| Course Unit Code | 440-4128/01 |
|---|
| Number of ECTS Credits Allocated | 5 ECTS credits |
|---|
| Type of Course Unit * | Choice-compulsory type A |
|---|
| Level of Course Unit * | Second Cycle |
|---|
| Year of Study * | First Year |
|---|
| Semester when the Course Unit is delivered | Summer Semester |
|---|
| Mode of Delivery | Face-to-face |
|---|
| Language of Instruction | Czech |
|---|
| Prerequisites and Co-Requisites | Course succeeds to compulsory courses of previous semester |
|---|
| Name of Lecturer(s) | Personal ID | Name |
|---|
| VOZ29 | prof. Ing. Miroslav Vozňák, Ph.D. |
| REZ106 | Ing. Filip Řezáč, Ph.D. |
| Summary |
|---|
| The course focuses on special and advanced areas of cyber security in the form of a practical introduction of modern attack schemes, their analysis and the creation of effective countermeasures using their own tools or third-party applications. The student will also learn to implement penetration tests in small and medium networks and will also gain knowledge in the field of cryptocurrencies and quantum computers. |
| Learning Outcomes of the Course Unit |
|---|
| Learning outcomes are set so that students gain the ability to identify, detect and analyze modern cyber threats in order to create an effective defense against them in the form of their own firewall and the deployment of advanced applications and tools. The student will also gain knowledge in the field of penetration testing of network infrastructures and elements. |
| Course Contents |
|---|
1. Methods and tools of penetration on the physical layer - HW hacking, signal hijacking, traffic disruption, social engineering.
2. Methods and tools for scanning and monitoring on network traffic - MiTM, ARP poisoning, EtherCAP, advanced work with Nmap.
3. Methods and tools for Denial of Service and eavesdropping - DOS vs. DDOS, botnet, ionorbitalcannon, Hulk.
4. Methods and tools for password detection - rainbow tables, dictionary vs. brute force attacks, combination and use of modern techniques - CUDA, neural networks.
5. Methods and tools for active penetration - malware, ransomware, locking.
6. Design of secure network infrastructure - element redundancy, high availability, authentication, role management, password policy, perimeter security, monitoring.
7. Design of secure network infrastructure - practical security of protocols and services - HTTPS, SFTP, DNSSEC, secure protocols el. mail, storage encryption.
8. Design of secure network infrastructure - firewall deployment - modes, IPtables, NFtables, advanced configuration - security zones, adaptive filtering, DMZ.
9. Design of secure network infrastructure - passive and active monitoring systems IDS / IPS - possibilities of deployment in topology, principles of detection, creation of rules, possibilities of connection to security elements, practical examples - Suricata.
10. Design of secure network infrastructure - Honeypots and Honeynets - division, principle of operation, deployment options, interaction modes - Tpot, Dianoea, Kippo, cowrie.
11. Penetration testing - vurneability tools for security level evaluation - Nessus, OpenVAS, Metasploit, PerfectStorm - creation of testing scenarios and malware sandboxing.
12. Penetration testing - tools for wireless networks - promiscuous vs. monitoring mode, principles of security modes penetration - PSK, EAP.
13.Practical Security - finance - cryptocurrencies - principles, security, blockchain, darknet and blackmarkets
14. Practical Security - quantum computer - principles, applications, new approaches to cryptography, impacts, current trends |
| Recommended or Required Reading |
|---|
| Required Reading: |
|---|
| [1] Yuri Diogenes, Erdal Ozkaya, Cybersecurity – Attack and Defense Strategies: Counter modern threats and employ state-of-the-art tools and techniques to protect your organization against cybercriminals, 2nd Edition, 2019, ASIN: B081SSGKF5. |
[1] ŘEZÁČ, F., VOZŇÁK, M., ROZHON, J. – Bezpečnost v komunikacích, 2013, vysokoškolská skripta.
[2] Yuri Diogenes, Erdal Ozkaya, Cybersecurity – Attack and Defense Strategies: Counter modern threats and employ state-of-the-art tools and techniques to protect your organization against cybercriminals, 2nd Edition, 2019, ASIN: B081SSGKF5. |
| Recommended Reading: |
|---|
| [1] Steve Suehring, Linux Firewalls: Enhancing Security with nftables and Beyond, 2015, ASIN : B00SN5JYTW |
[1] Steve Suehring, Linux Firewalls: Enhancing Security with nftables and Beyond, 2015, ASIN: B00SN5JYTW
[2] Jan Kolouch, CyberSecurity, 2019, ISBN 9788088168317
[3] Jan Kolouch, CyberCrime, 2017, ISBN 978-80-88168-15-7 |
| Planned learning activities and teaching methods |
|---|
| Lectures, Tutorials, Experimental work in labs, Project work |
| Assesment methods and criteria |
|---|
| Task Title | Task Type | Maximum Number of Points
(Act. for Subtasks) | Minimum Number of Points for Task Passing |
|---|
| Graded credit | Graded credit | 100 (100) | 51 |
| Projekt | Project | 40 | 0 |
| Referát/esej | Other task type | 20 | 0 |
| Laboratorní úloha 1 | Laboratory work | 10 | 0 |
| Laboratorní úloha 2 | Laboratory work | 10 | 0 |
| Laboratorní úloha 3 | Laboratory work | 10 | 0 |
| Laboratorní úloha 4 | Laboratory work | 10 | 0 |