Objectives and competences
The objective of the course is to prepare students to know and understand the field of security and protection of computer and information systems and computer networks from an organizational and management perspective. It is also intended to prepare students to be able to analyze risks and take appropriate measures to secure information / computer systems in network environments and on the Internet.
Content (Syllabus outline)
• Introductory chapters on security and the aim for assuring security.
• Principles and approaches
• Attacks and threats in network environments
• Authentication procedures and technologies in network environment
• Public key infrastructure
• Security services in web
• Digital signatures
• Malware, spam
• Backups and archives
• Standards and Management of Security
• Security Policies
• Privacy, Ethic and Legal issues in Security
• Role, significance, awareness and implementation of education of information security
Learning and teaching methods
• lectures,
• lab work.
Intended learning outcomes - knowledge and understanding
• understand the threats, risks, vulnerabilities and the impact of attacks on information systems on networks or on the Internet and network environments
• analyze threats, risks and vulnerabilities
• assess the level of threat, risk and weaknesses
• identify cyberattacks
• choose appropriate safeguards and countermeasures
• use appropriate safeguards and countermeasures (protocols and mechanisms for protecting network connections)
• design comprehensive plans for the protection of wireless connections and networks and the security of the information system
• design a security policy
• analyze and assess importance of legal and ethical issues of information security
• choose appropriate level of privacy
Intended learning outcomes - transferable/key skills and other attributes
• Communication skills: writing a professional report of the performed laboratory work and project, oral laboratory work defense, manner of expression at oral examination.
• Use of information technology: searching information on the worldwide web, use of tools for writing reports, implementation of computer programs and the use of computer programming environment.
• Problem solving: autonomous study, resolving a problem from the field of network security and introduction of the overall protection solution
Readings
• W. Stallings, L. Brown: Computer Security: Principles and Practice, 4th Edition, Pearson, 2018
• Pfleeger, C. P., Pfleeger, S. L., & Margulies, J. (2015). Security in computing (5th ed., p. XXXIII, 910). Prentice Hall.
• Johnson, R., & Merkow, M. S. (2011). Security policies and implementation issues (p. XVII, 437). Jones & Bartlett Learning.
• Smith, R. E. (2016). Elementary information security (2nd ed., p. XXI, 866). Jones & Bartlett Learning.
• Merkow, M. S., & Breithaupt, J. (2014). Information security: principles and practices (2nd ed., p. XVI, 349). Pearson.
• Whitman, M. E., & Mattord, H. J. (2016). Principles of information security (5th ed., p. XXVII, 692). Cengage Learning.
Prerequisits
Recommended basic knowledge/understanding of mathematics, computer architectures, operating systems, informatics and networks.
Additional information on implementation and assessment The written exam may be substituted with continuous knowledge testing and assessment
