Study Guide

Learning outcomes

The student is able to
- act ethically as a member of study group, community and
working-life partners
- identify threats, vulnerabilities and risks associated with
organization’s systems
- recognize and apply the confidentiality, integrity and availability
model for the information and cybersecurity in practice
- comprehend differences regarding different cryptographic
methods, its applications and techniques
- plan and apply the concepts of risk assessment, risk analysis and
risk management
- outline security controls for workstation and server
environments
- implement and manage authentication and authorization
mechanisms
- reflect and develop their own learning process and
working-life skills

Teaching methods

This is an eLearning and Online study offering.

Main learning activities including weekly online learning, learning tasks and group activities. Some details listed below:
¤ Online Learning: Weekly module based online learning activities.
¤ Learning Tasks: Weekly assignments including material study, writing learning reflections and finishing targeted learning tasks.

Content:
The content is mapped with the Certified Information Systems Security Professional (CISSP) curriculum. This study unit offers 12 module learning path by acquiring the knowledge to design, implement, and manage secure information systems (topic details below).

Location and time

- Study unit starts from week-4 (24th January) to end of the semester.
- Not dependent on place or time (distance and online studies)
- Weekly online module based studies(every week regular studies).

Learning materials and recommended literature

1) Canvas provides weekly module details including details on online learning, learning task and submission of task.
2) Online learning on professional training platform for CISSP.
3) Laurea provide study material lists on course management system including eBook from Laurea online library resources.

Alternative completion methods of implementation

This study unit is for regular students who prefer to learn every week. No direct alternative method to finish this study unit. However, any students gained CISSP can consult for AHOT or recognition of early competences as per Laurea BIT norms.

Finishing online learning (as per requirement) is basic requirements to consider for evaluation and grading. If student not finishing online learning as per requirements, not qualifying for evaluation and grading.

Co-operation with working life and/or RDI

We have a good cooperation with working-life partners and RDI projects.

We have offered annual event participation including Nokia HackAthon, Digia HackAthon or Visiting our partner Nixu Corporation's Cyber Defense Center. Time to time, we also announce internships, working life projects and thesis opportunities for Cybersecurity Module students.

Important dates

>>All details on the course management system for registered students only.
- Study unit starts from week-4 (24th January) to end of the semester.
- Inactive students are removed from the study unit after orientation period (the first week of the study unit).
- Volunteer tutoring sessions: Scheduled and listed in official Peppi Calendar

Forms of internationality

- Teachers and students group are international (Finnish and English degree programme students).
- Study is suitable for exchange students.
- We are also cooperating with working life companies and both teachers are involved in European and International innovation projects.

Students workload

The student puts 5 ECTS study effort.
o 5 credits X 27 hours = 135 hours are attached to the workload of a full-time study of learning and the associated learning outcomes.

Content and scheduling

The study unit starts on week-4 and finishes at the end of semester.
¤ The weekly module open on every Monday at 09.00 and closes on Sunday midnight.


COURSE CONENT:
>> Fundamental Concepts & Principles
>> Secure Design Principles
>>Security Governance Principles
>>Security Policy
>>Asset Classification & Lifecycle
>>Risk Management
>>Practical Cryptography
>>Identify and Access Management(IAM) Principles and Deployment
>>Artchitecture, Design and Solutions Vulnerabilties
>>Site & Facility Security
>>Communication and Network Security
>>Security Operations
>>Business Continue Planning
>>Security Assessment and Testing
>>Software Development Lifecycles and Security

Further information for students

- The study unit is suitable for any graduate-level student. Considering following points:
o The student must know: how the company/organization works
o Students know the basics of ICT-technologies
o The student is able to study with weekly based schedule

- The study unit is prioritized for TIKO and BIT students.
- Safety, Security and Risk Management students should consider taking compulsory and intermediate cybersecurity courses before participating in this advanced course.
- Inactive students are removed from the study unit after orientation period (the first week of the study unit).

Grading scale

H-5

Evaluation methods and criteria

- Weekly studies
- Students collect points for different learning activities
- Online Tests
- Learning assignments and tasks
- Possible bonus task

Assessment scale:
100-90 points equals grade 5
89-80 points equals grade 4
79-70 points equals grade 3
69-60 points equals grade 2
59-50 points equals grade 1
49-0 points equals grade 0

Important Note:
o Students are responsible to finish all tasks within schedule time to gain points.
o Learning Activities and Tasks: All Details given in respective Module Folders on the course management system.
o No points after the deadline.
o Sickness or family reasons - contact teacher for tutoring discussion. We are here to help your learning process and support within Laurea Guidelines. Long term sickness needs a doctor certificate.

Teachers will evaluate student work and post points after mid-term and end-term. There are two checkpoints.
Any student not finishing 'Module-0: Induction and Study Plan' will be removed from the study unit after first week of the course.

Evaluation criteria, fail (0)

Not meeting the minimum requirements

Evaluation criteria, satisfactory (1-2)

– use essential professional concepts when explaining various work practices and situations
– search for information in different sources
– report
– work under guidance using the skills and methods learned
– receive guidance
– plan the progress of his/her work and use of time under guidance
– work safely and in accordance with the professional code of conduct
– follow the provided instructions and rules

Evaluation criteria, good (3-4)

– use professional concepts in a consistent manner when explaining various work practices and situations
– gather information and use his/her knowledge basis
– report in the agreed manner
– work using the skills and methods learned
– take part in guidance and utilise it
– plan and manage the progress of his/her work and use of time
– justify this/her actions in accordance with the professional code of conduct

Evaluation criteria, excellent (5)

– use professional concepts extensively
– compare and choose relevant information
– report and communicate in a professional manner
– work independently, using the skills and methods learned
– anticipate his/her need for guidance
– manage his/her time appropriately, completing the agreed tasks at the required quality level
– work responsibly, applying the skills and methods learned
– plan and evaluate their work, taking safety and/or ethical aspects into consideration

Qualifications

Prerequisites:
R0318 Introduction to Information Security & R0319 Information
Security Management OR R0385 Information Infrastructure and
Security & A9185 Network Applications OR equivalent
competence