Information Security Technology
Course Details
KTO KARATAY UNIVERSITY
Trade and Industry Vocational School
Programme of Information Security Technology
Course Details
Trade and Industry Vocational School
Programme of Information Security Technology
Course Details
| Course Code | Course Name | Year | Period | Semester | T+A+L | Credit | ECTS |
|---|---|---|---|---|---|---|---|
| 08130101 | Cyber Attack and Defense Methods | 2 | Autumn | 3 | 2+2+0 | 5 | 5 |
| Course Type | Compulsory |
| Course Cycle | Associate (Short Cycle) (TQF-HE: Level 5 / QF-EHEA: Short Cycle / EQF-LLL: Level 5) |
| Course Language | Turkish |
| Methods and Techniques | - |
| Mode of Delivery | Face to Face |
| Prerequisites | - |
| Coordinator | - |
| Instructor(s) | Lect. Merve AKIN |
| Instructor Assistant(s) | - |
Course Instructor(s)
| Name and Surname | Room | E-Mail Address | Internal | Meeting Hours |
|---|---|---|---|---|
| Lect. Merve AKIN | C-129 | [email protected] | 7869 | Wednesday 14.00-16.00 |
Course Content
The course content begins with the Cyber Attack Lifecycle, detailing the phases of an attack. This is followed by an examination of methods for gathering information and detecting vulnerabilities (Reconnaissance and Vulnerability Scanning), alongside exploitation techniques used against operating systems and network services. The curriculum also covers the analysis of Malware, including viruses, Trojans, and specifically Ransomware. In terms of practical defense, students study network protection tools such as Firewalls and Intrusion Detection/Prevention Systems (IDS/IPS). Finally, the course teaches Incident Response steps, which include actions to take during an attack and fundamentals of digital forensics, along with defense strategies against Social Engineering attacks.
Objectives of the Course
The primary aim of this course is to equip students with practical skills and theoretical knowledge from both the attacker's perspective and the defender's core strategies in the field of cybersecurity. The course intends for students to recognize modern cyber threats, understand the attack mechanisms used against them, and apply the necessary defense tools and techniques to protect organizations.
Contribution of the Course to Field Teaching
| Basic Vocational Courses | |
| Specialization / Field Courses | X |
| Support Courses | |
| Transferable Skills Courses | X |
| Humanities, Communication and Management Skills Courses |
Relationships between Course Learning Outcomes and Program Outcomes
| Relationship Levels | ||||
| Lowest | Low | Medium | High | Highest |
| 1 | 2 | 3 | 4 | 5 |
| # | Program Learning Outcomes | Level |
|---|---|---|
| P1 | He/she has basic, current and practical knowledge about his/her profession. | 5 |
| P12 | Explains and applies techniques for network and internet security and protection against cyber threats. | 4 |
| P13 | Identifies and fixes security vulnerabilities in computer and software systems. | 3 |
Course Learning Outcomes
| Upon the successful completion of this course, students will be able to: | |||
|---|---|---|---|
| No | Learning Outcomes | Outcome Relationship | Measurement Method ** |
| O1 | P.1.1 | 1,3 | |
| O2 | P.1.2 | 1,3 | |
| O3 | P.1.5 | 1,3 | |
| O4 | P.12.1 | 1,3 | |
| O5 | P.12.2 | 1,3 | |
| O6 | P.13.1 | 1,3 | |
| O7 | P.13.3 | 1,3 | |
| ** Written Exam: 1, Oral Exam: 2, Homework: 3, Lab./Exam: 4, Seminar/Presentation: 5, Term Paper: 6, Application: 7 | |||
Weekly Detailed Course Contents
| Week | Topics |
|---|---|
| 1 | Introduction to Cybersecurity and Fundamental Concepts |
| 2 | Cyber Attack Lifecycle (Cyber Kill Chain) |
| 3 | Reconnaissance and Information Gathering |
| 4 | Vulnerability Scanning and Analysis |
| 5 | Malware and Analysis |
| 6 | Social Engineering and Phishing |
| 7 | Quiz + General Review |
| 8 | Midterm Exam |
| 9 | Network Defense I: Firewalls |
| 10 | Network Defense II: IDS and IPS Systems |
| 11 | Basic System Exploitation Techniques and Countermeasures |
| 12 | Cloud and Mobile Security |
| 13 | Incident Response (IR) |
| 14 | Incident Response (IR) |
| 15 | Quiz + General Review |
| 16 | Final Exam |
Textbook or Material
| Resources | Erdal Özkaya, Raif Sarıca ve Şükrü Durmaz, "Siber Güvenlik: Saldırı ve Savunma Stratejileri" |
| Cemal Taner, "Uygulamalarla Siber Güvenliğe Giriş" | |
| M. Alparslan Akyıldız, "Siber Güvenlikte Temel Kavramlar" |
Evaluation Method and Passing Criteria
| In-Term Studies | Quantity | Percentage |
|---|---|---|
| Attendance | - | - |
| Laboratory | - | - |
| Practice | - | - |
| Field Study | - | - |
| Course Specific Internship (If Any) | - | - |
| Homework | 10 | 10 (%) |
| Presentation | - | - |
| Projects | - | - |
| Seminar | - | - |
| Quiz | 2 | 20 (%) |
| Listening | - | - |
| Midterms | 1 | 30 (%) |
| Final Exam | 1 | 40 (%) |
| Total | 100 (%) | |
ECTS / Working Load Table
| Quantity | Duration | Total Work Load | |
|---|---|---|---|
| Course Week Number and Time | 16 | 4 | 64 |
| Out-of-Class Study Time (Pre-study, Library, Reinforcement) | 14 | 3 | 42 |
| Midterms | 1 | 8 | 8 |
| Quiz | 2 | 3 | 6 |
| Homework | 10 | 2 | 20 |
| Practice | 0 | 0 | 0 |
| Laboratory | 0 | 0 | 0 |
| Project | 0 | 0 | 0 |
| Workshop | 0 | 0 | 0 |
| Presentation/Seminar Preparation | 0 | 0 | 0 |
| Fieldwork | 0 | 0 | 0 |
| Final Exam | 1 | 10 | 10 |
| Other | 0 | 0 | 0 |
| Total Work Load: | 150 | ||
| Total Work Load / 30 | 5 | ||
| Course ECTS Credits: | 5 | ||
Course - Learning Outcomes Matrix
| Relationship Levels | ||||
| Lowest | Low | Medium | High | Highest |
| 1 | 2 | 3 | 4 | 5 |
| # | Learning Outcomes | P1 | P12 | P13 |
|---|---|---|---|---|
| O1 | Bilişim güvenliği temel kavramlarını tanımlar. | 5 | 5 | 5 |
| O2 | Bilgisayar ve güvenliği hakkında bilgi sahibidir. | 5 | 5 | 5 |
| O3 | Güncel güvenlik trendlerini analiz eder. | 5 | 3 | 3 |
| O4 | Ağ ve internet güvenliğinin temel kavramlarını tanımlar ve işlevlerini açıklar. | 5 | 5 | 4 |
| O5 | Güncel ve yaygın siber tehdit türlerini ayırt eder ve bu tehditlerin sistemlere nasıl zarar verdiğini açıklar. | 5 | 5 | 5 |
| O6 | Yazılım ve sistemlerdeki yaygın güvenlik açıklarını ve bu açıkların nedenlerini açıklar. | 5 | 4 | 5 |
| O7 | Tespit edilen bir güvenlik açığının olası etkisini ve risk seviyesini değerlendirir. | 4 | 3 | 5 |