Information SecurityLaajuus (5 cr)
Course unit code: ICI002AS2AE
General information
- ECTS credits
- 5 cr
- Teaching language
- English
Learning objectives
- Knows key concepts of information security, both in defense and offense
- Can apply key concepts in uncomplicated cases
Contents
- Key concepts and solutions in information security
- Applications of public key encryption
- Practical tools in encryption and cryptosystems
- Auditing security
Lähtötaso ja sidonnaisuudet muihin opintojaksoihin
Student has completed courses Orientation to ICT Infrastructures ICT1TF010 and Server Technologies ICT4TF021. Alternatively, student can show he or she has obtained the same knowledge in some other way.
Assessment criteria - grade 1
When the implementation type of the course is CONTACT, ONLINE or BLENDED it is required that the student is present during those teaching hours that are marked in the study schedule. If you are absent more than 25 %, your grade will be lowered by one. If you are absent more than 50 %, the course is failed.
- Can describe key concepts in security
- Can use learned models and tools with guidance or in cookbook fashion
Assessment criteria - grade 3
- Meets and exceeds criteria for lower grades
- Can apply key security concepts in easy situations
- Can use the tools taught in the course in easy situations
Assessment criteria - grade 5
- Meets and exceeds criteria for lower grades
- Can apply key security concepts and tools in typical situations
- Understands and is able to evaluation limitations of tools and his or knowledge
- Can follow, find and learn new information on information security
Learning materials
Both classics and material varying with course instances, for example:
Schneier 2015: Applied Cryptography.
OWASP: OWASP 10 2021.
Mitre 2022: ATT&CK Enterprise Matrix.
Karvinen 2022: Install Webgoat 8 - Learn Web Pentesting.
Karvinen 2022: Install Debian on Virtualbox.
Hutchins et al 2011: Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains.
Hands-on exercises need a computer where you can install Linux on a virtual machine, following teacher's instructions. For remote learning instances, you need camera, mic and an Internet connection.
You don't need to buy books beforehand, we can often read them trough Haaga-Helia digital library and other sources, free of charge. Materials can change between course instances, e.g. to provide up-to-date articles on security.