|
Lecturer(s)
|
-
Svoboda Petr, Ing. Ph.D.
-
Valášek Pavel, Ing.
-
Švaňhal Marek, Ing.
|
|
Course content
|
Introduction to information security - basic concepts. Legislation - legislative framework and standards of information security. Theoretical basis - current topics of information security (Cloud, Internet of things, cryptocurrencies and others). Information security management system - specifications, security policy information systems. Information asset management - concept, asset specification, evaluation, vulnerability. Threats in information security - specification of current threats, evaluation, measures. Security of desktop operating systems Windows, Linux, OS X - history and present. Security of mobile operating systems Android, iOS - history and present. Information Security Risk Analysis - evaluation of information security risks of the selected subject. Control of access to information and information systems, physical and equipment security. Cryptography - history, current cryptographic measures to ensure information security. Security of traffic and communications - protection against malware, monitoring, security of information transmission, network security. Cybercrime and cyberterorism - cybercrime, sanctions, prevention. Information security incidents management - definition, responsibility.
|
|
Learning activities and teaching methods
|
Lecturing, Monologic (Exposition, lecture, briefing), Dialogic (Discussion, conversation, brainstorming), Exercises on PC, Practice exercises, Teamwork
- Preparation for course credit
- 10 hours per semester
- Preparation for examination
- 15 hours per semester
- Home preparation for classes
- 33 hours per semester
- Participation in classes
- 42 hours per semester
|
| prerequisite |
|---|
| Knowledge |
|---|
| Basic knowledge of information and communication technologies. Basics of work with personal computer, mobile devices and internet. |
| Basic knowledge of information and communication technologies. Basics of work with personal computer, mobile devices and internet. |
| learning outcomes |
|---|
| Define the issue of modern information security |
| Define the issue of modern information security |
| Describe the legislative anchoring of information security |
| Describe the legislative anchoring of information security |
| Characterize attacks to compromise information security |
| Characterize attacks to compromise information security |
| Characterize the issue of malware, its types and targeting |
| Characterize the issue of malware, its types and targeting |
| Explain the connections of ICT terms with information security |
| Explain the connections of ICT terms with information security |
| Skills |
|---|
| Design a safe work environment within the workstation |
| Design a safe work environment within the workstation |
| Identify realized attacks against information security in the entity |
| Identify realized attacks against information security in the entity |
| Identify the category of malware and suggest ways to treat an infected workstation |
| Identify the category of malware and suggest ways to treat an infected workstation |
| Prepare a treatise on the issue of information security |
| Prepare a treatise on the issue of information security |
| Effectively apply acquired knowledge in the field of information security |
| Effectively apply acquired knowledge in the field of information security |
| teaching methods |
|---|
| Knowledge |
|---|
| Lecturing |
| Monologic (Exposition, lecture, briefing) |
| Exercises on PC |
| Exercises on PC |
| Teamwork |
| Teamwork |
| Lecturing |
| Practice exercises |
| Practice exercises |
| Dialogic (Discussion, conversation, brainstorming) |
| Dialogic (Discussion, conversation, brainstorming) |
| Monologic (Exposition, lecture, briefing) |
| assessment methods |
|---|
| Workplace supervision |
| Oral examination |
| Oral examination |
| Essay |
| Essay |
| Didactic test |
| Conversation |
| Preparation of a presentation |
| Workplace supervision |
| Preparation of a presentation |
| Didactic test |
| Conversation |
|
Recommended literature
|
-
Ali Ismail Awad. Information security: foundations, technologies and applications. London, 2018. ISBN 9781849199742.
-
ČSN ISO/IEC 27001. Informační technologie - Bezpečnostní techniky - Systémy řízení bezpečnosti informací - Požadavky. Praha, 2014.
-
Darren Death. Information security handbook: develop a threat model and incident response strategy to build a strong information security framework. Birmingham, 2017. ISBN 9781788473262.
-
Jan Kolouch. CyberCrime. Praha, 2016. ISBN 9788088168157.
-
Peter W. Singer, Allan Friedman. Cybersecurity and cyberwar: what everyone needs to know. New York, 2014. ISBN 0199918112.
-
Petr Doucek. Řízení bezpečnosti informací: 2. rozšířené vydání o BCM. Praha, 2011. ISBN 9788074310508.
-
Petr Jirásek, Luděk Novák, Josef Požár. Výkladový slovník kybernetické bezpečnosti: Cyber security glossary. Praha, 2013. ISBN 978-80-7251-397-0.
-
R. Polčák, T. Gřivna. Kyberkriminalita a právo. Praha, 2008. ISBN 978-80-903786-7-4.
|