nl en

Network Security


Admission requirements

Admission only after intake, please see our website

Admission only for those who are enrolled in the technical track.


This course deals with understanding threats, defining threat models and implementing security controls to attain the desired level of network security.

The first part deals with defining and modeling how hackers operate (threat actors). We consider the identity and characteristics of the actors and the techniques they are using. A variety of threat actors are analyzed, ranging from ransomware and financially motivated threat actors to advanced persistent threats by nation states. Various types of attacks are analyzed, from phishing and supply chain attacks to gain access to networks, to lateral movement within targeted networks towards valuable assets.

The understanding of the threat landscape allows students to analyze the attacks by relevant threat actors, which is the first step towards defending a modern network of any organization. Building upon the knowledge of actors and attacks, deep-dives will be performed into understanding, defining and applying the appropriate security controls. The trade-off between security risks and technical requirements will actively be weighed. Finally, we also consider the decision process to balance the selection of prevention, detection & response controls to attain resilience against the attacks of relevant threat actors within any given network.

Course objectives

When finalizing this course successfully, participants will have:

  • a general overview of security threats, an understanding of the identity and characteristics of various types of attackers and different types of security attacks;

  • a more detailed understanding of the tactics and techniques underpinning modern attacks and the corresponding security controls;

  • an understanding of the importance of trade-off between security risks and technical requirements (more particularly weigh security risks versus technical requirements);

  • a more detailed understanding of the vulnerabilities of modern interconnected networks and the available controls to prevent, detect and respond to the exploitation of those vulnerabilities.

When finalizing this course successfully, participants will be able to:

  • define the relevant threat actors for any organization and model their attacks;

  • identify vulnerabilities in a network design and identify appropriate controls;

  • define technical requirements with respect to the chosen security controls.

  • communicate about the threats, controls and requirements with non-technical stake- and shareholders within organizations.


7 days from 9.30 until 17.00

● Thursday- 14 December 2023 ● Friday - 15 December 2023 ● Friday - 22 December 2023 ● Friday - 12 January 2024 ● Friday - 19 January 2024 ● Friday - 26 January 2024 ● Friday - 2 February 2024

Mode of instruction

Lectures, seminars, exercises, class discussion.
Lecturers: Paul Pols and Francisco Dominguez Santos

Assessment method


  • 70% of final grade
    *Grade must be 5.50 or higher to pass the course
    *Re-sit of a fail is possible.
    *Re-sit will take the same form

Written exam.
*30% of final grade
*Grade must be compensated
*Re-sit not possible

Only assessments with the weight of 30% and lower are compensable. This means that one does not have to pass an assessment if it weighs 30% or less in order to pass the course, if the average of all assessments combined is at least a 5.5. In addition, assignments weighing up to and including 30% cannot be re-taken, meaning that if one failed an assessment of 30% or less one is not allowed to redo it and that assessment must be compensated by the other assessment(s).

Reading list

Compulsory literature and literature for further consultation will be announced via Brightspace.


No registration is required for lectures and exams.


M.I. Warner, study coordinator


For more information see the website see our website