PV210 Cybersecurity Team and Its Services

Faculty of Informatics
Autumn 2026
Extent and Intensity
2/0/2. 3 credit(s) (plus extra credits for completion). Type of Completion: k (colloquium).
In-person direct teaching
Teacher(s)
doc. RNDr. Jan Vykopal, Ph.D. (lecturer)
RNDr. Martin Laštovička, Ph.D. (lecturer)
prof. Ing. Pavel Čeleda, Ph.D. (lecturer)
RNDr. Valdemar Švábenský, Ph.D. (assistant)
Guaranteed by
doc. RNDr. Jan Vykopal, Ph.D.
Department of Computer Systems and Communications – Faculty of Informatics
Supplier department: Department of Computer Systems and Communications – Faculty of Informatics
Prerequisites (in Czech)
PV080 Information Security and Cryptography
Course Enrolment Limitations
The course is also offered to the students of the fields other than those the course is directly associated with.
The capacity limit for the course is 75 student(s).
Current registration and enrolment status: enrolled: 0/75, only registered: 61/75, only registered with preference (fields directly associated with the programme): 49/75
fields of study / plans the course is directly associated with
Abstract
The general objective of the course is to introduce the role and services of a Computer Security Incident Response Team (CSIRT) in an organization. The course covers specific knowledge and skills required for the work role of Cyber Incident Responder as defined by the European Cybersecurity Skills Framework.
Learning outcomes
At the end of the course, a student should be able to:
  • understand the role and basic services of a CSIRT;
  • perform cyber defense incident triage;
  • track and document cyber defense incidents from initial detection through final resolution;
  • coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents;
  • coordinate incident response functions;
  • write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies;

    • Key topics
    • Computer Security Incident Response Team (CSIRT), its role and services.
    • FIRST CSIRT Services Framework.
    • Incident handling.
    • Vulnerability management
    • Situational awareness.
    • Security advisories.
    • Knowledge transfer.
    • Security policies.
    Study resources and literature
    • ENISA. Good Practice Guide for Incident Management. 2010. URL: https://www.enisa.europa.eu/publications/good-practice-guide-for-incident-management.
    • ENISA. European Cybersecurity Skills Framework Role Profiles. 2022. URL: https://www.enisa.europa.eu/publications/european-cybersecurity-skills-framework-role-profiles.
    • FIRST CSIRT Services Framework. 2019. URL: https://www.first.org/standards/frameworks/csirts/csirt_services_framework_v2.1.
    Approaches, practices, and methods used in teaching
    Interactive classes, homework assignments, tabletop exercises during the semester and at the end of the course.
    Method of verifying learning outcomes and course completion requirements
    Homework assignments during the semester, active participation in table-top exercises.
    Language of instruction
    Czech
    Further comments (probably available only in Czech)
    The course is taught annually.
    The course is taught every week.
    Teacher's information
    The course is taught in Czech. All material and assignments will be provided primarily in English.
    The course is also listed under the following terms Autumn 2008, Autumn 2009, Autumn 2010, Autumn 2011, Autumn 2012, Autumn 2013, Autumn 2014, Autumn 2015, Autumn 2016, Autumn 2017, Autumn 2018, Autumn 2019, Autumn 2021, Autumn 2022, Autumn 2023, Autumn 2024, Autumn 2025.
    • Enrolment Statistics (recent)
    • Permalink: https://is.muni.cz/course/fi/autumn2026/PV210