Admission requirements
Admission only after intake, please see our website.
Admission only for those who are enrolled in the technical track.
Description
This course deals with understanding threats, defining threat models and implementing security controls to attain the desired level of network security.
The first part deals with defining and modeling how hackers operate (threat actors). We consider the identity and characteristics of the actors and the techniques they are using. A variety of threat actors are analysed, ranging from ransomware and financially motivated threat actors to advanced persistent threats by nation states. Various types of attacks are analysed, from phishing and supply chain attacks to gain access to networks, to lateral movement within targeted networks towards valuable assets.
The understanding of the threat landscape allows students to analyse the attacks by relevant threat actors, which is the first step towards defending a modern network of any organisation. Building upon the knowledge of actors and attacks, deep-dives will be performed into understanding, defining and applying the appropriate security controls. The trade-off between security risks and technical requirements will actively be weighed. Finally, we also consider the decision process to balance the selection of prevention, detection & response controls to attain resilience against the attacks of relevant threat actors within any given network.
Course objectives
When finalising this course successfully, participants will have:
a general overview of security threats, an understanding of the identity and characteristics of various types of attackers and different types of security attacks;
a more detailed understanding of the tactics and techniques underpinning modern attacks and the corresponding security controls;
an understanding of the importance of trade-off between security risks and technical requirements (more particularly weigh security risks versus technical requirements);
a more detailed understanding of the vulnerabilities of modern interconnected networks and the available controls to prevent, detect and respond to the exploitation of those vulnerabilities.
When finalising this course successfully, participants will be able to:
define the relevant threat actors for any organisation and model their attacks;
identify vulnerabilities in a network design and identify appropriate controls;
define technical requirements with respect to the chosen security controls.
communicate about the threats, controls and requirements with non-technical stake- and shareholders within organisations.
Timetable
On the right-hand side of the programme front page of the E-Prospectus you will find a link to the online timetables.
Mode of instruction
Lectures, seminars, exercises, class discussion.
Lecturers: Paul Pols and Francisco Dominguez Santos
Assessment method
Assignment
70% of final grade
Grade must be 5.50 or higher to pass the course
Re-sit of a fail is possible.
Re-sit will take the same form
Written exam.
30% of final grade
Grade must be compensated
Re-sit not possible
Only assessments with the weight of 30% and lower are compensable. This means that one does not have to pass an assessment if it weighs 30% or less in order to pass the course, if the average of all assessments combined is at least a 5.5. In addition, assignments weighing up to and including 30% cannot be re-taken, meaning that if one failed an assessment of 30% or less, one is not allowed to redo it and that assessment must be compensated by the other assessment(s).
Reading list
Compulsory literature and literature for further consultation will be announced via Brightspace.
Registration
No registration is required for lectures and exams.
Contact
Chantal de Groot, study coordinator
Remarks
For more information see our website.