Objectives and competences
The objective of the course is to prepare students to know and understand the field of security and protection of computer and information systems and computer networks from an organizational and management perspective. It is also intended to prepare students to be able to analyze risks and take appropriate measures to secure information / computer systems in network environments and on the Internet.
Content (Syllabus outline)
• Introductory chapters on security and the aim for assuring security.
• Principles and approaches
• Attacks and threats in network environments
• Authentication procedures and technologies in network environment
• Public key infrastructure
• Security services in web
• Digital signatures
• Malware, spam
• Backups and archives
• Standards and Management of Security
• Security Policies
• Privacy, Ethic and Legal issues in Security
• Role, significance, awareness and implementation of education of information security
Learning and teaching methods
• lectures,
• lab work.
Intended learning outcomes - knowledge and understanding
Knowledge and understanding:
On completion of this course the student will be able to:
• understand the threats, risks, vulnerabilities and the impact of attacks on information systems on networks or on the Internet and network environments,
• analyze threats, risks and vulnerabilities,
• assess the level of threat, risk and weaknesses,
• identify cyberattacks,
• choose appropriate safeguards and countermeasures,
• use appropriate safeguards and countermeasures (protocols and mechanisms for protecting network connections),
• design comprehensive plans for the protection of wireless connections and networks and the security of the information system,
• design a security policy,
• analyze and assess importance of legal and ethical issues of information security,
• choose appropriate level of privacy.
Intended learning outcomes - transferable/key skills and other attributes
• • Communication skills: writing a professional report of the performed laboratory work and project, oral laboratory work defense, manner of expression at oral examination.
• Use of information technology: searching information on the worldwide web, use of tools for writing reports, implementation of computer programs and the use of computer programming environment.
• Problem solving: autonomous study, resolving a problem from the field of network security and introduction of the overall protection solution.
Readings
• W. Stallings, L. Brown: Computer Security: Principles and Practice, 4th Edition, Pearson, 2018
• C. P. Pfleeger, Shari Lawrence Pfleeger, Jonathan Margulies. Security in Computing (5th Edition), Prentice Hall, 2015
• M. E. Whitman, H. J. Mattord: Principles of Information Security, 6th Edition, Cengage Learning, 2017
• M. J. Quinn: Ethics for the information Age, 7th Edition, Pearson, 2016
• »Seznam dodatnih študijskih materialov bo razdeljen študentom ob začetku predavanj. A list of additional study materials will be distributed when the module begins.«
Prerequisits
Recommended basic knowledge/understanding of mathematics, computer architectures, operating systems, informatics and networks.
Additional information on implementation and assessment The written exam may be replaced by continuous knowledge testing and assessment