Cyber Incident Handling
BASIC DATA
course listing
A - main register
course code
ITC8270
course title in Estonian
Küberintsidentide haldamine
course title in English
Cyber Incident Handling
course volume CP
-
ECTS credits
6.00
to be declared
yes
fully online course
not
assessment form
Graded assessment
teaching semester
autumn - spring
language of instruction
Estonian
English
Study programmes that contain the course
code of the study programme version
course compulsory
IVCM25/25
no
Structural units teaching the course
IT - Department of Software Science
Course description link
Timetable link
View the timetable
Version:
VERSION SPECIFIC DATA
course aims in Estonian
Aine eesmärk on anda üliõpilasele baasteadmised turbekeskuses (SOC) töötamiseks, et ta oleks võimeline osalema küberintsidendile reageerimisel.
course aims in English
The aim of this course is to give the student foundational knowledge required to work in a security operation center (SOC) and participate in cyber incident response.
learning outcomes in the course in Est.
Õppeaine läbinud üliõpilane:
- oskab luua luua intsidendi halduse meeskonda;
- haldab küberintsidente, säilitades vajalikud tõendid ja tõendite ahelad;
- loob intsidendihalduse süsteemi ja haldab koostööd õiguskaitseorganite ning intsidendihaldajate vahel;
- loob protseduurid tõendite ja intsidentide haldamiseks.
learning outcomes in the course in Eng.
After completing this course, the student:
- is able to establish incident handling team and typical team designs;
- manages cyber incidents, preserving needed evidence and chain of evidence;
- builds incident management system and manages cooperation between law enforcement and incident handlers;
- establishes procedures for evidence and incident management.
brief description of the course in Estonian
Triaaž ja intsidendihaldus
Intsidendihalduse protseduuride loomine ja testimine
Suuremahulise intsidendi haldus
Koostöö õiguskaitseorganitega
Küberkuriteo jälgede identifitseerimine ja käsitlemine
Intsidendihaldus ja koostöö õngitsemisjuhtumite korral
Õiguskaitseorganite vaade turvaintsidentidele
Õiguskaitseorganite vajadused tõnedite analüüsil
(Laua)õppused intsidendihalduse võime arendamises
brief description of the course in English
Triage and basic incident handling
Creating incident handling procedures and testing
Large scale incident handling
Cooperation with Law Enforcement agencies
Identifying and handling cyber-crime traces
Incident handling and cooperation during phishing campaign
Law enforcement view of computer security incidents
Law enforcement needs for evidence analysis
Role of (tabletop) exercises in developing incident handling capability
type of assessment in Estonian
-
type of assessment in English
-
independent study in Estonian
-
independent study in English
-
study literature
Kursuse Moodle'i lehel. // On the course Moodle page. Link in the extended syllabus.

Kui te ei ole küberkaitse magistriõppe üliõpilane, palun võtke parooli saamiseks ühendust õppejõuga. // If you are not a Cyber Security MSc student, please contact the professor for the password.
study forms and load
daytime study: weekly hours
4.0
session-based study work load (in a semester):
lectures
2.0
lectures
-
practices
0.0
practices
-
exercises
2.0
exercises
-
lecturer in charge
-
LECTURER SYLLABUS INFO
semester of studies
teaching lecturer / unit
language of instruction
Extended syllabus or link to Moodle or to home page
2025/2026 autumn
Rain Ottis, IT - Department of Software Science
English
    ITC8270 grading criteria.pdf 
    display more
    2024/2025 autumn
    Rain Ottis, IT - Department of Software Science
    English
      ITC8270 Extended syllabus 2024 EN.pdf 
      2023/2024 autumn
      Rain Ottis, IT - Department of Software Science
      English
        ITC8270 Extended syllabus 2023 EN.pdf 
        2022/2023 autumn
        Rain Ottis, IT - Department of Software Science
        English
          2021/2022 autumn
          Rain Ottis, IT - Department of Software Science
          English
            ITC8270 grading criteria.pdf 
            2020/2021 autumn
            Rain Ottis, IT - Department of Software Science
            English
              ITC8270 grading criteria.pdf 
              2019/2020 autumn
              Rain Ottis, IT - Department of Software Science
              English
                ITC8270 grading criteria.pdf 
                Course description in Estonian
                Course description in English