Auditing, Penetration Testing and Red Teaming (5cr)

Code

General information

Enrollment: 17.11.2025 - 08.01.2026; Registration for introductions has not started yet.

Timing: 12.01.2026 - 30.04.2026; The implementation has not yet started.

Number of ECTS credits allocated: 5 cr

Local portion: 0 cr

Virtual portion: 5 cr

Mode of delivery: Online learning

Unit: School of Technology

Teaching languages: English

Seats: 0 - 35

Degree programmes: Bachelor's Degree Programme in Information and Communications Technology; Bachelor's Degree Programme in Information and Communications Technology

Teachers: Heikki Järvinen

Groups: TTV23S2
Tieto- ja viestintätekniikka (AMK); TTV23S3
Tieto- ja viestintätekniikka (AMK); TTV23S5
Tieto- ja viestintätekniikka (AMK); TTV23SM
Tieto- ja viestintätekniikka (AMK); TIC23S1
Bachelor's Degree Programme in Information and Communications Technology; TTV23S1
Tieto- ja viestintätekniikka (AMK)

Course: TTC6550

Realization has 16 reservations. Total duration of reservations is 35 h 45 min.

Time	Topic	Location
Mon 12.01.2026 time 14:30 - 16:30 (2 h 0 min)	Module Info	P2_D110 Auditorio
Thu 15.01.2026 time 08:30 - 10:45 (2 h 15 min)	Auditing, Penetration Testing and Red Teaming TTC6550-3011	Online
Thu 22.01.2026 time 08:30 - 10:45 (2 h 15 min)	Auditing, Penetration Testing and Red Teaming TTC6550-3011	Online
Thu 29.01.2026 time 08:30 - 10:45 (2 h 15 min)	Auditing, Penetration Testing and Red Teaming TTC6550-3011	Online
Thu 05.02.2026 time 08:30 - 10:45 (2 h 15 min)	Auditing, Penetration Testing and Red Teaming TTC6550-3011	Online
Thu 12.02.2026 time 08:30 - 10:45 (2 h 15 min)	Auditing, Penetration Testing and Red Teaming TTC6550-3011	Online
Thu 19.02.2026 time 08:30 - 10:45 (2 h 15 min)	Auditing, Penetration Testing and Red Teaming TTC6550-3011	Online
Thu 05.03.2026 time 08:30 - 10:45 (2 h 15 min)	Auditing, Penetration Testing and Red Teaming TTC6550-3011	Online
Thu 12.03.2026 time 08:30 - 10:45 (2 h 15 min)	Auditing, Penetration Testing and Red Teaming TTC6550-3011	Online
Thu 19.03.2026 time 08:30 - 10:45 (2 h 15 min)	Auditing, Penetration Testing and Red Teaming TTC6550-3011	Online
Thu 26.03.2026 time 08:30 - 10:45 (2 h 15 min)	Auditing, Penetration Testing and Red Teaming TTC6550-3011	Online
Thu 02.04.2026 time 08:30 - 10:45 (2 h 15 min)	Auditing, Penetration Testing and Red Teaming TTC6550-3011	Online
Thu 09.04.2026 time 08:30 - 10:45 (2 h 15 min)	Auditing, Penetration Testing and Red Teaming TTC6550-3011	Online
Thu 16.04.2026 time 08:30 - 10:45 (2 h 15 min)	Auditing, Penetration Testing and Red Teaming TTC6550-3011	Online
Thu 23.04.2026 time 08:30 - 10:45 (2 h 15 min)	Auditing, Penetration Testing and Red Teaming TTC6550-3011	Online
Thu 30.04.2026 time 08:30 - 10:45 (2 h 15 min)	Auditing, Penetration Testing and Red Teaming TTC6550-3011	Online

Changes to reservations may be possible.

Evaluation scale

0-5

Objective

The purpose of the course
You will learn the principles of auditing, penetration testing and Red Teaming.

Competences
EUR-ACE: Knowledge and understanding
EUR-ACE: Engineering practice
EUR-ACE: Multidisciplinary competences
EUR-ACE: Communication and team-working

Learning objective of the course
After completing the course the student knows the most commonly used evaluation and auditing principles. The student is also able to apply security testing methods, techniques and tools in practice. Additionally, the student knows the basic concepts and implementation criteria of security testing.

Content

Auditing
- data security and data protection
- classification of data and protection methods
- data security assessment and auditing
- standardization and data security standards
- certification and accreditation
- data security testing and testing process
- data security testing methods and techniques

Penetration testing
- data security testing of data networks
- data security testing of systems
- data security testing of client applications
- data security testing of server applications
- vulnerability management

Red Teaming:
- operational models
- model for outline of requirements
- Red Teaming examples
- Threat modelling basics

Materials

Materials in the e-learning environment.

Teaching methods

- lectures
- independent study
- distance learning
- webinars
- small group learning
- exercises
- learning tasks
- seminars

Employer connections

- visiting lecturers
- projects

Exam schedules

The possible date and method of the exam will be announced in the course opening.

Completion alternatives

The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.

Student workload

One credit (1 Cr) corresponds to an average of 27 hours of work.

- lectures 52 h
- exercises 15 h
- assignment 36 h
- independent study 32 h
Total 135 h

Assessment criteria, satisfactory (1)

Sufficient 1: The student knows the theory sufficiently and recognizes some parts of auditing, penetration testing and Red Teaming. The student is able to plan and implement parts of data security auditing.

Satisfactory 2: The student knows the theory satisfactorily and recognizes parts of auditing, penetration testing and Red Teaming. The student is able to plan and implement parts of data security auditing.

Assessment criteria, good (3)

Good 3: The student knows the theory well and recognizes parts of auditing, penetration testing and Red Teaming. The student is able to plan and implement parts of data security auditing.

Very good 4: The student knows the theory very well and recognizes parts of auditing, penetration testing and Red Teaming. The student is able to plan and implement a data security audit.

Assessment criteria, excellent (5)

Excellent 5: The student knows the theory excellently and recognizes extensively parts of auditing, penetration testing and Red Teaming. The student is able to plan and implement a data security audit.

Qualifications

Basics of linux, cyber security, data networks

Further information

The course assessment methods will be presented during the first meeting.