BİLGİ PAKETİ / DERS KATALOĞU
2022002002 Security Event Management
Degree Programs
BİLİŞİM GÜVENLİĞİ TEKNOLOJİSİ
Diploma SupplementNational Qualifications
BİLİŞİM GÜVENLİĞİ TEKNOLOJİSİ
Associate TR-NQF-HE: Level 5 QF-EHEA: Short Cycle EQF-LLL: Level 5

Ders Genel Tanıtım Bilgileri

Course Code: 2022002002
Ders İsmi: Security Event Management
Ders Yarıyılı: Spring
Fall
Ders Kredileri:
Theoretical Practical Credit ECTS
3 0 3 3
Language of instruction: TR
Ders Koşulu:
Ders İş Deneyimini Gerektiriyor mu?: No
Type of course: Bölüm Seçmeli
Course Level:
Associate TR-NQF-HE:5. Master`s Degree QF-EHEA:Short Cycle EQF-LLL:5. Master`s Degree
Mode of Delivery: Face to face
Course Coordinator : Öğr.Gör. Esma TAYRAN
Course Lecturer(s):
Course Assistants:

Dersin Amaç ve İçeriği

Course Objectives: Learning the concepts of logging, logging and log management, learning what SIEM products are, installing Splunk software, learning its basic features, uploading logs in Splunk, searching, reporting, using the alert feature, downloading logs from remote systems using universal forwarders, cyber security learning the general definitions and concepts, learning the processes of responding to cyber incidents and the tools used in these processes, learning the concept of forensic informatics and taking images, learning methods of examining malware.
Course Content: Log concept, logging and log management, SIEM products, Splunk software, log upload in Splunk, search and operator usage, reporting and analysis, alert feature, universal forwarders, cyber security general definitions and concepts, cyber incident response processes, cyber incidents tools used in the incident response process, forensics, image acquisition and examination of malicious software.

Learning Outcomes

The students who have succeeded in this course;
Learning Outcomes
1 - Knowledge
Theoretical - Conceptual
1) Learning the concepts of logging, logging and log management
2) Getting to know Splunk software, learning to load logs, search, report, use alert feature, upload logs from remote systems in Splunk
3) Learning the general definitions and concepts of Cyber Security
2 - Skills
Cognitive - Practical
3 - Competences
Communication and Social Competence
Learning Competence
Field Specific Competence
1) Learning the cyber incident response processes and the tools used in these processes
2) Learning forensics, image acquisition and investigation of malware
Competence to Work Independently and Take Responsibility

