< Cyber Security Base >

Cyber Security Base with F-Secure is a free course series by University of Helsinki and MOOC.fi in collaboration with F-Secure Cyber Security Academy that focuses on building core knowledge and abilities related to the work of a cyber security professional.

About the Course Series

Learn about tools used to analyse flaws in software systems, necessary knowledge to build secure software systems (esp. within Web), the skills needed to perform risk and threat analysis on existing systems and the relevant legislation within EU. By the end of the course, hard working participants are expected to possess the skills required from those who work as Junior Security Consultants in the industry, for example at F-Secure.


The course series consists of multiple smaller courses, each with a specific theme. Themes include a brief introduction to cyber security, operational security, web software development, types of vulnerabilities typical of web software, discovery and mitigation of such vulnerabilities, and advanced topics such as secure software architectures and cryptography. There will be several case studies as well as projects for participants. At the end of the course series, we'll also organize a friendly capture-the-flag competition where participants will try to solve some security puzzles.

Work load and prerequisites

There will be programming assignments, essays, quizzes and puzzles throughout the courses, and completing a specific part of a course means working and completing most if not all of them. We expect that individuals work some 2-10 hours per week on the courses depending on their background. Some programming background and ICT experience is required.

The course has started! You don't need to register to start doing the course. There is an optional registration for those who want ECTS credits that can be done AFTER completing the course. More instructions in the material. So just head to the material and start doing the courses!


You can start the courses any time you like as long as you finish the course before its deadline. While doing the courses please make sure you complete enough of the assignments and do enough peer reviews so that you will pass the course. The grading criterium should be listed at the very start of each course.

ECTS credits for Finnish residents

If you reside in Finland, you can get a total of 10 ECTS credits for the course from the Open University of University of Helsinki. Your own school, college or university has the option of accepting these as a part of your studies -- you have to, however, ask your local administration whether they will do so. We are looking into the possibility of offering certificates for completion of the course series to all participants as well.


Please check out the frequently asked questions at the bottom of this page.

Leave us your email and we will send you updates about Cyber Security Base with F‑Secure.


Courses

Introduction to Cyber Security 1 Cr. (ECTS)

date_range 29.10.2018 - 19.11.2018


This part of the course series will introduce the participant to the relevant issues in cyber security. These issues include the stakeholders' and users' ability to disrupt the functionality of a system; corporate responsibilities and liabilities; and the never-ending software crisis that is related to the increasing amount of software and maintenance.

Securing Software 3 Cr. (ECTS)

date_range 05.11.2018 - 24.12.2018


This part focuses on security issues related to interconnected software. The participant will learn the principles of developing web applications, typical security issues that are related to such applications, and how such issues are discovered and mitigated.

Course Project I 1 Cr. (ECTS)

date_range 10.12.2018 - 30.12.2018


In the first project, the participants will construct software with security flaws, point out the flaws in the project, and provide the steps to fix them.

Advanced Topics 3 Cr. (ECTS)

date_range 14.1.2019 - 25.2.2019


This part focuses on security in networks, including internet security issues, issues in 4G networks as well as the issues and remedies planned for the upcoming 5G network. This includes also relevant cryptography topics. Architectural analysis of existing (software) systems will be also visited, and selected methods for log mining for the purposes of identifying and tackling attacks will be studied.

Course Project II 1 Cr. (ECTS)

date_range 25.2.2019 - 10.3.2019


In the second project, the participants will install an operating system with a variety of vulnerabilities and then install a network intrusion prevention system into it. Subsequently, the participants will familiarize themselves with penetration testing software, and attack the system they installed.

Capture The Flag 1 Cr. (ECTS)

date_range 10.3.2019 - 17.3.2019


A Capture the Flag (CTF) competition will be organized at the end of the course series. In the competition, participants will be given a variety of tasks that are related to the topics of the course series. Participants will gain points for every solved task. The amount of points depends on the complexity of the task as well as the amount of time that the spent on the task.

Frequently asked questions

Q: MOOC?
A: Massive Open Online Courses (MOOCs) are as the name says they open, free, and online. You do not have to care about course fees, not on this MOOC anyway. You do not have to care about commute as you can do it where you are as long as you have Internet connectivity. You do not have to care about schedules, well you have a start and end dates but between them it is upto you when you do the tasks.

Q: Is the course series free?
A: Yes.

Q: How many students can attend?
A: There is no limit how many students can take part.

Q: How many hours of work should I be prepared to put in?
A: This will vary from person to person. But students should expect to spend 2-10 hours per week on the course.

Q: Are there any prerequisites for registering?
A: No, there are no formal requirements. But a basic understanding of coding, networks, and cyber security are needed to follow some of the course material. You are of course welcome to register without this background knowledge, but you’ll need to put in extra time learning these things if you want to complete all parts of the course.

Q: I want to learn more about cyber security, but I’m not looking to become a cyber security specialist. Will parts of the course still be useful for me?
A: Yes! Thanks to digitalization, cyber security is an issue that cuts across different industries and professions, so the knowledge and skills people learn in the course can be applied in a wide variety of careers.

