The teaching language is English but the assignments can also be done in Finnish.

- The basic concepts of data security. CIA (confidentiality, integrity, availability). Confrontation. The attacker's perspective and pentest. What does ICT security involve? The most effective, common and successful techniques for attacking businesses.
- Low hanging fruit, defender’s perspective. Basic ICT security tools. ICT security with ulterior tools. Possible additional issues: easy attacks in practice.
- Encryption. Importance of CIA. How to decrypt encryption? When does encryption need not be broken? Symmetric and asymmetric encryption. Seals. Two-sided authentication. Traffic measurement intelligence.
- Practical encryption techniques. Email encryption with PGP. Public Key Infrastructure. Decentralised and centralised trust. TLS CA vs. PGP PKI trust.
- Modern encryption techniques. Anonymous networks, TOR. Virtual private networks and their substitutes. Encrypted, decentralised distributed file sharing within an organisation.
- Block chains
- Cryptocurrency

Depending on the implementation, learning takes place in contact lessons, independent studies, teamwork and online-studies. The course includes the assessment of one’s own learning.

Theoretical instruction combined with practical demonstrations. Laboratory exercises in a computer lab. Independent work (reading and practice) and reporting. There are 25 machines and seats in the laboratory, so the number of participants is limited to this.

Recognition of prior learning (RPL)
If students have acquired the required competence in previous work tasks, recreational activities or on another course, they can show their competence via a demonstration. The demonstration must be agreed with the course teacher. More information and instructions for recognising and validating prior learning (RPL) are available at https://www.haaga-helia.fi/en/recognition-learning Look at "Instructions to students (master)"

No replacements.

When the implementation type of the course is contact, online or blended it is required that the student is present during those teaching hours that are marked in the study schedule. If you are absent more than 25%, your grade will be lowered by one. If you are absent more than 50%, the course is failed.

The basic knowledge of Linux is useful.

The student knows the concepts of information security at a basic level, can use the required tools individually by following instructions in a book, has returned homework, but failed to complete all tasks due to recurring situations, which have prevented the continuation of study.

The student is familiar with the basic concepts of information security and is able to explain in a general way, for example, how they can be used as tools; can use the tools in normal situations and is able to identify examples of how to apply security principles to everyday personal and business life.

The student understands the basic concepts of information security and the tools to be used in that relationship; identifies examples of the use of basic concepts – also within new situations; is able to solve simple problem situations and use new features that have been added to familiar tools; can identify threats to security and is able to put them in context and is able to initiate the improvement of personal and business security by applying principles found in to day-to-day data knowledge security.