Studyinfo subject ITPE3100 2020 HØST
ITPE3100 Computer Security Course description
- Course name in Norwegian
- Datasikkerhet
- Study programme
-
Bachelorstudium i ingeniørfag - data / Bachelorstudium i informasjonsteknologi / Bachelorstudium i anvendt datateknologi
- Weight
- 10.0 ECTS
- Year of study
- 2020/2021
- Curriculum
-
FALL
2020
- Schedule
- Programme description
Introduction
The students shall develop knowledge and an understanding of the concept of computer security, with the pertaining technologies and techniques. They shall also be capable of using some security tools. The students shall be capable of analysing the computer security needs of an enterprise in relation to alternative security solutions. The theoretical knowledge will be used in practical assignments throughout the course.
Recommended preliminary courses
The course builds on the courses Programming Software Engineering and Operating Systems.
Required preliminary courses
No requirements over and above the admission requirements.
Learning outcomes
After completing the course, the student is expected to have achieved the following learning outcomes defined in terms of knowledge, skills and general competence:
Knowledge
The student will be able to:
know the basic security principles of confidentiality, integrity and availability
identify common vulnerabilities, threats, threat agents, risks, and attack vectors
know the basics of cryptography and how it is used to protect data at rest and in transit
have knowledge of the protocols and standards related to modern cryptography
understand the different forms of authentication methods that can be utilized
explain the different types of access control models that can be used to safeguard information security
describe the protocols and standards related to identity, authentication and authorization.
understand the importance of controlling the flow of information in and out of the enterprise network and between security zones
have knowledge of mechanism for detecting anomalies and incidents early to detect and handle attacks.
understand the concept of Secure Software Development and Privacy by Design
Have knowledge of OWASP top 10 software security risk
have knowledge how to secure web applications and Application Programming Interface (API)
Skills
The student will be able to:
utilize security tools for encryption and signing
utilize programs to identify and detect vulnerabilities
enforce the principle of least privilege in services and other resources by using the Identity and Access Management System
scan and keep track of hardware and network equipment connected to enterprise networks using security tools
filter and control the traffic between the various security zones in the business and towards the internet by using a firewall technology.
detect and manage data attacks using Intrusion Detection and Prevention Systems (IDS / IPS)
apply the concept of secure software development with built-in privacy
develop secure web applications by utilizing standardized methods and protocols
General competence
The student is capable of:
- discussing and communicating issues related to security principles confidentiality, integrity and accessibility
comparing, assessing and providing recommendations on the use and procurement of security solutions
Teaching and learning methods
Lectures and work on practical assignments.
Course requirements
None.
Assessment
Individual written exam, 3 hours.
The exam result can be appealed.
Permitted exam materials and equipment
None.
Grading scale
Grade scale A-F.
Examiners
One internal examiner. External examiners are used regularly.