|
Choose A
|
Code |
Training and Learning Results |
|
Choose B
|
Code |
Knowledge |
| |
B1 |
Knowledge of the basic methods and techniques of classical cryptography, cryptographic security standards and protocols, steganography and post-quantum encryption. |
| |
B2 |
To learn about malware stealth and persistence techniques, as well as current malware trends through the study of real cases. |
| |
B3 |
Identify privacy attack methods and the concepts of privacy preservation and anonymity: differential privacy, homomorphic encryption and secure multi-party computing. |
| |
B4 |
Distinguish the main vulnerabilities suffered by applications, as well as the main authentication, authorisation and access control mechanisms, with special emphasis on web applications and web services. |
| |
B5 |
Knowledge of vulnerabilities in network access devices and technologies, tools to scan for them and protective measures for secure communications networks, as well as understanding the concept of security policy as applied to networks, perimeter security and firewalls. |
| |
B6 |
Understand the basic concepts and general functioning of distributed log-based technologies; as well as their assessment in terms of confidentiality, integrity and availability; and their main applications and use cases. |
| |
B7 |
To know in detail the network protocols that provide security for the transmission of information, and to understand which other protocols, being auxiliary (not related to the world of security), present exploitable vulnerabilities and possible countermeasures against attacks. |
| |
B8 |
Distinguish the different types of OS vulnerabilities, their operation and configuration, as well as how they limit the exposure of the OS. |
| |
B9 |
Identify the architecture of IoT systems, their complexity and vulnerabilities, and understand security in the field of embedded systems and IoT communication systems. |
| |
B10 |
Differentiate the most common cyber-attack vectors and techniques, as well as understand and apply methods and techniques for detecting vulnerabilities in computer hardware, communication networks, databases, software and/or information services. |
| |
B11 |
Understand the fundamental concepts of the digital security business and, in this context, how companies operate, how to monetise and how to communicate products to specialised and non-specialised audiences. |
| |
B12 |
To know the techniques and tools for the preservation and analysis of evidence, as well as the appropriate methodologies for carrying out forensic work with legal validity. |
| |
B13 |
Interpret the fundamental concepts, typology and evolution of the architecture of data processing centres (DPC) from a vision focused on the security of the physical infrastructure, as well as the basic techniques of DPC security such as virtualisation, fortification of physical and logical elements and data securisation. |
| |
B14 |
Distinguish the fundamental concepts associated with security in mobile operating systems and the development of secure apps, as well as mobile device management systems. |
| |
B15 |
To understand the basic concepts of smart contracts and decentralised applications, as well as the technologies for their technical design and development and security considerations (testing and code analysis). |
| |
B16 |
Describe the fundamental concepts and technical regulations related to Information Security Management, Risk Analysis methodologies, as well as the tools to carry out risk analysis tasks, security auditing, incident management, business continuity management and recoveries. |
| |
B17 |
Analyse the technical and legal regulations applicable to cybersecurity, their implications in the design of systems, in the use of security tools and in the protection of information. |
|
Choose C
|
Code |
Skill |
| |
C1 |
Determine the degree of security of a cryptographic solution, choose the most appropriate one for an information or communications system, as well as implement and adapt its elements. |
| |
C2 |
Detect and eliminate vulnerabilities susceptible to malware, as well as malware, in communication systems and networks, as well as evade malware stealth and persistence techniques. |
| |
C3 |
Choosing the most appropriate privacy and anonymisation solution for an information or communications system, as well as knowing how to apply and adapt privacy and anonymisation elements to a product, service or information and communications system according to the needs and taking into account the trade-off between information utility and data privacy. |
| |
C4 |
Preventing, identifying and correcting the main vulnerabilities suffered by applications, as well as incorporating authentication, authorisation and access control mechanisms for applications. |
| |
C5 |
Design and implement secure networks, selecting and configuring the appropriate devices for each section of the network and proactively using network monitoring so that the organisation is correctly implemented. |
| |
C6 |
Apply distributed logging technologies to specific use cases, as well as design, develop and deploy a solution based on these technologies, optimising its essential parameters and applying protection mechanisms to prevent and mitigate attacks. |
| |
C7 |
Decide on the appropriate solution/protocol to ensure end-to-end communications security, as well as configure the different tools provided by the different operating systems/platforms to activate communications security. |
| |
C8 |
Identify the vulnerabilities of an OS in a specific usage environment, modify the configuration to minimise its exposure and test its security level. |
| |
C9 |
Analyse the security implications of technologies related to the digitisation of production sectors, as well as assess and model threats and execute attacks in order to design secure IoT systems. |
| |
C10 |
Identify and exploit, in an analytical and practical way, vulnerabilities in information systems, as well as identify possible attack vectors and innovate in techniques and processes related to ethical hacking. |
