Content (Syllabus outline)
1. Fundamental concepts of information security: availability, integrity, confidentiality
2. Definition and classification of security threats
3. Basic concepts of IT infrastructure reliability and availability
4. Basic concepts of physical security
5. Basic concepts of logical security
6. Basic organizational countermeasures for providing of information security
7. Implementation of information security management system into an organization
Learning and teaching methods
• Lectures,
• Tutorial and computer work,
• e-Learning,
• Laboratory work.
Intended learning outcomes - knowledge and understanding
After successful completion of the course, the student will be able to:
• Explain the importance of information security for business continuity.
• Identify potential security threats and consequences of their realization.
• Plan and apply suitable information security measures and mechanisms.
Readings
Obvezna/Obilgatory:
1. Brezavšček, A., Šmitek, B. (2022). Uvod v informacijsko varnost, elektronsko učno gradivo, spletna učilnica Moodle.
Priporočljiva/Recommended:
2. Stallings, W., Brown, L. (2108). Computer security: principles and practice, 4th ed., Global ed., New York: Pearson.
3. Rhodes-Ousley, M. (2013). Information Security, The Complete Reference, 2nd Ed., New York: McGraw-Hill Education
4. Merkow, M.S., Breithaupt, J. (2014). Information Security: Principles and Practices, 2nd Ed., Pearson Education, Inc.
5. Bosworth, S., Kabay, M.E., Whyne, E. (2014). Computer Security Handbook, Sixth Ed., Wiley.
6. ISO/IEC 27001:2013, Information technology - Security techniques - Information security management systems – Requirements.
7. ISO/IEC 27002:2017, Information technology — Security techniques — Code of practice for information security controls.
ISO/IEC 27002:2022, Information security, cybersecurity and privacy protection — Information security controls.
