Course code InfT5038
Credit points 3
Information Security
Total Hours in Course81
Number of hours for lectures12
Number of hours for seminars and practical classes12
Independent study hours57
Date of course confirmation17.11.2022
Responsible UnitInstitute of Computer Systems and Data Science
Course developers
Pēteris Rivža
Dr. habil. sc. ing.
lect.
Nauris Pauliņš
Mg. sc. ing.
Course abstract
Course objective is to teach principles and best practices for information security in computer networks and information systems. During the course students learn how to develop complete policy in information security for business organizations, identify information security risks and how to apply appropriate protection mechanisms. Students learn to identify vulnerabilities in computer networks and protection systems. Extra attention is covered on effective methods to protect against computer network intrusions.
Learning outcomes and their assessment
Knows about included topics of information security management, about mechanisms to develop successful information security management, understands how to provide information security risk management.
Knowledge assessment will be provided through two tests on logical protection methods and computer network protection mechanisms.
Can establish and maintain information security management in organization, provide security risk identification and management, detect and respond to intruders in computer network, be able practically use main tools of information security.
Independent activity will be used for the assessment of skills, where need to be provided logical defence methods for information system security.
Able to solve problems individually and in working group, be able to choose correct tools and methods for information security in particular situation, and also to convince other participants and argue their opinion.
For Competence assessment will be use independent work with security mechanism usage in network security protection, with the ability to explain their use.
Course Content(Calendar)
1. Introduction to information security and main principles. – 1h
2. Standards and national regulations and best practice in information security. – 3h
3. Information classification and risk management. – 3h
4. Logical protection mechanisms for information security. – 2h
5. Cryptography for information security. – 2h
6. Symmetric and asymmetric chippers – 2h
7. 1. assessment – knowledge assessment of logical security methods. - 1h
8. Main principles of network protection. – 1h
9. Types of network attackers and main threats. - 3h
10. Firewalls. – 2h
11. Intrusion detection systems. – 2h
12. Wireless networks protection. – 2h
13. Main protection methods for internet communications. – 2h
14. Internet application security and authentication problematic. – 3h
15. Physical protection of information assets. - 2h
16. 2. assessment – computer networks protection mechanisms – 1h
Part-time studies:
All topics indicated for full-time attendance are implemented, but the number of contact hours is 1/2 of the indicated hours
Requirements for awarding credit points
The passing grade depends on the cumulative grade of the semester:
Test 1: 25 points
Test 2: 25 points
The average score for both tests is determined.
Independent work 1: 25 points
Independent work 2: 25 points
The average of both independent works is determined.
The test can be written only during the specified time. In order to receive a final grade, all practical work must be passed.
Description of the organization and tasks of students’ independent work
1. Independent work – development of the company's security policy and risk analysis, based on the given criteria. The work must be designed in accordance with the methodical criteria and an explanation of the methods chosen in the policy with regulatory enactments must be provided (volume for the main part of the work at least 10 pages).
2. Independent work - Conduct computer network vulnerability and defence mechanism testing to protect against attacks. The descriptive part of the work development and the justification of the chosen methods must be submitted (volume for the main part of the work at least 10 pages).
Criteria for Evaluating Learning Outcomes
The marks of the independent works depend’ s of the explanation details and ability to explain choice of chosen security mechanisms.
The independent works and theory tests are evaluated according to the evaluation procedure specified in the assignment.
The final grade is determined by calculating the average grade from the result of two average grades - one average grade is determined for theory tests and the other for independent assignments.
When rewriting the test papers, the assessment is reduced by one point.
If the student is not satisfied with the cumulative score, he can take a common exam to raise his score.
Compulsory reading
1. Tipon H., Krause M. Information security Management Handbook. Boca Raton [etc.]: Auerbach Publications, 2007.
2. Stallings W. Cryptography and Network Security: principles and practices. Upper Saddle River, New Jersy: Person Education, 2006. 680 p.
3. Peltier T.R. Information security policies, procedures and standarts: guidelines for effective information security management. Boca Raton: Auerbach Publications, 2002. 297 p.
4. Vacca J.R. Computer and Information Security: Handbook. Amsterdam; Boston: Elsevier; Burlington, MA: Morgan Kaufmann, 2009. 844 p.
Further reading
1. Manzuik S. Network security assessment from vulnerability to patch. Rockland, MA: Syngress Pub., 2007.
Notes
ITF Master's study program "Information Technologies".