EPN-V2

ITPE3100 Computer Security Course description

Course name in Norwegian
Datasikkerhet
Weight
10.0 ECTS
Year of study
2021/2022
Course history
Curriculum
FALL 2021
Schedule
Programme description

  • Introduction

    The students shall develop knowledge and an understanding of the concept of computer security, with the pertaining technologies and techniques. They shall also be capable of using some security tools. The students shall be capable of analysing the computer security needs of an enterprise in relation to alternative security solutions. The theoretical knowledge will be used in practical assignments throughout the course.

  • Recommended preliminary courses

    The course builds on the courses Programming Software Engineering and Operating Systems.

  • Required preliminary courses

    After completing the course, the student is expected to have achieved the following learning outcomes defined in terms of knowledge, skills and general competence​.

     

    Knowledge

    The student is capable of the following, in English:

    • describing the work of technologists in a chosen field of technology
    • describing research and developments in a chosen field of technology
    • explaining rhetorical mechanisms and argumentation

    Skills

    The student is capable of the following, in English:

    • using correct terminology for technology-related topics in general and in a chosen subject area in particular
    • presenting and describing technology and related processes
    • planning and authoring technical and academic texts in English according to international.conventions and norms.
    • identifying relevant sources of information, assessing the quality of sources and referring to sources according to established standards.
    • using oral English in academic discussions.

    General competence

    The student is capable of the following, in English:

    • communicating in written and oral contexts that are relevant to their education and future profession
    • adapting oral and written communication to suit the recipient, situation and purpose
    • planning and carrying out project work alone or together with others

  • Learning outcomes

    After completing the course, the student is expected to have achieved the following learning outcomes defined in terms of knowledge, skills and general competence:

    Knowledge

    The student will be able to:

    • know the basic security principles of confidentiality, integrity and availability
    • identify common vulnerabilities, threats, threat agents, risks, and attack vectors
    • know the basics of cryptography and how it is used to protect data at rest and in transit
    • have knowledge of the protocols and standards related to modern cryptography
    • understand the different forms of authentication methods that can be utilized
    • explain the different types of access control models that can be used to safeguard information security
    • describe the protocols and standards related to identity, authentication and authorization.
    • understand the importance of controlling the flow of information in and out of the enterprise network and between security zones
    • have knowledge of mechanism for detecting anomalies and incidents early to detect and handle attacks.
    • understand the concept of Secure Software Development and Privacy by Design
    • Have knowledge of OWASP top 10 software security risk
    • have knowledge how to secure web applications and Application Programming Interface (API)

    Skills

    The student will be able to:

    • utilize security tools for encryption and signing
    • utilize programs to identify and detect vulnerabilities
    • enforce the principle of least privilege in services and other resources by using the Identity and Access Management System
    • scan and keep track of hardware and network equipment connected to enterprise networks using security tools
    • filter and control the traffic between the various security zones in the business and towards the internet by using a firewall technology.
    • detect and manage data attacks using Intrusion Detection and Prevention Systems (IDS / IPS)
    • apply the concept of secure software development with built-in privacy
    • develop secure web applications by utilizing standardized methods and protocols

    General competence

    The student is capable of:

    • discussing and communicating issues related to security principles confidentiality, integrity and accessibility
    • comparing, assessing and providing recommendations on the use and procurement of security solutions

  • Teaching and learning methods

    The following requirements are compulsory and must be approved before the student can sit the exam:

    • Two oral presentations given at agreed times
    • at least 80% attendance

  • Course requirements

    Portfolio assessment subject to the following requirements:

    • two individual written assignments
    • one written group assignment carried out in groups of 2-5 students

    One overall grade is given for the portfolio.

    The exam result can be appealed.

  • Assessment

    All aids are allowed.

  • Permitted exam materials and equipment

    Graded scale A-F.

  • Grading scale

    One internal examiner. External examiners are occasionally used.

  • Examiners

    Evelyn Eika

  • Overlapping courses

    Emnet er ekvivalent (overlapper 10 studiepoeng) med: LO147A, LO147D, LO147I og LO116A.

    Ved praktisering av 3-gangers regelen for oppmelding til eksamen teller forsøk brukt i ekvivalente emner.