Factorization in integers. Then he will go to a diploma, to doctoral and candidate degrees, to other prestigious titles and awards. It just won't work :-)

Number, examples and possible consequences of vulnerabilities on the official website of the institute/faculty

A promising direction now is PKI. The private key infrastructure is now penetrating both government offices and medium-sized businesses. In large business, it is already impossible without it.
Take some company (well, if it's real) and work on the PKI topic for it. There is nowhere more practical. And there is a perspective. If you do everything right, the job will be a good recommendation for you when applying for a job.
But keep in mind that this work is serious, you will have to sweat.

Eh-eh-eh. Where to start something?
What is your level of knowledge? What should be the result of the course? A computer program (web service) that does something that is somehow related to information security?
The first thing that comes to mind is that an electronic signature is everywhere now. All existing solutions, especially in terms of usability, correspond to the natural curvature of the hands of domestic "programmers" (in the worst possible sense).
Start simple. Take openssl, make a pair of X509 sender-receiver certificates (Alice-Bob;). Sign the doc file. Check the validity of the signature. Encrypt the file. Decipher. Try different attacks on signed and encrypted files. The result is a simple electronic document management system.
ps: If it works, fire up CryptoPros with their curvy OfficeSignature, file the FSB certificate - and forward to the green meadows of state contracts :)))

With practical application and an interesting topic can be taken using, for example, Raspberry Pi.
Fedora, Ubuntu, but better a specialized PwnPi distribution, released by craftsmen specifically for installation on the Raspberry Pi. It already contains all the necessary hacker tools. In addition, the craftsmen willingly share their experience of installing a hidden server on it in the anonymous I2P network, installing Metasploit, creating a hardware sniffer, and much more.

A tool for classifying information and labeling it.