiotestaus ja Red Team -toiminta TTC6550-3009
- 12.03.2025 08:15 - 10:45, Auditointi, Penetraatiotestaus ja Red Team -toiminta TTC6550-3009
- 19.03.2025 08:15 - 10:45, Auditointi, Penetraatiotestaus ja Red Team -toiminta TTC6550-3009
- 26.03.2025 08:15 - 10:45, Auditointi, Penetraatiotestaus ja Red Team -toiminta TTC6550-3009
- 02.04.2025 08:15 - 10:45, Auditointi, Penetraatiotestaus ja Red Team -toiminta TTC6550-3009
- 09.04.2025 08:15 - 10:45, Auditointi, Penetraatiotestaus ja Red Team -toiminta TTC6550-3009
- 16.04.2025 08:15 - 10:45, Auditointi, Penetraatiotestaus ja Red Team -toiminta TTC6550-3009
- 23.04.2025 08:15 - 10:45, Auditointi, Penetraatiotestaus ja Red Team -toiminta TTC6550-3009
- 30.04.2025 08:15 - 10:45, Auditointi, Penetraatiotestaus ja Red Team -toiminta TTC6550-3009
Objectives
The purpose of the course
You will learn the principles of auditing, penetration testing and Red Teaming.
Competences
EUR-ACE: Knowledge and understanding
EUR-ACE: Engineering practice
EUR-ACE: Multidisciplinary competences
EUR-ACE: Communication and team-working
Learning objective of the course
After completing the course the student knows the most commonly used evaluation and auditing principles. The student is also able to apply security testing methods, techniques and tools in practice. Additionally, the student knows the basic concepts and implementation criteria of security testing.
Content
Auditing
- data security and data protection
- classification of data and protection methods
- data security assessment and auditing
- standardization and data security standards
- certification and accreditation
- data security testing and testing process
- data security testing methods and techniques
Penetration testing
- data security testing of data networks
- data security testing of systems
- data security testing of client applications
- data security testing of server applications
- vulnerability management
Red Teaming:
- operational models
- model for outline of requirements
- Red Teaming examples
- Threat modelling basics
Learning materials and recommended literature
Materials in the e-learning environment.
Teaching methods
- lectures
- independent study
- distance learning
- webinars
- small group learning
- exercises
- learning tasks
- seminars
Practical training and working life connections
- visiting lecturers
- projects
Exam dates and retake possibilities
The possible date and method of the exam will be announced in the course opening.
Alternative completion methods
The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.
Student workload
One credit (1 Cr) corresponds to an average of 27 hours of work.
- lectures 52 h
- exercises 15 h
- assignment 36 h
- independent study 32 h
Total 135 h
Further information for students
The course assessment methods will be presented during the first meeting.
Evaluation scale
0-5
Evaluation criteria, satisfactory (1-2)
Sufficient 1: The student knows the theory sufficiently and recognizes some parts of auditing, penetration testing and Red Teaming. The student is able to plan and implement parts of data security auditing.
Satisfactory 2: The student knows the theory satisfactorily and recognizes parts of auditing, penetration testing and Red Teaming. The student is able to plan and implement parts of data security auditing.
Evaluation criteria, good (3-4)
Good 3: The student knows the theory well and recognizes parts of auditing, penetration testing and Red Teaming. The student is able to plan and implement parts of data security auditing.
Very good 4: The student knows the theory very well and recognizes parts of auditing, penetration testing and Red Teaming. The student is able to plan and implement a data security audit.
Evaluation criteria, excellent (5)
Excellent 5: The student knows the theory excellently and recognizes extensively parts of auditing, penetration testing and Red Teaming. The student is able to plan and implement a data security audit.
Prerequisites
Basics of linux, cyber security, data networks