EPN-V2

ITPE3100 Computer Security Course description

Course name in Norwegian
Datasikkerhet
Weight
10.0 ECTS
Year of study
2021/2022
Course history
Curriculum
FALL 2021
Schedule
Programme description

  • Introduction

    Gradert skala A-F.

  • Recommended preliminary courses

    The course builds on the courses Programming Software Engineering and Operating Systems.

  • Required preliminary courses

    Det benyttes en intern og en ekstern sensor til sensurering av oppgavene.

  • Learning outcomes

    After completing the course, the student is expected to have achieved the following learning outcomes defined in terms of knowledge, skills and general competence:

    Knowledge

    The student will be able to:

    • know the basic security principles of confidentiality, integrity and availability
    • identify common vulnerabilities, threats, threat agents, risks, and attack vectors
    • know the basics of cryptography and how it is used to protect data at rest and in transit
    • have knowledge of the protocols and standards related to modern cryptography
    • understand the different forms of authentication methods that can be utilized
    • explain the different types of access control models that can be used to safeguard information security
    • describe the protocols and standards related to identity, authentication and authorization.
    • understand the importance of controlling the flow of information in and out of the enterprise network and between security zones
    • have knowledge of mechanism for detecting anomalies and incidents early to detect and handle attacks.
    • understand the concept of Secure Software Development and Privacy by Design
    • Have knowledge of OWASP top 10 software security risk
    • have knowledge how to secure web applications and Application Programming Interface (API)

    Skills

    The student will be able to:

    • utilize security tools for encryption and signing
    • utilize programs to identify and detect vulnerabilities
    • enforce the principle of least privilege in services and other resources by using the Identity and Access Management System
    • scan and keep track of hardware and network equipment connected to enterprise networks using security tools
    • filter and control the traffic between the various security zones in the business and towards the internet by using a firewall technology.
    • detect and manage data attacks using Intrusion Detection and Prevention Systems (IDS / IPS)
    • apply the concept of secure software development with built-in privacy
    • develop secure web applications by utilizing standardized methods and protocols

    General competence

    The student is capable of:

    • discussing and communicating issues related to security principles confidentiality, integrity and accessibility
    • comparing, assessing and providing recommendations on the use and procurement of security solutions

  • Teaching and learning methods

    Lectures and work on practical assignments.

  • Course requirements

    None.

  • Assessment

    Individual digital home exam, 3 hours.

    The exam result can be appealed.

  • Permitted exam materials and equipment

    None.

  • Grading scale

    Grade scale A-F.

  • Examiners

    One internal examiner. External examiners are used regularly.

  • Overlapping courses

    Emnet er ekvivalent (overlapper 10 studiepoeng) med: LO147A, LO147D, LO147I og LO116A.

    Ved praktisering av 3-gangers regelen for oppmelding til eksamen teller forsøk brukt i ekvivalente emner.