DS-ACTG- Cybersecurity: Attack, Defence, and Operational Practice

Cybersecurity: Attack, Defence, and Operational Practice

──

Cybersecurity: Attack, Defence, and Operational Practice

This course provides students with an advanced, dual-perspective understanding of cybersecurity bridging offensive techniques with operational defence in complex, real-world environments. From reconnaissance and OSINT through to exploitation, post-exploitation, and lateral movement, students engage in hands-on labs using tools such as Nmap and Metasploit, developing the technical fluency to think like adversaries. Alongside the offensive dimension, the course covers the structure and operation of Security Operations Centres (SOCs), incident response, and the legal, regulatory, and ethical considerations that govern cybersecurity practice. Combining technical exercises with scenario-driven analysis, it prepares graduates to design robust defence strategies and lead security operations with both strategic judgment and practical confidence.

Main Topics

General Competences

The General Competences that students should have acquired include:

Search for, analysis and synthesis of data and information, with the use of the necessary technology,
Adapting to new situations,
Decision-making,
Working independently,
Team work,
Working in an interdisciplinary environment,
Production of new research ideas,
Project planning and management,
Criticism and self-criticism,
Production of free, creative and inductive thinking

Skills

Based on the above, upon completion of the course, students are expected to be able to:

Detect and investigate advanced persistent threats (APTs) by correlating multi-source telemetry in SIEM and SOAR platforms.
Design and execute purple-team exercises to assess the effectiveness of existing defences
Incorporate cyber-threat intelligence (CTI) feeds into operational-security workflows.
Conduct simulated offensive security operations using ethical hacking methodologies.
Monitor, interpret, and correlate security events and logs to identify and respond to sophisticated attacks.
Design Zero-Trust architectures, including identity-centric segmentation and continuous-auth.
Evaluate multi-layered defence strategies for securing networks, systems, and data

Knowledge

This module equips students with an advanced understanding of cybersecurity from both offensive and operational perspectives. Emphasis is placed on critically evaluating cyber threats, designing defence strategies, and managing security operations in complex environments. Through a combination of technical exercises and scenario-driven analysis, students will develop the knowledge, skills, and judgment necessary for strategic cybersecurity practice.

Upon successful completion students are expected to:

Comprehend advanced cyberattack techniques and adversarial tactics in contemporary threat landscapes.
Describe the structure and operational role of cybersecurity teams, including SOCs and incident response units.
Understand the appropriate legal, regulatory, and ethical considerations to real-world cybersecurity scenarios.
Explain and communicate technical and strategic cybersecurity findings clearly to both technical and non-technical audiences.
Define professional autonomy and accountability in managing and improving cybersecurity practices.

Competences

Students will be able to:

Lead SOC and Incidence responce operations during high-severity incidents, ensuring effective eradication and recovery.
Balance offensive security findings with business-risk tolerances when recommending mitigations.
Evaluate and enhance operational security metrics (MTTD, MTTR) through continuous improvement.
Communicate complex technical findings to executive and non-technical stakeholders effectively.
Demonstrate professional responsibility and ethical judgment in cybersecurity operations and adversarial engagements.