Subject content:
1. Introduction to security, history of network security, development and modern trends in security.
2. Division of modern ciphers - symmetric/asymmetric, block/stream, cipher modes, key distribution options - DH.
3. Hash functions and one-way algorithms - MD5 and SHA1 vs. SHA2, SHA3, BLAKE2 - principle of function, vulnerability, implementation, use.
4. PKI - certificates, PGP, X.509, elliptic curves, digital signature.
5. SSL/TLS libraries - configuration and proposals over the CA domain - self-sign, revocation, root and intermediate certificates, wildcard certificates.
6. SSH - version, description, advanced configuration - file exchange, traffic tunneling.
7. VPN - principle, TUN/TAP modes, IPsec vs. TLS. Modern approaches - OVPN vs. Wireguard.
8. Tools for analyzing network elements and network traffic - IOS Diagnostic Tools, Packet Capturing, SNMP and NetFlow, traffic analysis based on signatures, advanced behavioral analysis from NetFlow.
9. Redundancy of elements, high availability, authentication, role management, password policy, perimeter security, monitoring.
10. Passive and active monitoring systems IDS/IPS - possibilities of deployment in topology, principles of detection, creation of rules, possibilities of connection to security elements, practical examples - Suricata.
11. Honeypots and Honeynets - division, principle of function, deployment options, interaction modes - Tpot, Dianoea, Kippo, cowrie.
12. Authentication, multi-factor authentication (RADIUS, DIAMETER, KERBEROS), single sign-on systems (SSO).
13. Principles of key distribution using physical principles of quantum mechanics (QKD), QKD protocols - BB84, SARG04 and E91, QKD in quantum networks.
1. Introduction to security, history of network security, development and modern trends in security.
2. Division of modern ciphers - symmetric/asymmetric, block/stream, cipher modes, key distribution options - DH.
3. Hash functions and one-way algorithms - MD5 and SHA1 vs. SHA2, SHA3, BLAKE2 - principle of function, vulnerability, implementation, use.
4. PKI - certificates, PGP, X.509, elliptic curves, digital signature.
5. SSL/TLS libraries - configuration and proposals over the CA domain - self-sign, revocation, root and intermediate certificates, wildcard certificates.
6. SSH - version, description, advanced configuration - file exchange, traffic tunneling.
7. VPN - principle, TUN/TAP modes, IPsec vs. TLS. Modern approaches - OVPN vs. Wireguard.
8. Tools for analyzing network elements and network traffic - IOS Diagnostic Tools, Packet Capturing, SNMP and NetFlow, traffic analysis based on signatures, advanced behavioral analysis from NetFlow.
9. Redundancy of elements, high availability, authentication, role management, password policy, perimeter security, monitoring.
10. Passive and active monitoring systems IDS/IPS - possibilities of deployment in topology, principles of detection, creation of rules, possibilities of connection to security elements, practical examples - Suricata.
11. Honeypots and Honeynets - division, principle of function, deployment options, interaction modes - Tpot, Dianoea, Kippo, cowrie.
12. Authentication, multi-factor authentication (RADIUS, DIAMETER, KERBEROS), single sign-on systems (SSO).
13. Principles of key distribution using physical principles of quantum mechanics (QKD), QKD protocols - BB84, SARG04 and E91, QKD in quantum networks.