Course Unit Code | 440-2320/02 |
---|
Number of ECTS Credits Allocated | 4 ECTS credits |
---|
Type of Course Unit * | Optional |
---|
Level of Course Unit * | First Cycle |
---|
Year of Study * | |
---|
Semester when the Course Unit is delivered | Winter Semester |
---|
Mode of Delivery | Face-to-face |
---|
Language of Instruction | English |
---|
Prerequisites and Co-Requisites | Course succeeds to compulsory courses of previous semester |
---|
Name of Lecturer(s) | Personal ID | Name |
---|
| REZ106 | Ing. Filip Řezáč, Ph.D. |
Summary |
---|
Course contents (annotation): The course provides an explanation of basic security mechanisms of communication in computer networks, solution and analysis of secure communication in modern computer systems, knowledge of basic cryptographic algorithms and application of applications for minimization of security risks. Students will gain practical skills and will be able to design and implement simple security solutions in ICT environments such as network monitoring, certificate usage and functionality, configuration and management of a simple VPN network, configuration of firewall and basic network trapping tools. |
Learning Outcomes of the Course Unit |
---|
The graduate will understand security risks and measures in communication technologies and be able to apply basic security countermeasures.
Learning outcomes are designed so that students are able to identify, apply and solve problems in the field of safety in communications and understand the basic cryptographic methods.
|
Course Contents |
---|
1. Introduction to security, network security history, development and modern security trends.
2. Monitor, scan and analyze network traffic from a security point of view. Google hacking and traffic scans.
3. Key management and distribution, purpose of certificates, digital signature, one-way functions, types of ciphers.
4. Family of SSL / TLS security protocols, certificate and key generation tools, certification authority, certificate revocation.
5. Secure remote access management, remote access protocols, security mechanisms, secure file transfer.
6. Network and transport layer security, virtual private networks.
7. Communications security at local, national and international level, personal data protection - GDPR.
8. Security of mobile and radio networks, security of the internet concept of things.
9. Systems for autonomous monitoring in computer networks - deployment, rules, options, demilitarized zones, traffic monitoring.
10. Firewalls - distribution, functions, examples, configurations, options.
11. Systems for Penetration and Power Sieving Testing.
12. Multimedia Security - audio, image, IM monitoring, eavesdropping, steganography.
13. Honeypots and Honeynets - Description, Features and Usage, Configuration, Deployment Methods.
Exercises
Prerequisites and co-requisites for the course content, history in the security in communication.T1
Basics applications with the certificates. Security suffixes, certificate containers, digital signature.T3
Options and applications for secure connection to remote servers, secure data transfer with SCP, generation of SSH certificates, Putty, Samba protocol.T5
Wireless security, traffic simulation, promiscuity mode analysis (Assigment of the essay) .T8
Presentation of the essays - evaluated 20 points.T12
Presentation of semestral projects and credit - evaluated 40 points.T13
Labs
Scanning and monitoring the security threats, finding potential security vulnerabilities using specific tools.T2
Practical work with security libraries, creating a certification authority, generating a signing keys, revoking the certificate, realization of self-sign CA according to assignment - evaluated 10 points. T4
Creating a virtual private network and connecting, designing and implementing a simple VPN.T6
Implementation of VPN tunnel according to assignment - evaluated 10 points.T7
Introduction to intrusion detection and protection systems- installation, configuration, rules setting, logging, realization of IDS / IPS rules according to assignment - evaluated 10 points. T9
Firewall Configuration Basics - Basic Rules, Advanced Configuration, Address Translation Options. (Tutorial Project Specification).T10
Configure simple firewall and watch-dog agent using rules and detection system - rated 10 points.T11
|
Recommended or Required Reading |
---|
Required Reading: |
---|
VIEGA, J., MESSIER M., CHANDRA P. - Network Security with OpenSSL, 2002, 978-0596002701.
COLLIER,M.,ENDLER,D. - Hacking Exposed Unified Communications & VoIP Security Secrets & Solutions, Second Edition, 2013, 978-0071798761.
RASH, M.- Linux Firewalls: Attack Detection and Response with iptables, 2007, 978-1593271411.
|
VIEGA, J., MESSIER M., CHANDRA P. - Network Security with OpenSSL, 2002, 978-0596002701.
COLLIER,M.,ENDLER,D. - Hacking Exposed Unified Communications & VoIP Security Secrets & Solutions, Second Edition, 2013, 978-0071798761.
RASH, M.- Linux Firewalls: Attack Detection and Response with iptables, 2007, 978-1593271411.
LEVICKÝ,D. - Kryptografia v informačnej bezpečnosti, 2005, 80-8086-022-X.
ŘEZÁČ, F., VOZŇÁK, M., ROZHON, J. – Bezpečnost v komunikacích, 2013, vysokoškolská skripta.
|
Recommended Reading: |
---|
FEILNER,M. OpenVPN. Birmingham: Packt Publishing,Ltd., 258p. 2006. ISBN 1-904811-85-X
KONHEIM,A. Computer Security and cryptography. New Jersey: JWS, Inc. 521p. 2007. ISBN: 978-0-471-94783-7
|
FEILNER,M. OpenVPN. Birmingham: Packt Publishing,Ltd., 258p. 2006. ISBN 1-904811-85-X
PŘIBYL, J.,KODL, J. Ochrana dat v informatice. Praha: ČVUT v Praze, 299. 1997. ISBN 80-01-01664-1
KONHEIM,A. Computer Security and cryptography. New Jersey: JWS, Inc. 521p. 2007. ISBN: 978-0-471-94783-7
PŘIBYL, J. Informační bezpečnost a utajování zpráv.Praha: ČVUT, 2004. ISBN: 80-01-02863-1
|
Planned learning activities and teaching methods |
---|
Lectures, Tutorials, Experimental work in labs, Project work, Teaching by an expert (lecture or tutorial) |
Assesment methods and criteria |
---|
Tasks are not Defined |