General information:
Code:
UBPJO-129
Name:
Security of computer systems
Profile of education:
Academic (A)
Lecture language:
English
Semester:
Fall
Course homepage:
 
Responsible teacher:
mgr inż. Rakoczy Witold (rakoczy@agh.edu.pl)
Academic teachers:
mgr inż. Rakoczy Witold (rakoczy@agh.edu.pl)
Module summary

Description of learning outcomes for module
MLO code Student after module completion has the knowledge/ knows how to/is able to Connections with FLO Method of learning outcomes verification (form of completion)
Social competence
M_K001 The student understands the significance and importance of the social problems of ensuring security of information systems. Activity during classes
Skills
M_U001 The student is able to apply the basic techniques for securing computer systems at the operating system level. Completion of laboratory classes
M_U002 The student is able to choose the technology to implement security in typical computer networks. Completion of laboratory classes
Knowledge
M_W001 The student has a orderly, general knowledge in the area of security of computer systems and computer networks. Examination
M_W002 The student has the knowledge necessary to undertake independent studies on the design and implementation of security policies. Examination
M_W003 The student has the basic knowledge necessary for proper diagnosis and troubleshooting security in the context of computer systems administration. Examination
FLO matrix in relation to forms of classes
MLO code Student after module completion has the knowledge/ knows how to/is able to Form of classes
Lecture
Audit. classes
Lab. classes
Project classes
Conv. seminar
Seminar classes
Pract. classes
Zaj. terenowe
Zaj. warsztatowe
Others
E-learning
Social competence
M_K001 The student understands the significance and importance of the social problems of ensuring security of information systems. + - + - - - - - - - -
Skills
M_U001 The student is able to apply the basic techniques for securing computer systems at the operating system level. - - + - - - - - - - -
M_U002 The student is able to choose the technology to implement security in typical computer networks. - - + - - - - - - - -
Knowledge
M_W001 The student has a orderly, general knowledge in the area of security of computer systems and computer networks. + - - - - - - - - - -
M_W002 The student has the knowledge necessary to undertake independent studies on the design and implementation of security policies. + - - - - - - - - - -
M_W003 The student has the basic knowledge necessary for proper diagnosis and troubleshooting security in the context of computer systems administration. + - - - - - - - - - -
Module content
Lectures:
  1. Basic notions and terms
  2. Limiting access to computer systems and access to data on the basis of user's location, identity or possessed data.
  3. Control of user's privileges; identification, authentication and authorization in centralized and distributed systems, hardware-based solutions for
  4. Protection of privacy of users' data; security of system data – data base and transferred data; coding of data; problem of passing on (transfer) of
  5. Security of data in the Internet; electronic signature and certifying, authentication of service providers, certificates of servers, safe (secure)
  6. Public Key Infrastructure and technical means necessary for its construction, hardware properties of cryptographic devices.
  7. Protection of systems against intentional damages – basic threats and methods to avoid them; braking in and preventive measures.
  8. Protection of private networks, typical threats, attacks on networks, methods of avoiding and counteractions.
  9. Principles of responding to violation of security and network malfunctioning (rules of proceeding, organization of cooperation, institutional means
  10. Institutional security policy – principles of construction and holistic approach towards security.
Laboratory classes:
  1. Setup of simple firewall
  2. Generation of cryptografic keys and digital certificates
  3. Configuration of VPN
  4. Hardening of operating system
  5. Penetration tests – scanning
  6. Penetration tests – exploiting
Student workload (ECTS credits balance)
Student activity form Student workload
Summary student workload 100 h
Module ECTS credits 4 ECTS
Participation in lectures 14 h
Participation in laboratory classes 14 h
Preparation for classes 48 h
Contact hours 12 h
Examination or Final test 2 h
Preparation of a report, presentation, written work, etc. 10 h
Additional information
Method of calculating the final grade:

Final grade of the laboratory classes is based on evaluation of exercises (average) and results of tests.

Module final grade is calculated as arithmetic average of final grades of the laboratory classes and the examination (rounded toward Exam grade if necessary).

Prerequisites and additional requirements:

Basic knowledge of cryptography
Basic knowledge of computer networks (incl. protocols)
Basic knowledge of Linux administration

Recommended literature and teaching resources:

Basic:
Ross Anderson: Security Engineering, Second Edition
Recommended:
John E. Canavan: Fundamentals of Network Security
Justin Hutchens: Kali Linux Network Scanning Cookbook
Robert W. Beggs: Mastering Kali Linux for Advanced Penetration Testing
Joseph Muniz, Aamir Lakhani: Web Penetration Testing with Kali Linux
Supplemental:
Marshall D. Abrams, Sushil Jajodia, Harold J. Podell (Eds.): Information Security: An Integrated
Collection of Essays

Scientific publications of module course instructors related to the topic of the module:

Additional scientific publications not specified

Additional information:

Participation in lessons is obligatory.