Introduction to information security

Teachers

Included in study programs

Teaching results

After studying this course, students gain the knowledge and should be able to:
A. understand the basic concepts of cyber security
B. discuss information and application security, encryption and cryptography, attacks on computer networks and information systems,
C. understand the use and electronic and digital signatures creation as a part of the digitalization of society
D. Follow new trends in cyber security also in connection with deep-web and blockchain technologies
E. use IS security standards (ISO standards, Cyber Security Act) in practice
F. identify, understand and evaluate the need and possibilities for information protection in the company,
G. analytically examine the suitability of the IS security design and implementation.

Indicative content

1. Basic concepts of information security, its importance in practice, the consequences of information security negligence in organizations. Information security management.
2. Information assets, their attributes.
3. Authentication and identification, authentication and identification systems, biometric systems.
4. Threats, incidents and classification of computer malware.
5. Intentional and unintentional attacks, attack life cycle, consequences of incidents
6. Characteristics and types of intentional attacks
7. Basics of cryptography (symmetric and asymmetric encryption)
8. Different types of virus protection, their quality and use for computers and mobile devices.
9. Electronic signature, certification authorities and importance in practice
10. Security policies and standards (ISO), security plans and their preparation
11. Criteria of security assessment, risk analysis and self-assessment of IT security in the company, security models.
12. Work in teams on case studies how to design a security plan
13. Analysis of IT security at the university and design of innovations in IT security at the university

Support literature

1. Anderson, R. Security Engeneering 2nd: A guide to building dependable distributed systems: Wiley, 2008.
2. Matt Bishop. Compute Security: Art and Science:2nd Edition, AdisonWesley, 2017.
3. William Stallings. Cryptography and Network Security, Global Edition: PrenticeHall, 2016.
4. Janošcová, R. Princípy informačnej bezpečnosti. Dostupné na: https://ics.upjs.sk/~jirasek/ops/Janoscova.pdf (dostupné 11,10.2021)
5. Hanáček, P., Staudek, J. Bezpečnost informačních systému. 2000, Dostupné: http://media0.vesele.info/files/media0:50f8645ae2040.pdf.upl/uvis_bezpecnost_20000701.pdf (dostupné 12.10.2021)
6. Levický, D. Aplikovaná kryptografia, Elfa, 2018
7. O`Connor, W.R., Mobile device security, Nova Science Publisher. 2013
8. Anonymous, Maximální bezpečnost, Hackeři radí jak nejlépe zabezpečit vaši síť, SoftPress, 2004
9. Rakovská, E., Elektronický kurz Ochrana a bezpečnosť IS, LMS Moodle Ekonomickej Univerzity, dostupné na: https://moodle.euba.sk/course/view.php?id=161

Requirements to complete the course

Prerequisites:
- final exam - written form, 60% (passing the exam means obtaining a minimum of 51% of the exam grade). The exam consists of two parts: verification of theoretical knowledge (test with different types of questions). The theoretical part verifies the level of learning outcomes A., B, C, D, E.
Exercises:
- independent work and intermediate tests 20%,
- elaboration and presentation of the seminar topic in teams 20%
The following learning outcomes are developed and assessed through the assessment of independent work and the assessment of work in teams: D., E., F., G.

Student workload

Total study load (in hours):
3 credits x 26 hours= 78 hours
Study load distribution:
Seminar participation: 26 hours
Preparation for seminars: 8 hours
Project preparation: 10 hours
Preparation for the final exam: 34 hours

Language whose command is required to complete the course

slovak

Date of approval: 11.03.2024

Date of the latest change: 18.05.2022