Lecturer(s)
|
-
Beránek Ladislav, prof. Ing. CSc., MBA
-
Friebel Ludvík, Ing. Ph.D.
|
Course content
|
Lectures: 1. Principles of IS/IT security; 2. Fundamental principles. Authorization and autentization; 3. Types of attacks and their aims; 4. Methods of business IS/IT security; 5. Risk analysis, disaster recovery plan; 6. Principles of IS/IT security evaluation. Survey of standards for security evaluation IS/IT - CSN 17799, ISO/IEC 27001; 7. Principles of modern cryptography. The process of encryption and decipherment, cryptoanalysis; 8. Symmetrical and asymmetrical cryptography algorithms; 9. Known standards and implementation. Hash function; 10. Electronic signature. PKI, certification authority; 11. Principles of computer network security and computers; 12. Network security monitoring and administration. Monitoring and audit; 13. IDS, penetration tests.
|
Learning activities and teaching methods
|
Monologic (reading, lecture, briefing), Demonstration, E-learning
- Class attendance
- 18 hours per semester
- Preparation for exam
- 28 hours per semester
- Preparation for classes
- 44 hours per semester
- Preparation for credit
- 28 hours per semester
- Semestral paper
- 28 hours per semester
|
Learning outcomes
|
Objective of the course in terms of learning outcomes and competences The aim of the course is to acquaint students with the basic principles of security of products and systems based on information technologies. The subject covers safety issues in building and operating information systems. During the semester the students will be acquainted with all areas of information system security and with basic standards related to this area.
Students will understand basic principle of IS/IT security, will be able to perform elementary security analysis and will have survey about security technologies and security architectures used in business practice.
|
Prerequisites
|
The course has no prerequisities.
|
Assessment methods and criteria
|
Oral examination, Test
Credit Requirements: Active participation in seminars, working out a seminar work (audit of information system, DMZ, firewall, PKI etc.) Examination Requirements: Final written test
|
Recommended literature
|
-
Dostálek, L. a kol. TCP/IP - bezpečnost. Praha: Computer Press, 2003. ISBN 80-7226-849-X.
-
DOSTÁLEK, Libor, Marta VOHNOUTOVÁ a Miroslav KNOTEK. Velký průvodce infrastrukturou PKI a technologií elektronického podpisu. Brno: Computer Press, 2009. ISBN 9788025126196.
-
Doucek, P. Řízení bezpečnosti informací. Praha: Professional Publishing, 2011, 286 s., 2011. ISBN 978-80-7431-050-8.
-
Schneier, B. Applied Cryptography. New York: John Willey, 1996. ISBN 0-471-11709-9.
-
VACCA, John R. Computer and information security handbook.. Cambridge, MA: Morgan Kaufmann Publishers, an imprint of Elsevier, 2017. ISBN 978-0128038437.
|