IT-Security (E)
Niveau
Bachelor
Learning outcomes of the courses/module
The students know the principal goals and requirements concerning confidentiality, integrity, and availability of information systems. They are aware of the threat environment and specific types of attacks. They know how information systems can be secured against these types of attacks. They are also aware of management tasks in order to increase security for data, information, communication, and IT systems.
Prerequisites for the course
courses of the previous semester successfully completed
Course content
Contents of this course are:
- Threat environment: Goals of IT security, types of attackers and attacks, planning and managing IT security
- Cryptography and cryptographic system standards: symmetric and public/private key encryption, digital signatures, Hashing, authentication, digital certificates, TSL/SSL, IPSec, wireless security
- Access control: passwords, biometric methods, role-based access control, identity management
- Firewalls: principles, static packet filtering, stateful packet inspection, NAT, intrusion detection and
- Prevention systems, firewall architectures and management
- Host and Data Security: host hardening, vulnerability and exploits, vulnerability testing, data protection and backups
- Application Security: hardening applications, web server attacks, email security
- Incident and Disaster Response: incident response, laws and regulations, business continuity planning
- Threat environment: Goals of IT security, types of attackers and attacks, planning and managing IT security
- Cryptography and cryptographic system standards: symmetric and public/private key encryption, digital signatures, Hashing, authentication, digital certificates, TSL/SSL, IPSec, wireless security
- Access control: passwords, biometric methods, role-based access control, identity management
- Firewalls: principles, static packet filtering, stateful packet inspection, NAT, intrusion detection and
- Prevention systems, firewall architectures and management
- Host and Data Security: host hardening, vulnerability and exploits, vulnerability testing, data protection and backups
- Application Security: hardening applications, web server attacks, email security
- Incident and Disaster Response: incident response, laws and regulations, business continuity planning
Recommended specialist literature
- Comer, Douglas E.: Computer Networks and Internets: With Internet Applications, 6th Ed. - Upper Saddle River, Pearson Education, 2015.
- Panko, Raymond R.; Panko, Julia A.: Business Data Networks and Security, 10th Ed. - Edinburgh, Pearson, 2015.
- Rhodes-Ousley, Mark: Information Security: The Complete Reference, 2nd Ed. - New York et al., Mc Graw Hill education, 2013.
- Stallings, William: Network Security Essentials: Applications and Standards, 6th Ed., Edinburgh, Pearson Education , 2017.
- Tanenbaum, Andrew S.: Computer Networks, 5th Ed. - Boston, Pearson, 2011.
- Panko, Raymond R.; Panko, Julia A.: Business Data Networks and Security, 10th Ed. - Edinburgh, Pearson, 2015.
- Rhodes-Ousley, Mark: Information Security: The Complete Reference, 2nd Ed. - New York et al., Mc Graw Hill education, 2013.
- Stallings, William: Network Security Essentials: Applications and Standards, 6th Ed., Edinburgh, Pearson Education , 2017.
- Tanenbaum, Andrew S.: Computer Networks, 5th Ed. - Boston, Pearson, 2011.
Assessment methods and criteria
Portfolio assessment
Language
English
Number of ECTS credits awarded
3
Share of e-learning in %
20
Semester hours per week
2.0
Planned teaching and learning method
Lecture, group work, presentation and discussion of student tasks
Semester/trimester in which the course/module is offered
2
Name of lecturer
Prof. (FH) Dr. Johannes Lüthi
Academic year
2
Key figure of the course/module
SEC1
Type of course/module
integrated lecture
Type of course
Compulsory
Internship(s)
not applicable