|
|
Main menu for Browse IS/STAG
Course info
KIT / BBIS
:
Course description
Department/Unit / Abbreviation
|
KIT
/
BBIS
|
Academic Year
|
2023/2024
|
Academic Year
|
2023/2024
|
Title
|
Security of Information Systems
|
Form of course completion
|
Examination
|
Form of course completion
|
Examination
|
Accredited / Credits
|
Yes,
5
Cred.
|
Type of completion
|
Combined
|
Type of completion
|
Combined
|
Time requirements
|
Lecture
2
[HRS/WEEK]
Tutorial
2
[HRS/WEEK]
|
Course credit prior to examination
|
Yes
|
Course credit prior to examination
|
Yes
|
Automatic acceptance of credit before examination
|
No
|
Included in study average
|
YES
|
Language of instruction
|
Czech
|
Occ/max
|
|
|
|
Automatic acceptance of credit before examination
|
No
|
Summer semester
|
58 / -
|
0 / 0
|
0 / 0
|
Included in study average
|
YES
|
Winter semester
|
0 / -
|
0 / -
|
0 / -
|
Repeated registration
|
NO
|
Repeated registration
|
NO
|
Timetable
|
Yes
|
Semester taught
|
Summer semester
|
Semester taught
|
Summer semester
|
Minimum (B + C) students
|
not determined
|
Optional course |
Yes
|
Optional course
|
Yes
|
Language of instruction
|
Czech
|
Internship duration
|
0
|
No. of hours of on-premise lessons |
0
|
Evaluation scale |
A|B|C|D|E|F |
Periodicity |
každý rok
|
Evaluation scale for credit before examination |
S|N |
Periodicita upřesnění |
|
Fundamental theoretical course |
Yes
|
Fundamental course |
No
|
Fundamental theoretical course |
Yes
|
Evaluation scale |
A|B|C|D|E|F |
Evaluation scale for credit before examination |
S|N |
Substituted course
|
KIT/IBIS
|
Preclusive courses
|
N/A
|
Prerequisite courses
|
N/A
|
Informally recommended courses
|
N/A
|
Courses depending on this Course
|
N/A
|
Histogram of students' grades over the years:
Graphic PNG
,
XLS
|
Course objectives:
|
Familiaring students with the design of a secure Information System and Information Security Management System in company.
|
Requirements on student
|
Active mandatory attendance of seminars and lectures where selected topics will be practiced and also fulfilling of certain specified requirements.
Successful finishing of all tasks is required.
|
Content
|
Information system, definitions and types of IS.
Basic concepts of security, threats, risks and vulnerability attacks.
Risk analysis.
Safety measures and security policy.
Criteria for system security assessment TCSEC, CTCPEC, ITSEC and CC.
Methods of monitoring the system, types of IDS.
Security features for added security IS.
Response to incidents and forensic analysis.
Audit/penetration test.
Security of operating systems, databases and applications.
Importance of smart cards in security.
Cybercrime, ICT and security threats.
Security Methods of client computer.
Information security during data transmission.
Cloud computing and security of information assets.
Cryptographic security mechanisms.
Symmetric and asymmetric encryption algorithms.
Electronic signature, keys and certification.
Information Security Management System (ISMS).
Certification - the introduction to information security of management system.
The benefits of installation and certification of ISMS.
Usage of CSN BS7799-2: 2004, ISO / IEC 17799: 2005 and ISO / IEC 27001 in the implementation of information security management system.
Increase of the security of the information system by implementation and maintenance of the subsystems enhancing information security in the organization.
Subsystem asset management, risk management, security policy management of information security, personal security, physical security, communication management and operation of ICT.
Subsystem of rules of access to systems where safety rules are in the phase of acquirement, development and maintenance, solution of security incidents and deficiencies in management administration business, continuity and compliance standards and legal standards.
The legislative framework of information security in the Czech Republic.
|
Activities
|
|
Fields of study
|
V případě mimořádných opatření bude výuka probíhat vzdáleně s využitím programu MS Teams v době dle rozvrhu. Účast na schůzkách skupiny v MS Teams je ekvivalentní účasti na přednáškách a cvičeních.
|
Guarantors and lecturers
|
|
Literature
|
-
Basic:
HANÁČEK, P; STAUDEK, J. Bezpečnost informačních systémů. Praha: Úřad pro státní informační systém, 2000. ISBN: 80-23854-00-3. S: 127..
-
Basic:
KOLOUCH, Jan. CyberCrime. 1. vydání, Praha: CZ.NIC, z.s.p.o. , 2016. ISBN 978-80-88168-18-8. S: 528. Dostupný z WWW: < http://www.nic.cz>..
-
Basic:
BUDIŠ, Petr. Elektronický podpis a jeho aplikace v praxi. Praha: Nakladatelství ANAG, 2008. ISBN 978-80-7263-465-1. S:162..
-
Basic:
ČSN ISO/IEC 27001. Informační technologie-Bezpečnostní techniky-Systémy managementu bezpečnosti informací - Požadavky. Praha: Český normalizační institut, 2006. 36s..
-
Recommended:
PATTINSON, F. Certifying Information Security Management Systems. CISSP, CSDP, Atsec information security corporation. Dostupný z WWW: < http://www.atsec.com>..
-
Recommended:
MACHÁČEK, Miloslav. Cloud Computing and Security of Information Assets. Annual International Interdisciplinary Conference, AIIC 2014. University of the Azores, Ponta Delgada, 8-12 July 2014, Azores Islands, Portugal. p. 428. ISBN 978-608-4642-26-8..
-
Recommended:
JOINT TASK FORCE TRANSFORMATION INITIATIVE. Information security. Computer Security Division, Information Technology Laboratory, National Institute of Standards and Technology. Gaithersburg 2011, MD 20899-8930. March 2011. Dostupný z WWW: < http://csrc.nist.gov>..
|
Prerequisites - other information about course preconditions |
Basic knowledge of work with PC (Windows 7, 8, 10 or Linux OS).
Notebook with Windows. |
Competences acquired |
Students are going to gain knowledge about information systems security and about a set of policies connected with information security management. |
Teaching methods |
- Monologic (reading, lecture, briefing)
- Dialogic (discussion, interview, brainstorming)
- Methods of individual activities
- Skills training
|
Assessment methods |
- Written examination
- Home assignment evaluation
- Discussion
- Self project defence
- Presentation
|
|
|
|