Study Guide

Learning outcomes

Learning targets:
The student is able to
- act ethically as a member of study group, community and
working-life partners
- explain network discovery, reconnaissance, harvesting and
vulnerability analysis techniques
- select appropriate tools for network discovery reconnaissance,
harvesting and vulnerability analysis
- analyze network vulnerabilities with network discovery,
reconnaissance, harvesting and analyzing tools
- reduce the attack surface of a network host
- present the results of network reconnaissance and vulnerability
analysis in professional format
- reflect and develop their own learning process working-life
and practitioners skills

Teaching methods

o This study unit is fully online learning with the possibilities of volunteer tutoring meetings with the teachers.
o The tutoring meetings are not compulsory. Any student can participate tutoring meeting if they need any help from teachers.
o Students need to commit weekly based regular studies.
o Online studies, weekly basis distance learning and assignments:
>> Online Learning: Weekly module based online learning activities including video training tutorials, eBook and other study materials.
>> This is an advanced level cybersecurity course. It demands analytical and competence development efforts (See EQF-NQF guidelines or Laurea Competence Based Study guideline).
>> Learning Tasks: Weekly assignments including material study, learning reflections and finishing targeted learning tasks.
>> This course is a professional online training program facilitated by world-class experts video training from an authorised professional training provider. This course is not a traditional teacher's lecture-based format

Note:
- The content is mapped with the CompTIA Cybersecurity Analyst+ curriculum and hands-on labwork.
- The study unit provides preparatory training for CompTIA Cybersecurity Analyst+ but not certification exam.
- Prerequisites: R0318 Introduction to Information Security & R0319 Information Security Management OR R0385 Information Infrastructure and Security & A9185 Network Applications OR equivalent competence

VERY IMPORTANT: Any students participated old study unit titled, "Cybersecurity (A9158)" with Certified Ethical Hacker professional training. Please don't enrol and participate in this study unit. This study unit is an updated version of the previous curriculum's course "Cybersecurity (A9158)"

Location and time

The course is online and not dependent on place or time (online distance studies)
=======
• Course start: Monday, September 4, 2023
• Canvas workspace access: Monday, September 4, 2023
• Volunteer Orientation session: Wednesday, September 6, 2023 at 3:00 PM via Zoom (Zoom link will be available on the Canvas schedule page on September 4)
• Deadline to finish orientation module: Thursday, September 14, 2023 midnight
• Tutoring sessions: Teachers are offering volunteer tutoring session during the entire course schedule. The details will be provided in Canvas course schedule and roadmap (including Zoom links)
• If you are unable to attend the volunteer session, do not worry. The course is designed to be self-paced and can be completed online. However, it is important to make sure to meet the scheduled weekly deadlines and study effectively.

Very important to note, If you are not participating "Introduction to Information Security" course and participating both advanced cybersecurity courses. You can ignore your calendar entry with the name "Introduction to Information Security" that lasts from 15:00 to 17:30

Learning materials and recommended literature

This course offers the following learning methods and materials:
---
o Online training: You will complete the online training using Laurea's Cybersecurity Professional Training platform and Canvas. The training covers a variety of topics, including cybersecurity fundamentals, threat analysis, and incident response.
o Hands-on lab exercises: You will also have the opportunity to participate in hands-on lab exercises. These exercises will give you the chance to practice your skills in a safe and controlled environment.
o Tutoring sessions: Volunteer tutoring sessions will be offered throughout the course. These sessions will provide you with additional support and help you to succeed in the course.

o Note: The course is designed to be self-paced and can be completed online. However, it is important to make sure to meet the scheduled weekly deadlines and study effectively.

Alternative completion methods of implementation

o This study unit is for regular ICT & Cybersecurity students who prefer online studies.
o There is no parallel alternative method to finish this study unit.
o Any students achieved CompTIA Cybersecurity Analyst+ can contact teachers for AHOT (Competence Evaluation & Assessment)

Note:
>> Finishing online learning (as per requirement) is a basic requirements to consider for evaluation and grading. If student not finishing online learning as per requirements, not qualifying for evaluation and grading.

Co-operation with working life and/or RDI

o Time to time, we are offering events, seminars and workshop participation.
o Also offering partner's announcements of internships, working life projects and thesis opportunities for Cybersecurity Module students.

For example,
>> In the past teachers offered annual event participation including Nokia HackAthon, Digia HackAthon or Visiting our partner Nixu Corporation's Cyber Defense Center.
>> Laurea also offers EU and Finnish Research, Development and Innovation project participation.

Important dates

All details on the course management system for accepted students only.
--Teachers are sending welcome e-mail message (Laurea student emails only) with induction details to accepted students.
--Inactive students are removed from the study unit after orientation period (the first week of the study unit).
--Please note that the study unit is divided in two main periods that have fixed starting and ending dates. You can proceed with faster pace within a period than module based deadlines express but you need to meet module based deadlines at the minimum

Forms of internationality

The teachers and students are international (Finnish and English degree programme students).
- Study is suitable for exchange students.
- We are also cooperating with working life companies and both teachers are involved in European and International innovation projects.

