IT-Security Lab (E)
Niveau
Bachelor
Learning outcomes of the courses/module
This course complements the IT-Security lecture, increasing the students’ practical knowledge in this topic. Students can practically assess confidentiality, integrity, and availability of information systems. They can detect threats and specific types of attacks in information systems and can take adequate measures to secure these systems.
Prerequisites for the course
Successfully completed courses of the previous semester.
Course content
Contents of this course are:
- Threat environment: Goals of IT security, types of attackers and attacks, planning and managing IT security
- Cryptography and cryptographic system standards: symmetric and public/private key encryption, digital signatures, Hashing, authentication, digital certificates, TSL/SSL, IPSec,
wireless security
- Access control: passwords, biometric methods, role-based access control, identity management
- Firewalls: principles, static packet filtering, stateful packet inspection, NAT, intrusion detection and
- Prevention systems, firewall architectures and management
- Host and Data Security: host hardening, vulnerability and exploits, vulnerability testing, data protection and backups
- Application Security: hardening applications, web server attacks, email security
- Incident and Disaster Response: incident response, laws and regulations, business continuity planning
- Threat environment: Goals of IT security, types of attackers and attacks, planning and managing IT security
- Cryptography and cryptographic system standards: symmetric and public/private key encryption, digital signatures, Hashing, authentication, digital certificates, TSL/SSL, IPSec,
wireless security
- Access control: passwords, biometric methods, role-based access control, identity management
- Firewalls: principles, static packet filtering, stateful packet inspection, NAT, intrusion detection and
- Prevention systems, firewall architectures and management
- Host and Data Security: host hardening, vulnerability and exploits, vulnerability testing, data protection and backups
- Application Security: hardening applications, web server attacks, email security
- Incident and Disaster Response: incident response, laws and regulations, business continuity planning
Recommended specialist literature
- Comer, Douglas E.: Computer Networks and Internets: With Internet Applications, 6th Ed. - Upper Saddle River, Pearson Education, 2015.
- Panko, Raymond R.; Panko, Julia A.: Business Data Networks and Security, 10th Ed. - Edinburgh, Pearson, 2015.
- Rhodes-Ousley, Mark: Information Security: The Complete Reference, 2nd Ed. - New York et al., Mc Graw Hill education, 2013.
- Stallings, William: Network Security Essentials: Applications and Standards, 6th Ed., Edinburgh, Pearson Education , 2017.
- Tanenbaum, Andrew S.: Computer Networks, 5th Ed. - Boston, Pearson, 2011.
- Panko, Raymond R.; Panko, Julia A.: Business Data Networks and Security, 10th Ed. - Edinburgh, Pearson, 2015.
- Rhodes-Ousley, Mark: Information Security: The Complete Reference, 2nd Ed. - New York et al., Mc Graw Hill education, 2013.
- Stallings, William: Network Security Essentials: Applications and Standards, 6th Ed., Edinburgh, Pearson Education , 2017.
- Tanenbaum, Andrew S.: Computer Networks, 5th Ed. - Boston, Pearson, 2011.
Assessment methods and criteria
Portfolio assessment
Language
English
Number of ECTS credits awarded
2
Share of e-learning in %
0
Semester hours per week
1.0
Planned teaching and learning method
Exercises, group work, presentation and discussion of student tasks
Semester/trimester in which the course/module is offered
2
Name of lecturer
Academic year
Key figure of the course/module
SEC2
Type of course/module
practice
Type of course
Compulsory