Cyber Security Essentials

Defending IT-environments against cyber criminals, hackers, malware, and fraud and testing those environments by means of ethical hacking (pen-testing). Both technical and non-technical security measures will be considered. Themes that will be addressed are risk analysis, user awareness, privacy, secure networking, web technology, system technology, legal and ethical considerations including laws, legislation, and responsible disclosure.

Knowledge topics that have to be learned by everyone are:

• SQL Injection
• Path Traversal and Command Injection
• XSS and CSRF
• Network Scanning and Enumeration
• Network Separation and Segmentation
• VPN Secure Remote Access
• Password Cracking system and network
• WiFi Hacking

Knowledge topics that can be chosen from are:

• Web Application Firewalls software layer
• Host Intrusion Detection and Prevention HIDS
• Network Spoofing and Man in The Middle Attacks MITM
• Network Intrusion Detection and Prevention NIDS IPS
• IT Basic Monitoring
• IT Security Monitoring
• Identity Management, Authentication and Access Control
• Security Incident Management
• Malware and Common Vulnerabilities and Exposures
• IT System Hardening
• Python and Scapy for attacking
• Docker and Container Security
• Secure Software Design
• Introduction into Blue Teaming and Advanced Threat Detection
• Other Wireless Hacking with SDR Software Defined Radio
• Advanced Password Cracking

You will study basic knowledge topics individually, do a personal research project and do a group research project incorporating all learned technologies and security concepts:

• Conduct security tests to assess IT environments where you perform ethical hacking exercises with formal client permission. The group performs a security assessment, also known as penetration test or ‘pentest’, for the ICT-environment at a real external company that has to be contracted by the project group itself.
• Apply knowledge of risk analysis, network, web, and system technologies in practical scenarios, where the project group chooses a current security problem in the field of IT Security and investigates, designs and develops a solution to this. 
• The Personal Research Project consists of investigating the vulnerability of something like an object, a product or a phenomenon and deals with setting up and conducting research of existing systems or technologies. The research direction can be chosen by the student, fitting the students interests and background.

All semesters 2 should be suitable as inflow, since there will be supportive activities and workshops for students that might miss specific knowledge. By freedom in choosing topics and projects, a student can tune the activities into its own preferences and background.

The semester Cyber Security Essentials prepares for a possible internship in the direction of Cyber Security and for the Advanced Semester Cyber Security