Information system security 1
- Class 30
- Practice 30
- Independent work 90
Course title
Information system security 1
Lecture type
Obligatory
Course code
22-00-514
Semester
4
ECTS
5
Lecturers and associates
Course overview
This module is designed to provide students with the knowledge and understanding of the principles of information security that is necessary to develop more skills in the Cyber security field. This module is the foundation for all the Cyber security related modules and combines both theoretical and practical components.
Students will learn foundational knowledge required for all the Cyber security modules and the ISO standard for information security and the most important areas of information security:
• risk management
• authentication and authorization
• cryptography
• vulnerability management
• network security
• protection against malicious software
• business continuity
The module will also provide students with a detailed explanation of advanced security attacks and protection mechanisms and enable them to apply this theoretical knowledge into practice.
Content
Students will learn foundational knowledge required for all the Cyber security modules and the ISO standard for information security and the most important areas of information security:
• risk management
• authentication and authorization
• cryptography
• vulnerability management
• network security
• protection against malicious software
• business continuity
The module will also provide students with a detailed explanation of advanced security attacks and protection mechanisms and enable them to apply this theoretical knowledge into practice.
Literature
Essential reading:
1. Andress, J., (2015). The basics of information security. Waltham: Syngress.
Recommended reading:
1. Brooks, C., Grow, C., Craig, P. and Short, D., (2018). Cybersecurity Essentials. Hoboken: John Wiley and Sons.
Bachelor in Computer Engineering
Minimal learning outcomes
- Explain the basic concepts, methods and techniques of information security
- Suggest an optimal way to approach the organization of information system protection
- Describe the ways in which the security of an information system may be compromised
- Determine methods for vulnerability management processes, Web application security and methods for managing log records
- Understand the category of malicious programs and techniques for their use, network security controls, advanced persistent threat and business continuity
Preferred learning outcomes
- Analyse basic risk management method
- Evaluate the use of different authentication and authorization mechanisms and their differences
- Evaluate different asymmetric and symmetric cryptographic algorithms and compression algorithms
- Evaluate the importance of penetration testing, secure coding practices and usage of SIEM systems
- Evaluate the applicability of innovative mechanisms of protection against malicious programs and unauthorized activity