|
Lecturer(s)
|
|
|
|
Course content
|
1. Principles of IS/IT security. 2. Risk analysis 3. Security policy 4. Introduction to ISO 27000 5. Types of attacks and their aims. 6. Methods of business IS/IT security. 7. Basic concepts. Authentication and authorization. 8. Client security (Windows/UNIX). 9. Server security (Windows/UNIX). 10. Principles of network security. 11. Network security monitoring and administration. 12. IDS, penetration tests, risk analysis, security audit.
|
|
Learning activities and teaching methods
|
Dialogic (discussion, interview, brainstorming), Demonstration, Laboratory
- Class attendance
- 56 hours per semester
- Preparation for exam
- 35 hours per semester
- Preparation for classes
- 34 hours per semester
|
|
Learning outcomes
|
The aim of this subject is to provide students with the knowledge from the area of IS/IT security, to explain basic principles of IS/IT security evaluation and to explain meaning and content of security standards. The following topics will be discussed more detailed: principles of IS/IT security, IS/IT security component, methods of IS/IT securing, security politics, risk analysis, disaster recovery planning, security audit, the principles of IS/IT security assessments. The basic survey of principles of the modern cryptography and security technology (IDS, penetration testing, monitoring, audit, electronic signature, certificates, principles of computer networks security) is the part of this course as well.
The graduate of the course will understand basic principles of IS/IT security, he will be able to make basic analyses and he will have a review on technologies and security architecture used in enterprise practice.
|
|
Prerequisites
|
Basic knowledge of Windows and Linux operating systems, text editors (vi, vim, or nano), virtualization platforms (VirtualBox) and combinatorics.
|
|
Assessment methods and criteria
|
Oral examination
Personal computer hardening and review by penetration testing. Personal computer or home network security policy.
|
|
Recommended literature
|
-
DOBTA, L. Ochrana dat v informačním systému. Praha : Grada, 1998. ISBN 80-7169-479-7..
-
DOSTÁLEK A KOL. TCP/IP - bezpečnost. Praha: Computer Press, 2003..
-
GARFINGEL, S. PGP. Brno: Computer Press, 1998..
-
HANÁČEK, P., STAUDEK, J. Bezpečnost informačních systémů. Praha: ÚSIS, 2000..
-
Chapman, D. B., Zlicky, E., D. Firewally. Brno: Computer Press, 1998.. Brno: Computer Press, 1998.
-
KOLOUCH,J., Bašta,P. CyberSecurity. Praha: Edice CZ.NIC.2019.. Praha: Edice CZ.NIC, 2019. ISBN 978-80-88168-34-8.
-
PROSISE, CH., MANDIA, K. Počítačový útok. Praha: Computer Press, 2002..
-
SCAMBRAY, J., MCCLURE, S., KURTZ, G. Hacking bez tajemství. Praha: Computer Press, 2002..
-
SCHNEIER, B. Applied Cryptography. New York: John Willey, 1996. ISBN 0-471-11709-9..
|