Course detail

ICT Security 2

FEKT-BPC-IC2Acad. year: 2024/2025

The course covers the topics connected to computer network security. The topics include: architecture description and administration of modern network devices, overview of security and performance testing principles, overview of today’s malware and its mitigation methods it and the overview of attacks based on social engineering.

Language of instruction

Czech

Number of ECTS credits

7

Mode of study

Not applicable.

Entry knowledge

The course requires the basic knowledge of operating systems and principles of TCP/IP networks. CCNA courses are recommended.

Rules for evaluation and completion of the course

The maximum of 15 points is given upon completion of the laboratory assignments. The completion of an individual project adds upto 15 points. The requirements on the completion of the tasks in laboratories and projects are described in the annual supervisor’s notice. The maximum of 70 points can be gained during the final exam.
The conditions for the successful course completion are stated in the yearly updated supervisor’s notice.

Aims

The goals of the course is to extend the knowledge gained during the ICT Security 1 course by knowledge of secure configuration of network devices and secure configuration testing. Students will learn how to practically configure network devices on the network, transport and application TCP/IP layer in a secure way. In addition, students will learn the methods of security evaluation based on ethical hacking.
Students will learn the fundamental theoretical knowledge and get practical skills from network security. Students will learn the essential rules for securing networks on each layer of the TCP/IP model. Students will be able to practically implement the security settings and verify them using the methods of penetration testing. Students will learn the non-technical aspects of security, mainly social engineering methods.

After course completion, the students will be able to:
• Explain and practically implement the security mechanisms on the network, transport and application layers.
• Explain and practically implement the security mechanisms for wireless networks.
• Use the basic techniques of penetration testing for information gathering, vulnerability detection and exploitation.
• Choose and use suitable tools for infrastructure security testing.
• Choose and use suitable tools for infrastructure performance testing.
• Classify the types of malware and use methods for their destruction.
• Set rules and policies for the limitation of the human factor-based attacks.

Study aids

Not applicable.

Prerequisites and corequisites

Not applicable.

Basic literature

BOYLES, Tim a Larry GREENBLATT. CCNA security: study guide. Hoboken: Wiley Publishing, 2010, xv, 516 s. ISBN 978-0-470-52767-2.
DAVIS, Michael. Hacking exposed malware: malware. New York: McGraw-Hill, c2010, xxi, 377 s. ISBN 978-0-07-159118-8.
DEFINO, Steven a Larry GREENBLATT. Official certified ethical hacker review guide: for version 7.1. Boston: Course Technology, 2012, xxi, 329 s. ISBN 978-1-133-28291-4.
PROSISE, Chris. Počítačový útok: Detekce, obrana a okamžitá náprava. Vyd. 1. Praha: Computer Press, 2002, xxii, 410 s. ISBN 80-722-6682-9.
STALLINGS, William. Cryptography and network security: principles and practice. Seventh edition. xix, 731 pages. ISBN 01-333-5469-5.

Recommended reading

Not applicable.

Elearning

Classification of course in study plans

  • Programme BPC-IBE Bachelor's 3 year of study, winter semester, compulsory

Type of course unit

 

Lecture

26 hod., optionally

Teacher / Lecturer

Syllabus

  1. Úvod do síťové bezpečnosti
  2. Bezpečná konfigurace přepínačů a směrovačů
  3. Bezpečná konfigurace bezdrátových sítí (testování zabezpečení WPA, WPA2 a WPA3)
  4. Firewally a aplikační filtry
  5. Systémy IDS a IPS, analýza logů
  6. Testování výkonosti síťové infrastruktury, D(D)oS útoky
  7. Penetrační testování (základy metodologie)
  8. Penetrační webových aplikací (průzkum prostředí)
  9. Penetrační webových aplikací (OWASP TOP 10)
  10. Analýza dat z otevřených zdrojů (OSINT)
  11. Problematika kybernetické bezpečnosti (řízení rizik bezpečnosti informací)
  12. Škodlivý software, netechnické typy útoků, bezpečnostní protokoly
 

Laboratory exercise

26 hod., compulsory

Teacher / Lecturer

Syllabus

 

Project

24 hod., compulsory

Teacher / Lecturer

Elearning