Cybersecurity Operations

11B1129

Bachelor

German

5.0

irregular

1 semester

Cyber incidents emerged to one of the most important business risks world wide. Today’s organizations are challenged to minimize there attack surface and to be able to rapidly identify and respond to cyber security incidents (incident analysis and response). The module prepares participants to begin a career working as cyber security analysts by getting trained in: - vulnerability analysis of networks and it-systems - detection, analysis and response on cyber attacks

- Tasks of cyber security analysts in organizations
- Security fundamentals for Windows and Linux operating systems
- Network protocols, -services and there vulnerabilities
- Network security devices and infrastructures
- Threats and network based attacks
- Network monitoring
- Logging and log analysis for operating systems and standard applications
- Fundamentals in cryptography
- Vulnerability assessment of endpoints
- Security monitoring and intrusion detection tools
- Analysis of logged incident data
- Digital forensic fundamentals
- Security incident and event management (SIEM) in organizations
- Incident response models
- Incident handling procedures

The total workload for the module is 150 hours (see also "ECTS credit points and grading").

• Written examination or
• oral exam or
• Oral presentation, with written elaboration

• Field work / Experimental work

The teacher selects the type of graded examination.

Graded examination performance:

• Written examination: see the applicable study regulations
• Oral examination: see the general section of the examination regulations
• Presentation: approx. 20 minutes, accompanying paper: approx. 5–10 pages

Ungraded examination performance:

• Experimental work: Experiment: approx. 12 experiments in total

- knowledge of communication networks and TCP/IP - computer science fundamentals - prior knowledge in IT security is recommendet but not necessary

Students have a deep understanding of cyber security. The know weaknesses of the different communication protocols. They can classify various types of attacks on networks, systems and applications and know the impact of the attacks.

Students have understood why companies can only protect themselves against cyber attacks to a limited extent. They will be able to assess the extent to which attacks can be prevented through preventive measures and how reactive measures can be set up and operated.

Students understand how cyber attacks work and how they can be detected.

Students can examine systems for vulnerabilities and analyze attacks. Students are proficient in using the relevant network security tools.

• Scheerhorn, Alfred

• Scheerhorn, Alfred
• Roer, Peter