The standard programme consists of the courses marked with *** and **. Cultural & Socio-economic Introduction to Belgium (marked with ***) is mandatory. The other courses, marked with **, can only be replaced by elective courses from the Bachelor in Cyber Security or Bachelor in Applied Computer Science - major Cyber Security, with approval after a screening of the desired prerequisites. In case of doubt, an online interview will be organised.In our experience, the elective courses are quite difficult for some exchange students, and we want to make sure you have the required prior knowledge. Mind that you are responsible for selecting the right courses at your level. No intake interview is needed if you apply for the standard programme.Back to English Taught Semester Applied Computer ScienceApplied Computer Science I (autumn) course overviewCourse unit descriptions for this programme (course catalogue) Courses Cultural & socio-economic introduction to Belgium (3ECTS) *** You will learn about Belgian and Flemish culture (history, architecture, literature, music, ...), political structure and socio-economic data, all in comparison to the socioeconomic data of your home country. This course includes a survival course Dutch, a cultural and historical walk through Bruges, and if possible, also a visit to the Parlamentarium and the European Parliament in Brussels and an additional visit specifically linked to the English-taught semester you follow.History of Flanders & BelgiumPolitical system in Belgium & EuropeBelgian EconomyHealth & Wellfare system in BelgiumCrash course Dutch International Project (6ECTS) ** Participation in the international project held at Howest. The project is multi-disciplinary and the topic of the last years has been Smart Car Race.During one week, normally held the end of March, you will work together with students of other universities. Our mission is to build a car with IoT hardware and to control it with your mind. As a minimum, a robot will drive forward/stop with your mind while a LED shows the status. At the end of the week we organise a race to decide which car was the best in control and which had the most original design.There is a participation cost of +/- 140 EUR is, which includes the sessions, labs, lunches, socio-cultural activities and farewell dinner. Object Oriented Programming (6ECTS) ** The student distinguishes mathematical algorithms that are needed for the implementation of IT components and identifies different programming structures in IT solutions.Classes and ObjectsObjects and EqualityObjects and orderAlgorithms and data structures: CollectionsSoftware Design: turn a text into an OO design and an OO programPolymorphism, inheritance and interfacesException handlingTesting: write and use unit testingAlgorithms and data structures: trees, traversal and searchBasic version control Web Backend (3ECTS) ** Advanced HTMLAdvanced JavaScript techniquesServer-side scriptingCascading Style SheetsThe use of git for creating and submitting delivered work is inextricably linked to this course. Capture the Flag (3ECTS) ** Capture the Flag is a guided exercise in which students search in groups for "flags" that have been deliberately hidden in code and environments.The following flags belong to the categories:- Forensics- Networking- Cryptography- Web Exploitation- Reverse engineering- Binary exploitationThe emphasis in this module is on web exploitation but also contains some networking flags.The output of the project is a report in which the student describes the search. Web Pentesting Fundamentals (3ECTS) ** Web Pentesting based on the OWASP top 10.FingerprintingXSSSQLi... Scripting and Code Analysis (6ECTS) ** This course aims at two objectives: learning to script sufficiently from the perspective of a cybersecurity professional and being able to analyze existing application code using automated tools (includinginterpretation).The content is:- Scripting basics and libraries for network and OS (Python and best practices)- Static code analysis (SAST, DAST): setup, configuration, interpretation- Programming with AI and interpretation- Building a network scanner- Scripting for the web and interaction with API's- DevSecOps Computer Networks (6ECTS) ** Introduction (terminology, types of computer networks, network components etc.)Usage of a NOS (network operating system)Network models and protocolsNetwork access (wired vs wireless)EthernetNetwork layerTransport layerIP addressing and subnettingApplication layerNetwork securityStatic routingVLANNAT Linux for Ethical Hackers (6ECTS) ** Content for this course includes:- Command line principles- Working with files and directories- Archiving and compression- Managing packages and processes- Network Services configuration- Manage users and groups- Ownership and permissions (including sudo)- Special permissions, links & file locations- Basic bash scripting- Scheduling- loggingNIST CSF 1.1 categoriesProtect- PR.PT-1: Audit/log records are determined, documented, implemented, and reviewed in accordance with policyLearning pathsLinux- Special permissions (setgid, setuid) [1.1 Linux]- Account management (password file, shadow file, sudo) [1.1 Linux]- Ssh (public key authentication, port forwarding, agent) [1.1 Linux]- TMUX [1.1 Linux]- Other shells [1.1 Linux]- Package management [1.1 Linux]- Archiving and compression, rsync [1.1 Linux]- Hard and soft links [1.1 Linux]-Mount, dd, [1.1 Linux]- Network config: interfaces, iproute2, networkmanager, systemd-networkd, [1.1 Linux]- Systemd services [1.1 Linux]- Logging [1.1 Linux]- Scheduling [1.1 Linux]- Basic bash scripting [1.1 Linux]- Working with text files, file system hierarchy, find [1.1 Linux]- ntp client [1.1 Linux]- tools [1.1 Linux]- Distros: Kali, Debian [1.1 Linux]CyBOK 1.1 knowledge areas- isolation [4.5 Operating Systems and Virtualization Security]- mediation [4.5 Operating Systems and Virtualization Security]- design choices [4.5 Operating Systems and Virtualization Security]- security domains [4.5 Operating Systems and Virtualization Security]ENISA CSF skills and knowledge- Operating systems security Data Privacy and IT Law (3ECTS) ** Study of the most important legal points of interest:Intellectual PropertyElectronic commerceLaw of obligations & in detail IT contractsProof and electronic signatureOpen source softwarePrivacy and data processingCamera legislationComputer crime law Server System Management (6ECTS) Windows Server LabInstallation and configuration of a (virtual) Windows network (domain model)Querying, entry, adapting and removing Active Directory information using a GUI & Windows PowerShell cmdletsInstallation, configuration en usage of server roles on a server in a domain model (file server, DHCP server, DNS server, web server...)Users and Group maintenance in a domain modelSetting up share- & NTFS-permissions on shared foldersConfiguring users and computers through Group PoliciesIntroduction and exploration of the Microsoft Azure platformScriptsLinux Server LabCommand line principlesWorking with files & directoriesArchiving and compressionPipes & redirectionManaging packages & processenNetwork Services configuration (incl. SSH, DHCP & DNS)Managing users and groupsOwnership & permissions (including sudo)Special permissions, links & file locationsScriptsNetwork Booting (PXE) Forensic Analysis (3ECTS) The forensic processHard Drives - hardware detailsVolumes analysisFile systemsApplication level forensicsWindows registry forensicsData RecoverySecure data-removalData Hiding, steganographyAnti-Forensic tools .NET Technology Fundamentals (3ECTS) .NET EcosystemC# Fundamentals and OOLibrariescreatingconsumingLinQEntity FrameworkWeb Applicationviewmodelsforms and taghelperssessionsmaster/view sectionsSecurityidentityOAuth Web Pentesting Advanced (3ECTS) Web Pentesting Advanced continues where Web Pentesting Fundamentals has stopped and expands into a wider field of topics. Security Management, Threat and Risk Assessment (3ECTS) Requirements and risk managementSystem modelSecurity objectivesRisk assessmentThreats: attacker modelAttack patterns: CAPEC, MAEC, ...Threat modeling: STRIDE-LM, LINDDUN, DREAD, ...Threat intelligence: Pyramid of pain, Lockheed Martin Kill chain, Diamond, ATT&CK (incl ICS), CAR, CAPEC, CWE, CVE, OWASP, ...Mitigations: Defense modelSecurity controlsSecurity and data protection by designIncident responseCompliance and governanceFrameworks: ISO 27K, COBIT, COBIT Risk, COBIT Information Security, NIST SP 800.53, NIST CSF, CMMI, CIS, PCI DSS, ...Legal: GDPR, LED, NIS, EIDAS, E-privacy, EU cybersecurity act, PSD2, PNR, ...Security organisation and conclusionsCase studyThreat identification (information security and data protection)Threat risk assessmentControls Cultural & socio-economic introduction to Belgium International Project Object Oriented Programming Web Backend Capture the Flag Web Pentesting Fundamentals Scripting and Code Analysis Computer Networks Linux for Ethical Hackers Data Privacy and IT Law Server System Management Forensic Analysis .NET Technology Fundamentals Web Pentesting Advanced Security Management, Threat and Risk Assessment