Ders Akış Planı

Week Subject Related Preparation
1) What is log and logging, what are its basic features? Siber Güvenlik ve Savunma, Farkındalık ve Caydırıcılık, Editörler: Prof. Dr. Şeref Sağıroğlu, Prof. Dr. Mustafa Alkan
2) Log management and SIEM products Siber Güvenlik ve Savunma, Farkındalık ve Caydırıcılık, Editörler: Prof. Dr. Şeref Sağıroğlu, Prof. Dr. Mustafa Alkan
3) Splunk software installation and key features Siber Güvenlik ve Savunma, Farkındalık ve Caydırıcılık, Editörler: Prof. Dr. Şeref Sağıroğlu, Prof. Dr. Mustafa Alkan
4) Log upload methods in Splunk Siber Güvenlik ve Savunma, Farkındalık ve Caydırıcılık, Editörler: Prof. Dr. Şeref Sağıroğlu, Prof. Dr. Mustafa Alkan
5) Log search and operator usage in Splunk Siber Güvenlik ve Savunma, Farkındalık ve Caydırıcılık, Editörler: Prof. Dr. Şeref Sağıroğlu, Prof. Dr. Mustafa Alkan
6) Reporting and analysis in Splunk Siber Güvenlik ve Savunma, Farkındalık ve Caydırıcılık, Editörler: Prof. Dr. Şeref Sağıroğlu, Prof. Dr. Mustafa Alkan
7) Alert feature in Splunk Siber Güvenlik ve Savunma, Farkındalık ve Caydırıcılık, Editörler: Prof. Dr. Şeref Sağıroğlu, Prof. Dr. Mustafa Alkan
8) Midterm Siber Güvenlik ve Savunma, Farkındalık ve Caydırıcılık, Editörler: Prof. Dr. Şeref Sağıroğlu, Prof. Dr. Mustafa Alkan
9) Universal forwarder at Splunk Siber Güvenlik ve Savunma, Farkındalık ve Caydırıcılık, Editörler: Prof. Dr. Şeref Sağıroğlu, Prof. Dr. Mustafa Alkan
10) General definitions and concepts in cyber security Siber Güvenlik ve Savunma, Farkındalık ve Caydırıcılık, Editörler: Prof. Dr. Şeref Sağıroğlu, Prof. Dr. Mustafa Alkan
11) Cyber incident response processes Siber Güvenlik ve Savunma, Farkındalık ve Caydırıcılık, Editörler: Prof. Dr. Şeref Sağıroğlu, Prof. Dr. Mustafa Alkan
12) Tools used in response to cyber incidents Siber Güvenlik ve Savunma, Farkındalık ve Caydırıcılık, Editörler: Prof. Dr. Şeref Sağıroğlu, Prof. Dr. Mustafa Alkan
13) Forensics, image acquisition and investigation of malware Siber Güvenlik ve Savunma, Farkındalık ve Caydırıcılık, Editörler: Prof. Dr. Şeref Sağıroğlu, Prof. Dr. Mustafa Alkan
14) Forensics, image acquisition and investigation of malware Siber Güvenlik ve Savunma, Farkındalık ve Caydırıcılık, Editörler: Prof. Dr. Şeref Sağıroğlu, Prof. Dr. Mustafa Alkan

Sources

Course Notes / Textbooks: Derrste not tutulacaktır.
References: Siber Güvenlik ve Savunma, Farkındalık ve Caydırıcılık, Editörler: Prof. Dr. Şeref Sağıroğlu, Prof. Dr. Mustafa Alkan
Logging and Log Management, Dr. Anton A. Chuvakin, Kevin J. Schmidt, Christopher Phillips

Ders - Program Öğrenme Kazanım İlişkisi

Ders Öğrenme Kazanımları

1

2

3

4

5
Program Outcomes
1) Having knowledge and skills in security algorithms for programming
2) Ability to install and manage software required for end user security
3) Having the ability to install and manage computer networks and use the network operating system
4) Have basic database and web programming skills

Ders - Öğrenme Kazanımı İlişkisi

No Effect 1 Lowest 2 Low 3 Average 4 High 5 Highest
           
Program Outcomes Level of Contribution
1) Having knowledge and skills in security algorithms for programming 3
2) Ability to install and manage software required for end user security 2
3) Having the ability to install and manage computer networks and use the network operating system 2
4) Have basic database and web programming skills 1

Öğrenme Etkinliği ve Öğretme Yöntemleri

Bireysel çalışma ve ödevi
Course

Ölçme ve Değerlendirme Yöntemleri ve Kriterleri

Yazılı Sınav (Açık uçlu sorular, çoktan seçmeli, doğru yanlış, eşleştirme, boşluk doldurma, sıralama)

Assessment & Grading

Semester Requirements Number of Activities Level of Contribution
Midterms 1 % 40
Semester Final Exam 1 % 60
total % 100
PERCENTAGE OF SEMESTER WORK % 40
PERCENTAGE OF FINAL WORK % 60
total % 100

İş Yükü ve AKTS Kredisi Hesaplaması

Activities Number of Activities Duration (Hours) Workload
Course Hours 14 2 28
Study Hours Out of Class 14 2 28
Midterms 1 20 20
Final 1 20 20
Total Workload 96