Q: What’s a good language to learn if I don’t have any coding experience?
A: The course does not require knowledge of one specific language. The materials use Java for examples, but students are free to use whatever language they want to complete assignments. Generally, Java and Python are both easy for beginners to learn, and fairly common. On the other hand, C/C++ can teach you more about how computers actually work, which can be useful for certain types of programming. So if you’re learning from scratch, you should consider what kind of work you want to do after the course ends. You can check out this handy infographic for some insight into what different languages are used for by professionals.

Q: Can I earn credits toward university degrees?
A: Students at Finnish universities can receive up to 10 ECTS credits if they complete all parts of the course. These credits can be transferred to schools outside of Finland (students have done so in the past), but this requires a little bit of additional paperwork and approval by the recipient school.

Q: What kind of topics does the MOOC cover?
A: The MOOC addresses a range of topics that people need to know about to work in cyber security. These topics include: introductions to cyber security and operational security, web software development, types of vulnerabilities that are typical to web software, how such vulnerabilities are discovered and then mitigated, advanced topics such as secure software architectures and cryptography.

Q: What do I learn on this course?
A: As in any MOOC, we acknowledged that learner autonomy is a major factor. Students effectively learn what they wish to learn, as they typically are not bound to the course through any official mechanism. The course consists of six parts described below:

Introduction (1 ECTS): Introduces the participant to the relevant issues in cyber security. These issues include the stakeholders' and users' ability to disrupt the functionality of a system; corporate responsibilities and liabilities; and the never-ending software crisis that is related to the increasing amount of software and maintenance. Securing Software (3 ECTS): Focuses on security issues related to interconnected software. The participant will learn the principles of developing web applications, typical security issues that are related to such applications, and how such issues are discovered and mitigated. Course Project I (1 ECTS): Participants will construct software with security flaws, point out the flaws in the project, and provide the steps to fix them.

Advanced Topics (3 ECTS): Focuses on security in networks, including internet security issues, issues in 4G networks as well as the issues and remedies planned for the upcoming 5G network. This includes also relevant cryptography topics. Architectural analysis of existing (software) systems will be also visited, and selected methods for log mining for the purposes of identifying and tackling attacks will be studied.

Course Project II (1 ECTS): Participants will install an operating system with a variety of vulnerabilities and then install a network intrusion prevention system into it. Subsequently, the participants will familiarize themselves with penetration testing software, and attack the system they installed.

Capture The Flag (1 ECTS): A Capture the Flag (CTF) competition will be organized at the end of the course series. In the competition, participants will be given a variety of tasks that are related to the topics of the course series. Participants will gain points for every solved task. The amount of points depends on the complexity of the task as well as the amount of time that the spent on the task.

Q: Grading?
A: The grading is passed or not. We will provide an option to see your grading once it's ready.

Q: Why isn’t the course graded yet?
A: We have a lot of students and grading takes time. Please be patient! To make things easier and faster use your real name, email, and student number when registering to TMC.

Q: What kind of assignments does the course include?
A: Readings, essays, quizzes, and puzzles are used in different modules. Some modules include projects and programming assignments for students to work on. There will also be a competition where students find and fix vulnerabilities within an allotted amount of time.

Q: What does it take to get passed?
A: It depends on the course part. The criteria can be like the following: "In order to pass the course one had to pass both of the essays and 2/3 of the reviews. Some essays were rejected for being too short, for not containing deep enough discussion or for being flagged too many times as spam during the peer review."

Q: How do I show someone I have passed a course part?
A: You get an online certificate (you can print it if you like).

Q: Where do I get the certificate?
A: The grading and certificates for all the parts of the course will be available at https://cyber-points.mooc.fi/

Q: How do I get the ECTS?
A: We are working in cooperation with the Open University of Helsinki (OUH) and they will register the ECTS. Once a course part is finished and the list of students entitled to ECTS and their information is passed to the OUH. They will contact the email addresses used on the course and give the detailed instructions. So if you used an email address created just for this course, please, check it's inbox and use it as your communication mail.

Q: How soon should I ask the registration of the ECTS to WebOodi?
A: As soon as the Open University of Helsinki (OUH) contacts you you will have three (3) months time to aks the registration of the ECTS to WebOodi. After that we will not register them. You will still get the certificate.

Q: Can I get the ECTS registered in my home university if I do not study in Finland?
A: It is possible and it has been done. Sometimes extra paper work is needed. It really depends on the University in question. We suggest discussing with your local study counselor beforehand.

Q: Can I get an extension to the deadlines or can I get some extra work to make up the lack of doing the tasks on time?
A: This pops up regularly and the answer is no. No extensions, No extra work.

Q: Is it possible for me to catch up if I join the course after it begins or miss part of it?
A: Yes. The course consists of different modules, and they can be taken independently. So if you miss one module or don’t finish it for some reason, you can still take the others. _But do remember that If you study at University of Helsinki CS department and need the TKT20009 or CSM13204 course you need to complete the modules within a year otherwise the modules are not accepted as parts of that course (but you still get to keep the ECTS).

Q: Is there going to be a CTF again?
A: Yes. There will be a CTF with new puzzles.


This content is licenced under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.