Program Overview

Security Operations

The Security Operations short course provides a comprehensive understanding of security principles, threat detection, incident response, and mitigation strategies. Students learn to analyse security risks, implement defensive measures, and manage security incidents effectively.

Course Overview

This course provides students with the ability to evaluate and apply the methods, tools, and techniques used in Security Operations Centres (SOC). The mode of study is online learning, and the mode of attendance is part-time. The course starts on May 15, 2026, and lasts for 10 weeks.

Topics

• Networking Fundamentals: OSI model, fundamentals of LAN design and configuration, common networking protocols.
• Network Security Fundamentals: main threats and vulnerabilities, security knowledge management (CVE, CVSS, CWE, Mitre ATT&CK), network and host data sources (e.g., pcap, netflow, dns, server logs), access control lists.
• Basics of network monitoring and intrusion detection, Wireshark.
• SIEM - Security Incident Event Management, alert correlation.
• Incident handling, digital forensics, data collection, reporting, and analysis.

Learning Outcomes

On completion of this short course, students will be able to:

• Analyse the architecture, protocols, threats, and vulnerabilities of a typical enterprise network.
• Analyse key incident events reported by the security incident event management system.
• Apply appropriate tools and techniques to respond to cyber security incidents or threats.
• Document cyber security incidents and responses.

Course Structure

The course can be completed in 10 weeks, with 8 weeks to complete online materials and exercises, and 2 weeks to apply techniques learned to a small capstone project.

Teaching

The course includes 8 weeks of teaching/learning activity, consisting of:

• Recorded lectures: approximately 2 hours/week, presented as short, bite-sized lessons.
• Practical labs: a range of hands-on exercises using relevant tools and techniques to explore the principles covered in lectures.

Assessment

The assessment consists of 1 coursework report on a given scenario, investigating a security incident.

Independent Study

Materials and exercises are available online, allowing participants to study flexibly and independently. Additional resources include further reading and online tutor support.

Staff

The course will be delivered by an academic member of the cyber security team, which has extensive experience in delivering cyber security courses and a track record in cyber security research and consultancy in partnership with industry.

Academic Support

The Inclusion Centre advises and supports students who disclose a sensory or mobility impairment, chronic medical condition, mental health issue, dyslexia, and other specific learning differences.

Online Learning and Support

All students benefit from using the collaborative virtual learning environment, Moodle, which provides 24/7 online access to learning material and resources.

Study Skills Support

The Study Support Team provides training and support in academic writing, study skills, maths and statistics, and information technology.

Library Support

The Library offers support for the course, including books, eBooks, and journals, as well as online reading lists, workshops, and drop-ins on searching skills and referencing.

Fee Information

If you are domiciled in Scotland, you may be eligible for a fee-waiver place, meaning you can study for free. For all other applicants, the course fee is ｣520 for the entire module.

Additional Costs

Some other costs are not included in the course fees, such as accommodation and living costs, and printing.

Disclaimer

For new intakes, course fees are reviewed and published annually for each mode of delivery. Tuition fees are fixed for the duration of a course at the rate confirmed in the offer letter.