ONLINE: Fully remote, mandatory participation to classes.
- Teaching in video conference
- Independent study, reading, summarizing, solving technical tasks and reporting, giving feedback to fellow students
- The assessment of one’s own learning 1 h
- Studying includes classes and exercises
Online course, fully remote. Requires active participation to classes in video conference, at the time marked in the timetable.
To participate, you'll need Internet connection, headphones, camera and a computer where you can install Linux on a virtual machine (with instructions). To be able to discuss pentest techniques, you must accept course rules.
Articles, videos and book chapters provided by teacher. Software is mostly free open source software used in the industry, with the aim of providing a fully licensed copy to student's use even after the course.
- Schneier 2015: Applied Cryptography
- Santos et al 2017: Security Penetration Testing - The Art of Hacking Series
- MITRE: ATT&CK Enterprise Matrix.
- Felten et al 2015: Bitcoin and Cryptocurrency Technologies
- Schneier 1999: Modeling security threats
- Debian 11 Bullsyeye non-free
- Karvinen 2022: Cracking Passwords with Hashcat
Previous homework, student feedback, reading lists on https://terokarvinen.com/2021/trust-to-blockchain-2022/
Please note that this is not a penetration testing course, even if some of the exercises demonstrate similar techniques. If you want to learn penetration testing, have the time and technical background, consider my non-masters level course "Tunkeutumistestaus" in addition to this course.
Reading list is likely to change during the course. Paid content behind paywalls could be available for free using Haaga-Helia student access.
Many participants are usually already working in the field, which hopefully leads to interesting discussions. No matter if you're a CEO, CIO, helpdesk worker (or not working with IT at all), you're welcome here.
Likely international participation. It's possible to publish homework reports to talk to international audience. Course material is developed by authors from many countries, and some technical tools are multinational FOSS (Free, open source software) projects.
24.10.2022 - 16.12.2022
- Active participation in the classes, including discussions and technical tasks - Presentation - Homework, including reporting technical tasks - Cross evaluation of reports and giving helpful feedback to fellow students
13.06.2022 - 21.10.2022
In course homepage, updated during the course.
- Organizing. Overview of the course. Fundamentals vs common attacks.
- Adversarial situation. The most common ways to attack companies
- Encryption. CIA tirad in encryption. Symmetric and asymmetric encryption.
- Hashing. Two way authentication.
- Practical encryption technieques.
- New applications for encryption.
- Bitcoin and cryptocurrencies. Incentives. Consensus.
15 - 25
Homework reports, active participation in classes, cross evaluation, presentations.
BUTEM Degree Programme in Business Technologies, ATBUM Degree Programme in Aviation and Tourism Business, LEBUM Degree Programme in Leading Business Transformation