Lecturer(s)
|
-
Jašek Roman, prof. Mgr. Ph.D., DBA
-
Rei Ester, Ing.
|
Course content
|
1. Security of information technologies and information systems (NUKIB). 2. Legislative framework of information security (laws, decrees and standards). 3. Cyber Security Act, GDPR, eIDAS, NIS2, Whistleblower Protection Act. 4. Integrated management system (quality management - QMS, EMS relationship management system) 5. Management of informatics and information security in the organization (IT Governance, IT Service Management, Information Security Governance, ITIL and COBIT Methodologies). 6. Standards related to information security management (ISO 27000, ISO 27001) 7. Symmetric and asymmetric cryptography (SSL, TLS). Electronic signature technology in cyberspace. 8. Digital server certificates, qualified certificates and qualified system certificates. 9. Hash function, principle, types, use. 10. Technology and security of disk arrays (RAID). 11. Management of availability, backup and archiving of data. 12. Penetration tests and security of cloud services. 13. Identity Management and Access Control. 14. Case studies.
|
Learning activities and teaching methods
|
Lecturing, Monologic (Exposition, lecture, briefing), Exercises on PC
- Participation in classes
- 48 hours per semester
- Participation in classes
- 16 hours per semester
|
prerequisite |
---|
Knowledge |
---|
Basic knowledge from the field of Information and communication technologies |
Basic knowledge from the field of Information and communication technologies |
learning outcomes |
---|
define the security policy requirements of the organization |
define the security policy requirements of the organization |
comprehensively describe the process associated with the organization's information security management system |
comprehensively describe the process associated with the organization's information security management system |
explain the meaning of the GDPR general regulation |
explain the meaning of the GDPR general regulation |
explain key concepts associated with cyber security |
explain key concepts associated with cyber security |
explain the processes involved in a full electronic signature scheme |
explain the processes involved in a full electronic signature scheme |
describe industrial blockchain technology |
describe industrial blockchain technology |
Skills |
---|
draft the organization's security policy |
draft the organization's security policy |
secure communication using qualified and commercial certificates |
secure communication using qualified and commercial certificates |
set and verify the strength and resilience of passwords on systems |
set and verify the strength and resilience of passwords on systems |
choose disk array technology to ensure the continuity of their operation |
choose disk array technology to ensure the continuity of their operation |
propose a way of backing up data and processes |
propose a way of backing up data and processes |
teaching methods |
---|
Knowledge |
---|
Monologic (Exposition, lecture, briefing) |
Monologic (Exposition, lecture, briefing) |
Lecturing |
Exercises on PC |
Exercises on PC |
Lecturing |
assessment methods |
---|
Qualifying examination |
Oral examination |
Oral examination |
Qualifying examination |
Recommended literature
|
-
Dobda, Luboš. Ochrana dat v informačních systémech. Vyd. 1. Praha : Grada Publishing, 1998. ISBN 80-7169-479-7.
-
Jan Kolouch. CyberSecurity. Praha, 2019. ISBN 978-80-88168-34-8.
-
JAŠEK, Roman a Milan OULEHLA. Moderní kryptografie: Průvodce světem šifrování. Praha, 2017. ISBN 978-80-87383-67-4.
-
KRAYEM, Said a Roman JAŠEK. Security of Information Systems. Tomas Bata University in Zli?n, 2015. ISBN 978-80-7454-8.
-
Petr Doucek. Řízení bezpečnosti informací: 2. rozšířené vydání o BCM. Praha, 2011. ISBN 9788074310508.
-
Petr Jirásek, Luděk Novák, Josef Požár. Výkladový slovník kybernetické bezpečnosti: Cyber security glossary. Praha, 2013. ISBN 978-80-7251-397-0.
-
SOMMERVILLE, Ian. Software engineering. Boston, 2016. ISBN 978-0133943030.
|