|
Lecturer(s)
|
-
Beránek Ladislav, prof. Ing. CSc., MBA
-
Friebel Ludvík, Ing. Ph.D.
|
|
Course content
|
Lectures: 1. Principles of IS/IT security; 2. Fundamental principles. Authorization and autentization; 3. Types of attacks and their aims; 4. Methods of business IS/IT security; 5. Risk analysis, disaster recovery plan; 6. Principles of IS/IT security evaluation. Survey of standards for security evaluation IS/IT - CSN 17799, ISO/IEC 27001; 7. Principles of modern cryptography. The process of encryption and decipherment, cryptoanalysis; 8. Symmetrical and asymmetrical cryptography algorithms; 9. Known standards and implementation. Hash function; 10. Electronic signature. PKI, certification authority; 11. Principles of computer network security and computers; 12. Network security monitoring and administration. Monitoring and audit; 13. IDS, penetration tests.
|
|
Learning activities and teaching methods
|
Monologic (reading, lecture, briefing), Demonstration, E-learning
- Semestral paper
- 20 hours per semester
- Class attendance
- 56 hours per semester
- Preparation for classes
- 44 hours per semester
- Preparation for credit
- 10 hours per semester
- Preparation for exam
- 20 hours per semester
|
|
Learning outcomes
|
The aim of this subject is to provide students with the knowledge from the area of IS/IT security, to explain basic principles of IS/IT security evaluation and to explain meaning and content of security standards. The following topics will be discussed more detailed: principles of IS/IT security, IS/IT security component, methods of IS/IT securing, security politics, risk analysis, disaster recovery planning, security audit, the principles of IS/IT security assessments. The basic survey of principles of the modern cryptography and security technology (IDS, penetration testing, monitoring, audit, electronic signature, certificates, principles of computer networks security) is the part of this course as well.
Students will understand basic principle of IS/IT security, will be able to perform elementary security analysis and will have survey about security technologies and security architectures used in business practice.
|
|
Prerequisites
|
The course has no prerequisities.
|
|
Assessment methods and criteria
|
Oral examination, Test
Credit Requirements: Active participation in seminars, working out a seminar work (audit of information system, DMZ, firewall, PKI etc.) Examination Requirements: Final written test
|
|
Recommended literature
|
-
Brown, L., Stallings, W. Computer Security: Principles and Practice. New York: Pearson, 2014. ISBN 978-0133773927.
-
J. M. Kizza. Computer Network Security. Springer US, 2010. ISBN 978-1441935434.
-
M. E. Whitman, H. J. Mattord. Management of Information Security. Course Technology; 4 edition, 2013. ISBN 978-1285062297.
-
R. Fischer, E. Halibozek, D. Walterhor). Introduction to Security. Boston: Butterworth-Heinemann, 2012. ISBN 978-0123850577.
-
Schneier, B. Applied Cryptography. New York: John Willey, 1996. ISBN 0-471-11709-9.
|