IT-Security (E)
Niveau
Bachelor
Lernergebnisse der Lehrveranstaltungen/des Moduls
The students know the principle goals and requirements concerning confidentiality, integrity, and availability of information systems. They are aware of the threat environment and specific types of attacks. They know how information systems can be secured against these types of attacks. They are also aware of management tasks in order to increase security for data, information, communication, and IT systems.
Voraussetzungen der Lehrveranstaltung
erfolgreicher Abschluss des vorherigen Semesters
Lehrinhalte
Contents of this course are:
- Threat environment: Goals of IT security, types of attackers and attacks, planning and managing IT security
- Cryptography and cryptographic system standards: symmetric and public/private key encryption, digital signatures, Hashing, authentication, digital certificates, TSL/SSL, IPSec, wireless security
- Access control: passwords, biometric methods, role-based access control, identity management
- Firewalls: principles, static packet filtering, stateful packet inspection, NAT, intrusion detection and
- Prevention systems, firewall architectures and management
- Host and Data Security: host hardening, vulnerability and exploits, vulnerability testing, data protection and backups
- Application Security: hardening applications, web server attacks, email security
- Incident and Disaster Response: incident response, laws and regulations, business continuity planning
- Threat environment: Goals of IT security, types of attackers and attacks, planning and managing IT security
- Cryptography and cryptographic system standards: symmetric and public/private key encryption, digital signatures, Hashing, authentication, digital certificates, TSL/SSL, IPSec, wireless security
- Access control: passwords, biometric methods, role-based access control, identity management
- Firewalls: principles, static packet filtering, stateful packet inspection, NAT, intrusion detection and
- Prevention systems, firewall architectures and management
- Host and Data Security: host hardening, vulnerability and exploits, vulnerability testing, data protection and backups
- Application Security: hardening applications, web server attacks, email security
- Incident and Disaster Response: incident response, laws and regulations, business continuity planning
Empfohlene Fachliteratur
- Comer, Douglas E.: Computer Networks and Internets: With Internet Applications, 6th Ed. - Upper Saddle River, Pearson Education, 2015.
- Panko, Raymond R.; Panko, Julia A.: Business Data Networks and Security, 10th Ed. - Edinburgh, Pearson, 2015.
- Rhodes-Ousley, Mark: Information Security: The Complete Reference, 2nd Ed. - New York et al., Mc Graw Hill education, 2013.
- Stallings, William: Network Security Essentials: Applications and Standards, 6th Ed., Edinburgh, Pearson Education , 2017.
- Tanenbaum, Andrew S.: Computer Networks, 5th Ed. - Boston, Pearson, 2011.
- Panko, Raymond R.; Panko, Julia A.: Business Data Networks and Security, 10th Ed. - Edinburgh, Pearson, 2015.
- Rhodes-Ousley, Mark: Information Security: The Complete Reference, 2nd Ed. - New York et al., Mc Graw Hill education, 2013.
- Stallings, William: Network Security Essentials: Applications and Standards, 6th Ed., Edinburgh, Pearson Education , 2017.
- Tanenbaum, Andrew S.: Computer Networks, 5th Ed. - Boston, Pearson, 2011.
Bewertungsmethoden und -Kriterien
Portfolio assessment
Unterrichtssprache
Englisch
Anzahl der zugewiesenen ECTS-Credits
3
E-Learning Anteil in %
20
Semesterwochenstunden (SWS)
2.0
Geplante Lehr- und Lernmethode
Lecture, group work, presentation and discussion of student tasks
Semester/Trisemester, In dem die Lehrveranstaltung/Das Modul Angeboten wird
2
Name des/der Vortragenden
Prof. (FH) Dr. Johannes Lüthi
Studienjahr
2
Kennzahl der Lehrveranstaltung/des Moduls
SEC1
Art der Lehrveranstaltung/des Moduls
Integrierte Lehrveranstaltung
Art der Lehrveranstaltung
Pflichtfach
Praktikum/Praktika
nicht zutreffend