Text

Course syllabus - Cybersecurity Operations

Scope

7.5 credits

Course code

DVA496

Valid from

Autumn semester 2025

Education level

Second cycle

Progressive Specialisation

A1F (Second cycle, has second-cycle course/s as entry requirements)

Main area(s)

Computer Science

Organisation

School of Innovation, Design and Engineering

Ratified

2024-01-18

Revised

2025-01-16

Literature lists

Course literature is preliminary up to 8 weeks before course start. Course literature can be valid over several semesters.

    • Ratified date: 2026-01-29
    • Latest update: 2026-01-29

    Miscellaneous

    The course has no specific literature.

Objectives

The course aims to provide students with a good understanding of incident management and security work in the IT society. The course also aims to develop skills in literature search, documentation, and presentation.

Learning outcomes

After completeding the course, the student shall be able to:

  1. explain the role of the Cybersecurity Operations Analyst in the enterprise,
  2. explain common Operating System features and characteristics needed to support cybersecurity analyses,
  3. analyze the operation of network protocols and services,
  4. explain the operation of the network infrastructure,
  5. classify the various types of network attacks,
  6. use network monitoring tools to identify attacks against network protocols and services,
  7. explain how to prevent malicious access to computer networks, hosts, and data,
  8. explain the impacts of cryptography on network security monitoring,
  9. explain how to investigate endpoint vulnerabilities and attacks,
  10. evaluate network security alerts,
  11. analyze network intrusion data to identify compromised hosts,
  12. apply incident response models to manage network security incidents and
  13. present operational work in writing and presentations.

Course content

Today's organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding to security incidents. Teams of people in Security Operations Centers keep a vigilant eye on security systems, protecting their organizations by detecting and responding to cybersecurity exploits and threats. The course prepares candidates to act and treat security operations.

Specific requirements

Cybersecurity fundamentals 7.5 hp at advanced level. In addition, Swedish B/Swedish 3 and English A/English 6 are required. For courses given in entirely in English exemption is made from the requirement in Swedish B/Swedish 3.

Examination

Written examination (TEN1), , 3 credits, examines the theoretical aspects of the learning outcomes 1-12 marks Fail (U), 3, 4 or 5.
Laboratory work (LAB1), 4,5 hp, examines the operational aspects of the learning outcomes 1-12 and presenting in speech and writing for the learning outcome 13, marks Fail (U) or Pass (G).

A student who has a certificate from MDU regarding disability study support, can request adaptions for the examination. It is the examiner who takes decisions on any adaptions, based on the certificate and other conditions.

Grade

Pass with distinction (5), Pass with credit (4), Pass (3)

Interim Regulations and Other Regulations

The course overlaps with 2,5 credits with DVA487 Methods and Tools for Industrial Cybersecurity.