Security of Information Systems

* Exchange students do not have to consider this information when selecting suitable courses for an exchange stay.

Course Unit Code050-0009/01
Number of ECTS Credits Allocated5 ECTS credits
Type of Course Unit *Compulsory
Level of Course Unit *Second Cycle
Year of Study *Second Year
Semester when the Course Unit is deliveredWinter Semester
Mode of DeliveryFace-to-face
Language of InstructionCzech
Prerequisites and Co-Requisites Course succeeds to compulsory courses of previous semester
Name of Lecturer(s)Personal IDName
SEN76doc. Ing. Pavel Šenovský, Ph.D.
Summary
Information systems collect increasing amount of information. Students will familiarize with some proved procedures and standards for the security check of the systems as well as with basic methods of forensic analysis of computers as one of the basic tools of searching the reasons of failure.
Learning Outcomes of the Course Unit
Information systems security assessment on the basis of risk analysis. The synthesis of knowledge into the area of security policy.
Course Contents
1.            Introduction to security of the information systems
2.            ISO 27 000 - ISMS
3.            IT Security politics of the organization
4.            Risk management for IT systems
5.            Configuration management
6.            Case studies of the ISO 27 000 documentation
7.            COBIT standard
8.            ITIL standard
9.            Software support for IT security management
10.          Anatomy of security incident
11.          Forensic analysis of the PC
12.          Forensic analysis of mobile devices
13.          Current security threats in IT and their connection IT security management
Recommended or Required Reading
Required Reading:
Endorf, C.; Schultz, E.; Mellander, J.: Intrusion Detection and Prevention. McGraw-Hill Osborne Media, 2003, 500 str., ISBN 978-0072229547
Šenovský, P.: Bezpečnost informačních systémů. VŠB - Technická univerzita Ostrava, Ostrava 2012, 67 str., dostupné z http://lms.vsb.cz
Endorf, C.; Schultz, E.; Mellander, J.: Hacking – detekce a prevence
počítačového útoku. Grada: Praha 2005, 356 str., ISBN 80-247-1035-8
Recommended Reading:
Prosise, Ch.; Mandia, K.: Incident Response and Computer Forensics, Second Edition. McGraw-Hill/Osborne, 2003, 507 str., ISBN: 978-0072226966
Prosise, Ch.; Mandia, K.: Počítačový útok Detekce, obrana a okamžitá náprava.
Computer Press: Praha 2002, 432 str., ISBN: 80-7226-682-9
Planned learning activities and teaching methods
Lectures, Tutorials, Project work
Assesment methods and criteria
Task TitleTask TypeMaximum Number of Points
(Act. for Subtasks)
Minimum Number of Points for Task Passing
Exercises evaluation and ExaminationCredit and Examination100 51
        Exercises evaluationCredit (45)
                ProjectProject45 23
        ExaminationExamination (55)
                TestWritten examination55 28