Course Information


Course Information
Course Title Code Semester L+U Hour Credits ECTS
CYBER INCIDENT MANAGEMENT SGM202 4. Semester 3 + 0 3.0 6.0

Prerequisites None

Language of Instruction Turkish
Course Level Associate's Degree
Course Type Compulsory
Mode of delivery
Course Coordinator
Instructors
Assistants
Goals The aim of this course is to understand the tactics of an attacker in any cyber-attack, detect the tools used by the attacker during the execution of attack tactics, and, in response, establish a cyber incident management to take preventive measures and processes against the attack. The goal is to organize these preventive measures and processes, and to create an infrastructure related to cyber incident management.
Course Content Detection and Analysis of Cyber Incidents, Basic Network Knowledge, Information Security and Incident Management, SIEM Tools
Learning Outcomes 1) Cyberattack incident response. Establishing an effective management process against cyber-attacks. Simulating security from the attacker's perspective.
2) Measurement and analysis of attack simulations. Identifying the missing points in the simulations and making the necessary improvement plans.
3) Reporting of the plans made. Gaining the ability to report simulated attacks and create reports on cyber security-related events.

Weekly Topics (Content)
Week Topics Teaching and Learning Methods and Techniques Study Materials
1. Week Principles of Cyber Incident Management Lecture; Question Answer; Problem Solving
Brainstorming
Problem Based Learning
Seminar
2. Week Detection and Analysis of Cyber Incidents Lecture; Question Answer; Problem Solving

Problem Based Learning
Seminar
3. Week Central Registration and Management Systems Lecture; Question Answer; Problem Solving
Brainstorming
Problem Based Learning
Seminar
4. Week Event Attribution Systems (SIM) Lecture; Question Answer; Problem Solving
Brainstorming
Project Based Learning; Problem Based Learning
Homework Seminar
5. Week Basic Network Information and Analysis Lecture; Question Answer; Problem Solving
Brainstorming
Project Based Learning; Problem Based Learning
Seminar
6. Week Types of Cyber Attacks Lecture; Question Answer; Problem Solving
Brainstorming
Problem Based Learning
Seminar
7. Week Security Information and Event Management (SIEM) Lecture; Question Answer; Problem Solving
Brainstorming
Problem Based Learning
Homework Seminar
8. Week Midterm Exam Problem Solving
Brainstorming
Problem Based Learning
Seminar
9. Week SIEM Tools Lecture; Question Answer; Problem Solving
Brainstorming
Project Based Learning; Problem Based Learning
Homework Practice (Teaching Practice, Music/Musical Instrument Practice, Statistics, Laboratory, Field Work, Clinic and Polyclinic Practice) Seminar
10. Week Cyber Incident Response Teams (SOME) Lecture; Question Answer; Problem Solving
Brainstorming
Problem Based Learning
Homework Seminar
11. Week SOME Operational Elements and Project Plan Lecture; Question Answer; Problem Solving
Brainstorming
Problem Based Learning
Homework Seminar
12. Week Log Analysis Lecture; Question Answer; Problem Solving
Brainstorming
Project Based Learning; Problem Based Learning
Homework Practice (Teaching Practice, Music/Musical Instrument Practice, Statistics, Laboratory, Field Work, Clinic and Polyclinic Practice) Seminar
13. Week Open-Source Security Information And Event Management System (OSSIM) Lecture; Question Answer; Problem Solving
Brainstorming
Problem Based Learning
Seminar
14. Week Incident Response Scenario Applications Lecture; Question Answer; Problem Solving
Brainstorming
Problem Based Learning
Seminar

Sources Used in This Course
Recommended Sources
Anton Chuvakin , Kevin Schmidt , Chris Phillips, Logging and Log Management, Elsevier Science
David R. Miller, Shon Harris, Allen Harper, Stephen VanDyke, Chris Blask, 2010; Security Information and Event Management (SIEM) Implementation, McGraw-Hill Osborne Media
Gregory Jarpey and R. Scott McCoy (Auth.), 2017; Security Operations Center Guidebook. A Practical Guide for a Successful SOC, Butterworth-Heinemann
Joseph Muniz, Gary McIntyre, Nadhem AlFardan, 2015; Security Operations Center: Building, Operating, and Maintaining your SOC, Cisco Press
Ric Messier, 2019; CEH v10 Certified Ethical Hacker Study Guide, Sybex

ECTS credits and course workload
Event Quantity Duration (Hour) Total Workload (Hour)
Course Duration (Total weeks*Hours per week) 14 3
Work Hour outside Classroom (Preparation, strengthening) 14 5
Homework 5 5
Quiz 3 2
Midterm Exam 1 2
Time to prepare for Midterm Exam 1 10
Final Exam 1 2
Time to prepare for Final Exam 1 14
Total Workload
Total Workload / 30 (s)
ECTS Credit of the Course
Quick Access Hızlı Erişim Genişlet
Course Information