Offence, Defence and Forensics
Study plans 2016-2017 - IMT3004 - 10 ECTS

On the basis of

Drift av tjenestearkitekturer
ITSM, risikohåndtering og sikkerhetsledelse

Expected learning outcomes

The candidate has knowledge about different activities associated with securing computer systems, including

  •     Incident reporting and response strategies and business resumption planning.
  •     Digital Forensics methodology with a solid understanding of requirements for handling digital evidence.
  •     Offense techniques that are used to understand how attacker think and operate and identify weaknesses during operations.

The candidate can

  •     develop contingency and incident response plan
  •     forensic acquisition of digital evidence from computer and network media
  •     perform ethical hacking to identify weakness in systems

General Competence:
Candidates have insight into the methods of planning for incidents, defending information systems and testing these systems for weakness. In case of an incident they are able to collect evidence based on digital forensics methodologies and the relationship with incident handling.


Cyber defence

  • Incident response and recovery plan
  • Prevention and detection methods

Cyber offence

  • Ethical hacking methodology
  • Ethical hacking testing process
  • Scanning, exploitation and post-exploitation


  • Digital forensics methodology
  • Live and file system forensics
  • Forensic reconstructions
  • Internet and network forensics

Teaching Methods

Laboratory work
Project work

Form(s) of Assessment

Oral presentation
Written exam, 2 hours
Evaluation of Project(s)

Form(s) of Assessment (additional text)

Oral examination counts for 20%

Written examination counts for 40%

The project(s) counts for 40%

All parts must be passed.

Grading Scale

Alphabetical Scale, A(best) – F (fail)

Re-sit examination

No re-sit examination - projects and exam are closely connected and related

New project(s) and exam at next course dates