| |
C11 |
Assessing a company in the field of security and even more specific sectors within this field, as well as defining the necessary profiles, whether in-house or external, associated with cybersecurity. |
| |
C12 |
Identify, preserve and analyse evidence, perform forensic analysis of an information system, and generate reports that are clear, concise and intelligible to experts and non-experts alike. |
| |
C13 |
Apply infrastructure virtualisation tools in Data Processing Centres, as well as use tools for monitoring their infrastructures and services. |
| |
C14 |
Identificar vulnerabilidades nos sistemas operativos e aplicacións dos dispositivos móbiles, así como realizar unha análise forense e definir a política de seguridade que afecta ás comunicacións e aos sistemas móbiles dunha organización. |
| |
C15 |
Apply smart contracts to the development of decentralised systems, assess whether a development is appropriate to the problem and use appropriate development tools to programme, deploy and interact with smart contracts, as well as use oracles under robust and secure conditions. |
| |
C16 |
Manage information security, use risk analysis tools and security auditing, proactively identify and classify possible incidents and define the channels for their management and resolution. |
| |
C17 |
Analyse and communicate the legal regulations related to cybersecurity, its ethical-legal issues and cybercrime in the national, European and international context. |
| |
C18 |
Know how to apply acquired knowledge and problem-solving skills in new or unfamiliar environments within broader (or multidisciplinary) contexts related to their area of study. |
| |
C19 |
Know how to communicate their conclusions - and the ultimate knowledge and rationale behind them - to specialised and non-specialised audiences in a clear and unambiguous way. |
|
Choose D
|
Code |
Competences |
| |
D1 |
Solve problems related to the use of encrypted information and have the autonomy and initiative to develop innovative solutions in the fields of cryptography, cryptanalysis, anonymisation and privacy. |
| |
D2 |
Demonstrate autonomy and initiative to solve complex problems involving multiple technologies in the field of communications networks or systems, and develop innovative solutions in the field of private communications and distributed computing. |
| |
D3 |
Work as a malware analyst, to protect applications, as well as analyse their security in any application area. |
| |
D4 |
Applying blockchain technology to the verifiable decentralised protection of information, be it digital information assets or digital assets representing goods of use. |
| |
D5 |
Analyse the security of communication protocols at the physical, link, network and transport layers, as well as evaluate the security measures that need to be implemented in a corporate network to protect its internal assets and communications. |
| |
D6 |
Identify vulnerabilities in a real system, as well as vary its parameters and configure it to protect against them, thus limiting exposure to known threats. |
| |
D7 |
Apply security policies and implement different protection techniques based on an understanding of attacks on industrial systems to minimise security issues and attacks on industrial control networks. |
| |
D8 |
Perform penetration testing in complex practical environments to identify vulnerabilities, as well as to perform attacks in controlled environments with critical and ethical judgement. |
| |
D9 |
Apply forensic investigation methods for the analysis of cybersecurity incidents or risks using scientific and analytical techniques to identify, preserve, analyse and present data that are valid within a legal process. |
| |
D10 |
Design and manage infrastructure security to perform infrastructure security auditing and ensure business continuity under reference norms and standards. |
| |
D11 |
Design, implement and maintain an information security management system using reference methodologies, analyse risks, plan incident or disaster detection and recovery periods, develop a business continuity plan, certify secure systems and perform security auditing of systems and facilities. |
| |
D12 |
Adequately interpret the sources of information in the field of computer criminal law (laws, jurisprudence and doctrine) at national and international level. |
| |
D13 |
Apply acquired knowledge and problem-solving skills in new or unfamiliar environments within broader (or multidisciplinary) contexts related to their area of study. |
| |
D14 |
Project, model, calculate and design technical and management solutions for information security, networks and/or communications systems in all fields of application, with ethical criteria of responsibility and professional ethics. |
| |
D15 |
Communicate knowledge and findings, and the ultimate reasons behind them, to specialist and non-specialist audiences in a clear and unambiguous way. |
| |
D16 |
Innovate and contribute to the advancement of the principles, techniques and processes related to their professional field, designing new algorithms, devices, techniques or models useful for the protection of public, private or commercial digital assets. |
| |
D17 |
Incorporate criteria of sustainability and environmental commitment in professional practice through the equitable, responsible and efficient use of resources. |
| |
D18 |
Valorar a importancia da seguridade da información no avance socioeconómico da sociedade e ter capacidade para desenvolver plans e proxectos de traballo claros, concisos e razoados no ámbito da ciberseguridade. |
| |
D19 |
Apply the gender perspective in the different fields of knowledge and in professional practice with the aim of achieving a fairer and more egalitarian society. |
| Universidade de Vigo
|
Reitoría |
Campus Universitario |
C.P. 36.310 Vigo (Pontevedra) |
Spain |
Tlf: +34 986 812 000
|
|
Training and Learning Results