3 min

"I chose the technical track" – insight into Master Cyber Security and Resilience Specialisation Courses

"I chose the technical track" – insight into Master Cyber Security and Resilience Specialisation Courses

Iris Pfoser

Student Ambassador for Cyber Security and Resilience

As a Student Ambassador for Cyber Security and Resilience, I advise prospective students on the degree programme and provide insights into our daily study routine.

One of the most frequently asked questions besides admission requirements is the choice of specialisation from the third semester on.

Here you go! The general structure of the study programme is as follows:

  • In the first two semesters, you will take various courses in the areas of network technology, cryptography, project management, and information security management – generally, a good mix of soft and hard skills.
  • In the third semester, you have to decide on a specialisation.
    You can choose between "Organisational Security and Resilience" and "Technical Security and Resilience". Depending on the specialisation, different courses are offered.

I chose the technical track and would like to give you some insights into my chosen courses.

Specialisation course 1: Cyber Defense Center (CDC)

The goal of this course was to get a good overview of the structure of a Cyber Defense Center (CDC) and how to work with cyber threat information.

Like the rest of our courses, this course was blocked and the theoretical basics were taught in a total of 4 days over a period of 3 weeks.

In addition to the theoretical input, there were three laboratory exercises.

  1. After all theoretical contents had been discussed, we started the first laboratory exercise. This involved analysing a provided log file and identifying possible Indicators of Compromise (IOC) or Indicators of Attack (IOA).


  2. The second lab exercise was primarily about becoming familiar with CDC tools. For this purpose, we were provided with a virtual work environment in which we could try out Logstash, Kibana, and Elasticsearch. This gave us a quick overview of how data can be processed, analysed, and visualised.
  3. In the last lab exercise, we learned how to use Suricata, which is a high-performance, open-source network analysis and threat detection software. Our task was to write specific rules that are used by the tool to detect given attacks.

The grades for the course consisted of a written examination and an evaluation of the laboratory exercise protocols.

Specialisation course 2: Reverse Engineering and Malware Analysis

Unlike the other course, we had an intensive week for this one. During this week, we had classes all day every day.

Thematically, this course was divided into two blocks: The first block was on Malware Analysis and Reverse Engineering, while the second was on Software Protection and Obfuscation.

The goal of the course was to learn the basics of reverse engineering and malware analysis.

This included differentiating between the different types of malware and understanding the possibilities of obfuscation and protection against manipulation.

In addition, the basics such as memory layout and CPU operations were also covered.


  1. In the first block, we were provided with so-called “guided labs” to make our first malware analysis attempts under guidance. After some examples, we were allowed to analyse two different malware samples on our own and write an analysis report.
  2. The second part was about software protection and tamperproofing. After we had been taught all the necessary theoretical content, we had to put our newly acquired knowledge into practice in two laboratory exercises. Here we tried to obfuscate our own or provided source code and protect it against manipulation with the help of small programming tasks. For this part, we had to hand in another lab report.

As in the previous course, the grade was made up of a written exam and the assessed lab reports.

All in all, I was very glad about my course selection, even though the exercises were challenging at times.

The lecturers of both courses were very proficient and made every effort to impart as much of their knowledge as possible in a short period of time.

You want to study Cyber Security and Resilience too?