IT-Security Lab (E)
Niveau
Bachelor
Lernergebnisse der Lehrveranstaltungen/des Moduls
This course complements the IT-Security lecture, increasing the students' practical knowledge in this topic. Students can practically assess confidentiality, integrity, and availability of information systems. They can detect threats and specific types of attacks in information systems and can take adequate measures to secure these systems.
Voraussetzungen der Lehrveranstaltung
erfolgreicher Abschluss des vorherigen Semesters
Lehrinhalte
Contents of this course are:
- Threat environment: Goals of IT security, types of attackers and attacks, planning and managing IT security
- Cryptography and cryptographic system standards: symmetric and public/private key encryption, digital signatures, Hashing, authentication, digital certificates, TSL/SSL, IPSec, wireless security
- Access control: passwords, biometric methods, role-based access control, identity management
- Firewalls: principles, static packet filtering, stateful packet inspection, NAT, intrusion detection and
- Prevention systems, firewall architectures and management
- Host and Data Security: host hardening, vulnerability and exploits, vulnerability testing, data protection and backups
- Application Security: hardening applications, web server attacks, email security
- Incident and Disaster Response: incident response, laws and regulations, business continuity planning
- Threat environment: Goals of IT security, types of attackers and attacks, planning and managing IT security
- Cryptography and cryptographic system standards: symmetric and public/private key encryption, digital signatures, Hashing, authentication, digital certificates, TSL/SSL, IPSec, wireless security
- Access control: passwords, biometric methods, role-based access control, identity management
- Firewalls: principles, static packet filtering, stateful packet inspection, NAT, intrusion detection and
- Prevention systems, firewall architectures and management
- Host and Data Security: host hardening, vulnerability and exploits, vulnerability testing, data protection and backups
- Application Security: hardening applications, web server attacks, email security
- Incident and Disaster Response: incident response, laws and regulations, business continuity planning
Empfohlene Fachliteratur
- Comer, Douglas E.: Computer Networks and Internets: With Internet Applications, 6th Ed. - Upper Saddle River, Pearson Education, 2015.
- Panko, Raymond R.; Panko, Julia A.: Business Data Networks and Security, 10th Ed. - Edinburgh, Pearson, 2015.
- Rhodes-Ousley, Mark: Information Security: The Complete Reference, 2nd Ed. - New York et al., Mc Graw Hill education, 2013.
- Stallings, William: Network Security Essentials: Applications and Standards, 6th Ed., Edinburgh, Pearson Education , 2017.
- Tanenbaum, Andrew S.: Computer Networks, 5th Ed. - Boston, Pearson, 2011.
- Panko, Raymond R.; Panko, Julia A.: Business Data Networks and Security, 10th Ed. - Edinburgh, Pearson, 2015.
- Rhodes-Ousley, Mark: Information Security: The Complete Reference, 2nd Ed. - New York et al., Mc Graw Hill education, 2013.
- Stallings, William: Network Security Essentials: Applications and Standards, 6th Ed., Edinburgh, Pearson Education , 2017.
- Tanenbaum, Andrew S.: Computer Networks, 5th Ed. - Boston, Pearson, 2011.
Bewertungsmethoden und -Kriterien
Portfolio assessment
Unterrichtssprache
Englisch
Anzahl der zugewiesenen ECTS-Credits
2
E-Learning Anteil in %
0
Semesterwochenstunden (SWS)
1.0
Geplante Lehr- und Lernmethode
Exercises, group work, presentation and discussion of student tasks
Semester/Trisemester, In dem die Lehrveranstaltung/Das Modul Angeboten wird
2
Name des/der Vortragenden
Studienjahr
Kennzahl der Lehrveranstaltung/des Moduls
SEC2
Art der Lehrveranstaltung/des Moduls
Übung, Konstruktionsübung
Art der Lehrveranstaltung
Pflichtfach