| Course Unit Code | 050-0035/02 |
|---|
| Number of ECTS Credits Allocated | 4 ECTS credits |
|---|
| Type of Course Unit * | Choice-compulsory type B |
|---|
| Level of Course Unit * | Second Cycle |
|---|
| Year of Study * | First Year |
|---|
| Semester when the Course Unit is delivered | Winter Semester |
|---|
| Mode of Delivery | Face-to-face |
|---|
| Language of Instruction | Czech |
|---|
| Prerequisites and Co-Requisites | There are no prerequisites or co-requisites for this course unit |
|---|
| Name of Lecturer(s) | Personal ID | Name |
|---|
| SEN76 | doc. Ing. Pavel Šenovský, Ph.D. |
| Summary |
|---|
| Information systems collect increasing amount of information. Students will familiarize with some proved procedures and standards for the security check of the systems as well as with basic methods of forensic analysis of computers as one of the basic tools of searching the reasons of failure. |
| Learning Outcomes of the Course Unit |
|---|
| Information systems security assessment on the basis of risk analysis. The synthesis of knowledge into the area of security policy. |
| Course Contents |
|---|
1. Introduction to security of the information systems
2. ISO 27 000 - ISMS
3. IT Security politics of the organization
4. Risk management for IT systems
5. Configuration management
6. Case studies of the ISO 27 000 documentation
7. COBIT standard
8. ITIL standard
9. Software support for IT security management
10. Anatomy of security incident
11. Forensic analysis of the PC
12. Forensic analysis of mobile devices
13. Current security threats in IT and their connection IT security management |
| Recommended or Required Reading |
|---|
| Required Reading: |
|---|
| TAYLOR, Sharon a Ivor MACFARLANE. ITIL small-scale implementation. London: TSO, 2005. ISBN 0-11-330980-5. |
| ŠENOVSKÝ, Pavel. Bezpečnost informačních systémů [online]. 2. vydání Ostrava: VŠB-TU Ostrava, 2018, 127 s., dostupné z http://lms.vsb.cz [cit. 2018-10-03] |
| Recommended Reading: |
|---|
BUCKSTEEG, Martin. ITIL 2011. Brno: Computer Press, 2012. ISBN 978-80-251-3732-1
ISO/IEC 27001:2013 Information technology – Security techniques – Information security management systems – Requirements
ISO/IEC 27002:2013 (dříve ISO/IEC 17799:2005) Information technology - Security techniques - Code of practice for information security management
ISO/IEC 27005:2011 Information technology - Security techniques - Information security risk management |
BUCKSTEEG, Martin. ITIL 2011. Brno: Computer Press, 2012. ISBN 978-80-251-3732-1
ČSN EN ISO/IEC 27001 Informační technologie - Bezpečnostní techniky - Systémy řízení bezpečnosti informací - Požadavky
ČSN ISO/IEC 27002:2013 Informační technologie - Bezpečnostní techniky - Soubor postupů pro opatření bezpečnosti informací
ČSN ISO/IEC 27005:2011 Information technology - Security techniques - Information security risk management |
| Planned learning activities and teaching methods |
|---|
| Lectures, Tutorials, Project work |
| Assesment methods and criteria |
|---|
| Task Title | Task Type | Maximum Number of Points
(Act. for Subtasks) | Minimum Number of Points for Task Passing |
|---|
| Credit and Examination | Credit and Examination | 100 (100) | 51 |
| Credit | Credit | 45 | 20 |
| Examination | Examination | 55 | 28 |