Students workload

The student puts 5 ECTS study effort.
o 5 cr / 137,5 hours are attached to the workload of a full-time study of learning and the associated learning outcomes.

Content and scheduling

The content of the study unit is mapped with CompTIA Cybersecurity Analyst+ professional certification. The content covers professional training and hands-on lab practices on virtual lab environment. Following are listed modules:

Period-1
-----------
Module-1: Threat Intelligence and Business Continuity
Module-2: Attack Types and Malware Threats
Module-3: Encryption & Hashing and Cloud Computing
Module-4: Hardware & Security and Threat Monitoring

Period-2
-----------
Module-5: User Account Security and Network Infrastructure Security
Module-6: Software Development Security and Data Privacy
Module-7: Digital Forensics and Network Scanning & Traffic Analysis
Module-8: IT Security Risk Mitigation and Intrusion Detection & Traffic Analysis

Further information for students

The study unit is an advanced cybersecurity. It is suitable for graduate level students. Considering following points:
o Student must know: how company/organization works.
o Students knows the basics of ICT-technologies and Introduction to Information Security.
o Student is able to study independently with weekly-biweekly schedule.

Important Notes:
--Any student who is willing to learn the overview of information security technologies, we recommend to participate following study unit: Introduction to Information Security.
--This study unit is prioritized for TIKO and BIT students
--Safety, Security and Risk Management students should take the study unit TO007BN Information and Cybersecurity Management after R0186 Information and Cybersecurity before participating this study unit.
--Inactive students are removed from the study unit after orientation period (the first week of the study unit)
---------------
Cybersecurity Professional Training and Body of Knowledge (BoK): This course is part of Laurea's advanced cybersecurity study offerings and professional training. The specific modules and topics covered in a cybersecurity analyst course are mapped with professional skills development focus areas. Some topics may vary and overlap depending on the context. However, the overlapping of topics is a common feature of cybersecurity courses, and it is justified by the complexity and ever-evolving nature of the field. There is also a practical reason for the overlapping of topics in cybersecurity courses. Many cybersecurity courses are offered online, and it is not always possible to offer a course that covers a single topic in sufficient depth. By offering courses that cover multiple topics, universities can ensure that students have access to the knowledge and skills they need to succeed in the cybersecurity field.

Cybersecurity is a complex and ever-evolving field, so it is important for cybersecurity professionals to have a broad understanding of the field. This can be achieved by taking courses that cover a variety of topics, even if some of the topics overlap. However, it is important to note that the depth and context of the topics may vary depending on the course.

Grading scale

H-5

Evaluation methods and criteria

- The weekly study, assignment and tasks
- Students collect the points for different learning activities
- Online Tests

Important Note:
o Students are responsible to finish all tasks within schedule time to gain points.
o Learning Activities and Tasks: All Details given in respective Module Folders on the course management system.
o No points after the deadline.
o Sickness or family reasons - contact teacher for tutoring discussion. Sickness needs a doctor certificate.

Teachers will evaluate student work and post points after mid-term and end-term. There are two checkpoints.
Any student not finishing 'Module-0: Induction and Study Plan' will be removed from the study unit after first week of the course.

>> Grading scale (0 to 5):
0-49 points: 0
50-59 points: 1
60-69 points: 2
70-79 points: 3
80-89 points: 4
90-100 points: 5

Evaluation criteria, fail (0)

Not meeting minimum knowledge, skills and competences.

Evaluation criteria, satisfactory (1-2)

In addition to content knowledge, skills, abilities, tasks and practices a student is able to:
– use essential professional concepts when explaining various work practices and situations
– search for information in different sources
– report
– work under guidance using the skills and methods learned
– receive guidance
– plan the progress of his/her work and use of time under guidance
– work safely and in accordance with the professional code of conduct
– follow the provided instructions and rules

Evaluation criteria, good (3-4)

In addition to [1] Evaluation criteria - satisfactory (1-2) and, [2] content knowledge, skills, abilities, tasks and practices a student is able to:
– use professional concepts in a consistent manner when explaining various work practices and situations
– gather information and use his/her knowledge basis
– report in the agreed manner
– work using the skills and methods learned
– take part in guidance and utilise it
– plan and manage the progress of his/her work and use of time
– justify this/her actions in accordance with the professional code of conduct

Evaluation criteria, excellent (5)

In addition to [1] Evaluation criteria - good (3-4) and, [2] content knowledge, skills, abilities, tasks and practices a student is able to:
– use professional concepts extensively
– compare and choose relevant information
– report and communicate in a professional manner
– work independently, using the skills and methods learned
– anticipate his/her need for guidance
– manage his/her time appropriately, completing the agreed tasks at the required quality level
– work responsibly, applying the skills and methods learned
– plan and evaluate their work, taking safety and/or ethical aspects into consideration

Qualifications

Prerequisites:
R0318 Introduction to Information Security & R0319 Information
Security Management OR R0385 Information Infrastructure and
Security & A9185 Network Applications OR equivalent
competence