Objectives and competences
The student will be able to
1. Explain the core cyber security principles and to identify and apply the key components of cybersecurity network architecture.
2. Describe risk management processes and practices.
3. Distinguish system and application security threats and vulnerabilities and to describe different classes of attacks.
4. Identify security tools and hardening techniques.
5. Describe new and emerging IT and IS technologies and corresponding security risks.
6. Appraise cybersecurity incidents and to apply appropriate response.
Content (Syllabus outline)
1. Cybersecurity introduction and overview
2. Cybersecurity concepts
3. Security architecture principles
4. Security of networks, systems, applications and data
5. Incident response
6. Security implications of the adoption of emerging technologies
7. Frameworks and guidelines for cybersecurity ensurance in an organization
Learning and teaching methods
• Lectures,
• Tutorial and computer work,
• e-Learning using the Moodle online classroom,
• Laboratory work.
Intended learning outcomes - knowledge and understanding
• Knowledge and understanding:Understanding the key concepts and terminology in cybersecurity as well as roles and domains of cybersecurity.
• Knowledge of various types of cybersecurity architecture.
• Knowledge of key components of securing networks, systems and applications and data.
• Ability of cybersecurity incident identification and outline the phases of incident response.
• Knowledge and awareness of implications for adaption of evolving technology.
Readings
1. Cybersecurity fundamentals study guide (2nd. ed., str. VI, 194). (2017). ISACA.
2. Stallings, W. (2023). Cryptography and network security: principles and practice (8th ed., global ed., str. 832). Pearson.
3. Stallings, W., & Brown, L. (2018). Computer security: principles and practice (4th ed., global ed., str. 800). Pearson.
4. Edgar, T. W., & Manz, D. O. (2017). Research methods for cyber security (str. XIII, 404). Syngress.
5. Stallings, W. (2019). Effective cybersecurity: understanding and using standards and best practices (str. XXXI, 768). Addison-Wesley.
6. Rasner, G. C. (2021). Cybersecurity and third-party risk: third party threat hunting (str. XXII, 458). Wiley.
7. Crawley, K. (2022). 8 steps to better security: a simple cyber resilience guide for business (str. XX, 204). Wiley.
8. International standard. ISO/IEC 27001, Information security, cybersecurity and privacy protection - Information security management systems - Requirements, = Sécurité de l'information, cybersécurité et protection de la vie privée - Systemes de management de la sécurité de l'information - Exigences (3rd ed., str. V, 19). (2022). ISO copyright office.
9. International standard. ISO/IEC 27002, Information security, cybersecurity and privacy protection - information security controls, = Sécurité del l'information, cybersécurité et protection de la vie privée - mesures de sécurité del l'information (3th ed., str. 152). (2022). ISO copyright.
10. International standard. ISO/IEC 27005, Information security, cybersecurity and privacy protection -Guidance on managing information security risks, = Sécurité de l'information, cybersécurité et protection de la vie privée - Préconisations pour la gestion des risques liés a la sécurité de l’information (4th ed., str. VI, 62). (2022). ISO copyright office.
