Cyber Security - Opinto-opas

In this course, you will

- Get an overview of cyber security
- Use threat modeling to identify and priorize key risks for your own organization
- Try some aspects of security with simple hands on exercises

This course unit is part of the master's degree's curriculum. Completion of the course requires master's study entitlement.

- Can install Linux and software to a virtual machine (with some instructions)
- Can solve common computer problems, and search for solutions using web search engines

- Threat modeling
- Overview of current security scene
- Standards and models
- Security maturity
- Business continuity
- Encryption
- Authentication
- Student presentations

When the implementation type of the course is CONTACT, ONLINE or BLENDED it is required that the student is present during those teaching hours that are marked in the study schedule. If you are absent more than 25 %, your grade will be lowered by one. If you are absent more than 50 %, the course is failed.

The student knows the main concepts of cyber security at a basic level, can use the required tools individually by following instructions, has returned homework and participated classes.

Student can apply concepts in simple and straightforward way, and can provide some new viewpoints in discussions. Student has an idea how to follow the area. Student understands the link between business and cyber security.

Student meets all criteria for lower grades.

Student can apply the concepts shown. Student shows ability to follow the area and link new information to existing concepts. Student provides insight in discussions. Student can help others join the discussion and is able to explain cyber security concepts and issues on recipient level.

Student meets all criteria for lower grades.

Feedback from other security courses have been used when creating "Cyber Security" course. This includes feedback from "Tunkeutumistestaus" (Penetration Testing, has reached 5.0/5), "ICT Security Basics - from Trust to Blockchain" (has reached 4.9/5), "Information Security" (has reached 4.8/5) and others. Based on feedback, an attempt is made to: discuss in the class; link theory to practical exercises (that are not highly demanding technically); have homework with both varied reading and applied tasks. Both numeric and free form feedback for these courses is available on https://terokarvinen.com/

This course gives you grand overview of cyber security and some practice with tools implementing these principles. Even though you're expected to be able to install and configure programs and troubleshoot some errors, this is not my most technical course. For demanding technical, non-masters level offensive courses, you should consider other courses such as Tunkeutumistestaus (Penetration testing), Sovellusten hakkerointi ja haavoittuvuudet (Application hacking and vulnerabilities) or Verkkoon tunkeutuminen ja tiedustelu (Network attacks in reconnaissance).

ONLINE: Fully remote, mandatory participation to classes.

Online course, fully remote. Requires active participation to classes in video conference, at the time marked in the timetable.

To participate, you'll need Internet connection, headphones, camera and a computer where you can install Linux on a virtual machine (with instructions). To be able to discuss practical hacking techniques, you must accept course rules.

Articles, videos and book chapters provided by teacher. Software is mostly free open source software used in the industry, with the aim of providing a fully licensed copy to student's use even after the course.

For example

- Schneier 2015: Applied Cryptography
- Hutchins et al 2011: Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains (cyber kill chain)
- MITRE: ATT&CK Enterprise Matrix.
- Felten et al 2015: Bitcoin and Cryptocurrency Technologies
- Schneier 1999: Modeling security threats
- Cryptopals
- Karvinen 2022: Cracking Passwords with Hashcat

Please note that this is not a penetration testing course, even if some of the exercises demonstrate simplified versions of the same tools, tactics and procedures. If you want to learn penetration testing, have the time and technical background, consider my non-masters level course "Tunkeutumistestaus" in addition to this course.

Reading list is likely to change during the course. Paid content behind paywalls could be available for free using Haaga-Helia student access.

Many participants are usually already working in the field, which hopefully leads to interesting discussions. No matter if you're a CEO, CIO, helpdesk worker (or not working with IT at all), you're welcome here.

Pasila Campus

No exam.

English

Likely international participation. It's possible to publish homework reports to talk to an international audience. Course material is developed by authors from many countries, and some technical tools are multinational FOSS (Free, open source software) projects.

20.10.2025 - 12.12.2025

- Active participation in the classes, including discussions and technical tasks - Presentation - Homework, including reporting technical tasks - Cross evaluation of reports and giving helpful feedback to fellow students

14.05.2025 - 22.05.2025

As this is an advanced course, the agenda can update during the course.

- Threat modeling
- Overview of current security scene
- Standards and models
- Security maturity
- Business continuity
- Encryption
- Authentication
- Student presentations

Student presentations are best enjoyed & discussed troughout the course - so reserve yours early.

MAICTE
MAICTF
EVENING
ONLINE
EXCH

Tero Karvinen

31 - 60

Homework reports, active participation in classes and discussions, cross evaluation, presentations.

LITEM Liiketoiminnan teknologiat -koulutus

0.00 cr

5.00 cr

H-5