The aim of this course is to provide the students with an overview of foundational skills and knowledge for cyber incident responders, cyber threat intelligence specialists, digital forensic investigators, and penetration testers. Furthermore, the students will experience some of the typical tasks for those profiles during the practical seminars.
The participants will gain experience with asset and vulnerability management and their role in the organisation's security. Particularly, discovering and organising assets, scanning for vulnerabilities, and classifying them. To understand how attacks are performed, the participants shall experience the work of a penetration tester, learning the basic techniques, common vulnerabilities, and how to compose and present a proper report. From the other side of the attacks, the participants will gain a fundamental knowledge about the digital forensic process, and basic techniques for analysis in incident response. Lastly, the participants shall gain an overview of open-source intelligence (OSINT) techniques.
Learning outcomes
Know:
- vulnerabilities and cyber threats
- cybersecurity attack procedures
- penetration testing standards, methodologies and frameworks
- digital forensics and incident handling recommendations and best practices
- penetration testing and digital forensics tools
- penetration test and incident report contents
- open-source intelligence approaches
Be able to:
- identify, classify, and exploit vulnerabilities
- conduct ethical hacking of a web application
- follow operational security practice
- communicate, present and report to relevant stakeholders
- conduct post-incident analysis
be able to conduct an open-source intelligence investigation of a target