Takaisin kaikki kurssit

System vulnerabilities

Yksittäinen kurssi

Max amount of FITech students: 100

This course presents cybersecurity from a system security/system vulnerabilities perspective, including basic concepts related to CVE, CWE, CVSS, etc.

The course is heavily hands-on oriented where “learning by doing” is the main concept. For example, Kali Linux and related cybersecurity environments (e.g., Damn Vulnerable Web Application, SQLol, OpenVAS) are introduced in a very practical manner and students are invited to build knowledge and experience atop of that. The students are exposed to hands-on practical situations of setting up vulnerable environments, finding and/or exploiting cybersecurity vulnerabilities (e.g., XSS, SQL injections, other injections), and providing comprehensive reporting on the findings.

This course aims to prepare a strong basic foundation for practical tasks related to cybersecurity, both in research and industrial/company environments.

Course contents

  • CVE, CWE, CVSS
  • Local vulnerabilities
  • Purpose and phases of attacks and network vulnerabilities, layer 1
  • Network vulnerabilities, layer 2 to layer 4
  • Network vulnerabilities, layer 5 to layer 7, and topology mapping scanning fingerprinting
  • WebSecurity, web pentesting, web bug bounties
  • Recap: WebSecurity & recap: scanning mapping fingerprinting
  • SslTlsHttpsSecurity 1–3 & Hash attacks
  • Database security 1–2 & host and platform security
  • Host and platform security & vulnerability management and lifecycle
  • Vulnerability management & Top 10 OWASP10 Web Mobile IoT Cloud Database

System security, system vulnerabilities and their mapping. The most common types and methods of attack.

System: purpose of operation, structure, data in the system, life cycle, systems boundaries, snapshots, documentation, testing, external dependencies, risk assessment.

Vulnerabilities: Mapping, guidelines vs. policy, maintenance vulnerabilities, hardware vulnerabilities, software errors, encryption, external vulnerabilities.

Learning outcomes

The student understands the vulnerabilities of a modern information system and is able to analyse the parts of the system and identify potentially vulnerable points.

Course material

  • Course materials/slides (PDFs)
  • Pre-recorded videos lectures
  • Recommended reading list (JYKDOK)

Teaching schedule

Lectures are fully pre-recorded and the meetings with the teacher are organised during online/Zoom sessions (on Tuesdays at 16–18) for the purpose of guiding the students, answering any practical/logistical/homework/grading questions or helping to solve any homework blockages.

Completion methods

Completion is based solely on the homework points. Homework points are based on: homework hands-on tasks + homework essay (learning diary/essay/practical project/academic paper).

There are both mandatory tasks (5) and corresponding bonus tasks (5). Mandatory and bonus tasks are evaluated separately (0–15 points).

The maximum points per week are thus 15 + 15 points and the total maximum number of points for the course demo tasks is 150.  At least 5 mandatory task must be scored non-zero points in order to complete the course.

Each task (mandatory or bonus) is graded on a scale of 0–15 points.

Essay: 0–25 points. The essay must earn at least 5 points to complete the course.

Final grade/completion:

  • 0 – failed: less than 50 points
  • 1 – adequate: 50+ points
  • 2 – satisfactory: 62+ points
  • 3 – good: 75+ points
  • 4 – commendable: 87+ points
  • 5 – excellent: 100+ points

More information in the University of Jyväskylä study guide.

You can get a digital badge after completing this course.

Network Vulnerabilities, WebSecurity, SslTlsHttpsSecurity, Database Security, turvallisuus, haavoittuvuus, tietoturva

Vastuuopettaja

Jyväskylän yliopisto
Andrei Costin
andrei.costin(at)jyu.fi

Lisätietoa kurssista ja suorittamisesta

Jyväskylän yliopisto
Annemari Auvinen
annemari.k.auvinen(at)jyu.fi

Hakua koskevat kysymykset

FITech-verkostoyliopisto
Monica Sandberg
monica.sandberg(at)fitech.io
Aloita tästä
Aloita tästä
Kategoria:
ICT-opinnot
Teemat:
5G-teknologia,
Tietojenkäsittelytiede,
Tietoturva
Kurssikoodi:
ITKST56
Opintopisteet:
5 ECTS
Hinta:
0 €
Taso:
Opetusaika:
10.1.–13.3.2022
Viimeinen hakupäivä:
2.1.2022
Järjestävä yliopisto:
Jyväskylän yliopisto
Kohderyhmä:
Aikuisopiskelija,
Tutkinto-opiskelija
Opetustavat:
Verkko-opetus
Kieli:
Englanti
Esitietovaatimukset:
Basic information technology: algorithmic thinking and programming skillset, knowledge and database management, operating systems. Practical experience: ssh, Linux command line, virtualization concepts, VirtualBox/VMware/QEMU, networking and IPv4 experience, information security management, cyber technologies and security.
Kenelle kurssi sopii:
Students interested in cybersecurity. IT/cybersecurity professionals who want to deepen their knowledge from a system security perspective
Oletko kiinnostunut tästä kurssista? Tilaa ilmoitus kurssin tietojen muutoksista suoraan sähköpostiisi! Voit peruuttaa tilauksen koska tahansa.