Network and Applications Security (5 op)

Tavoitteet

The student is able to
- act ethically as a member of study group, community and
working-life partners
- explain the role of ethical hacking in the offensive and defensive
network and applications security
- plan penetration testing process including footprinting,
reconnaissance, scanning networks, enumeration, vulnerability
analysis and system hacking
- select tools and techniques used in penetration testing process
- select appropriate security controls to network security based on
vulnerability analysis
- use the most common penetration testing tools in virtualized
training environment
- reflect and develop his or her own learning process and
working-life skills

Aika ja paikka

This course is fully online and flexible, allowing you to study at your own pace with weekly deadlines. Optional tutoring sessions are available for extra support.

Oppimateriaali ja suositeltava kirjallisuus

Learning materials are provided by a third-party provider, and all access links are available in Canvas. Students are expected to follow weekly deadlines and can join optional tutoring sessions for additional support.

Toteutustapa

o This study unit is fully online learning with the possibilities of volunteer tutoring meetings with the teachers.
o The tutoring meetings are not compulsory. Any student can participate in tutoring meeting if they need any help from teachers.
o Students need to commit weekly based on regular studies.
o Online studies, weekly basis distance learning and assignments:
>> Online Learning: Weekly module-based online learning activities including video training tutorials, eBook and other study materials.
>> This is an advanced level cybersecurity course. It demands analytical and competence development efforts (See EQF-NQF guidelines or Laurea Competence Based Study guideline).
>> Learning Tasks: Weekly assignments including material study, learning reflections and finishing targeted learning tasks.
>> This course is a professional online training program facilitated by world-class experts video training from an authorised professional training provider. This course is not a traditional teacher's lecture-based format

Note:
- The content is mapped with the Certified Ethical Hacker curriculum and hands-on lab work.
- The study unit provides preparatory training for Certified Ethical Hacker but not certification exam.
- Prerequisites: R0318 Introduction to Information Security & R0319 Information Security Management OR R0385 Information Infrastructure and Security & A9185 Network Applications OR equivalent competence

VERY IMPORTANT: Any students participated old study unit titled, "Enterprise Applications Security (R0323)" with Certified Ethical Hacker professional training. Please don't enrol and participate in this study unit. This study unit is an updated version of the previous curriculum's course "Enterprise Applications Security (R0323)"

Työelämäyhteistyö ja/tai TKI

From time to time, students can take part in events, seminars, and workshops. There are also announcements about internships, working life projects, and thesis opportunities from partners. In the past, students have joined events like the Nokia Hackathon, Digia Hackathon, and visits to Nixu Corporation’s Cyber Defense Center. There may also be chances to join EU and Finnish research and development projects through Laurea.

Toteutuksen tärkeät päivämäärät

All course details are available in the course management system (canvas) for accepted students only. Teachers will send a welcome email with induction information to accepted students via Laurea student email. Inactive students will be removed from the study unit after the first week (orientation period). The study unit is divided into two main periods with fixed start and end dates. Students may progress at a faster pace within each period but must meet the minimum module-based deadlines.

Kansainvälisyys toteutuksella

The course includes participants from both Finnish and English degree programmes and is suitable for exchange students. It also involves collaboration with industry partners and is connected to European and international innovation projects.

Toteutuksen valinnaiset suoritustavat

o This study unit is for regular ICT & Cybersecurity students who prefer online studies.
o There is no parallel alternative method to finish this study unit.
o Any students achieved "Certified Ethical Hacker" professional training can contact teachers for AHOT (Competence Evaluation & Assessment)

Note:
>> Finishing online learning (as per requirement) is a basic requirements to consider for evaluation and grading. If student not finishing online learning as per requirements, not qualifying for evaluation and grading.

Opiskelijan ajankäyttö ja kuormitus

The course requires a study effort of 5 ECTS, which equals approximately 137.5 hours of work. This workload reflects full-time study expectations and is aligned with the intended learning outcomes

Sisältö ja sen jaksotus

The content of the study unit is mapped with Certified Ethical Hacker(CEH) professional certification. The content covers professional training and hands-on lab practices on virtual lab environment. Following are listed modules:

Period-1
-----------
Module-1: Information & Cyber Security and Ethical Hacking Overview
Module-2: Reconnaissance Techniques-1
Module-2: Reconnaissance Techniques-2
Module-4: System Hacking Phases and Attack Techniques-1
Module-5: System Hacking Phases and Attack Techniques-2

Period-1
-----------
Module-6: Network and Perimeter Hacking
Module-7: Web Application Hacking-1
Module-8: Web Application Hacking-2
Module-9: Wireless Network, Mobile Platform, IoT, and OT Hacking
Module-10: Cloud Computing Hacking and Cryptography

Arviointiasteikko

H-5

Esitietovaatimukset

Prerequisites:
R0318 Introduction to Information Security & R0319 Information
Security Management OR R0385 Information Infrastructure and
Security & A9185 Network Applications OR equivalent
competence

Lisätiedot

The study unit is an advanced cybersecurity. It is suitable for graduate level students. Considering following points:
o Student must know: how company/organization works.
o Students knows the basics of ICT-technologies and Introduction to Information Security.
o Student is able to study independently with weekly-biweekly schedule.

VERY IMPORTANT: Any students participated old study unit titled, "Enterprise Applications Security (R0323)" with Certified Ethical Hacker professional training. Please don't enrol and participate in this study unit. This study unit is an updated version of the previous curriculum's course "Enterprise Applications Security (R0323)"

Important Notes:
--Any student who is willing to learn the overview of information security technologies, we recommend to participate following study unit: Introduction to Information Security.
--This study unit is prioritized for TIKO and BIT students
--Safety, Security and Risk Management students should take the study unit TO007BN Information and Cybersecurity Management after R0186 Information and Cybersecurity before participating this study unit.
--Inactive students are removed from the study unit after orientation period (the first week of the study unit)
--------------
Cybersecurity Professional Training and Body of Knowledge (BoK): This course is part of Laurea's advanced cybersecurity study offerings and professional training. The specific modules and topics covered in this course are mapped with professional skills development focus areas. Some topics may vary and overlap depending on the context. However, the overlapping of topics is a common feature of cybersecurity courses, and it is justified by the complexity and ever-evolving nature of the field. There is also a practical reason for the overlapping of topics in cybersecurity courses. Many cybersecurity courses are offered online, and it is not always possible to offer a course that covers a single topic in sufficient depth. By offering courses that cover multiple topics, universities can ensure that students have access to the knowledge and skills they need to succeed in the cybersecurity field.

Cybersecurity is a complex and ever-evolving field, so it is important for cybersecurity professionals to have a broad understanding of the field. This can be achieved by taking courses that cover a variety of topics, even if some of the topics overlap. However, it is important to note that the depth and context of the topics may vary depending on the course.