EPN-V2

ITPE3100 Computer Security Course description

Course name in Norwegian
Datasikkerhet
Weight
10.0 ECTS
Year of study
2023/2024
Course history
Curriculum
FALL 2023
Schedule
Programme description

  • Introduction

    The students shall develop knowledge and an understanding of the concept of computer security, with the pertaining technologies and techniques. They shall also be capable of using some security tools. The students shall be capable of analysing the computer security needs of an enterprise in relation to alternative security solutions. The theoretical knowledge will be used in practical assignments throughout the course.

  • Recommended preliminary courses

    Individual written exam under supervision of 3 hours.

    The exam result can be appealed.

    In the event of resit and rescheduled exams, another exam form may also be used or a new assignment given with a new deadline. If oral exams are used, the result cannot be appealed.

  • Required preliminary courses

    No requirements over and above the admission requirements.

  • Learning outcomes

    After completing the course, the student is expected to have achieved the following learning outcomes defined in terms of knowledge, skills and general competence:

    Knowledge

    The student will be able to:

    • know the basic security principles of confidentiality, integrity and availability
    • identify common vulnerabilities, threats, threat agents, risks, and attack vectors
    • know the basics of cryptography and how it is used to protect data at rest and in transit
    • have knowledge of the protocols and standards related to modern cryptography
    • understand the different forms of authentication methods that can be utilized
    • explain the different types of access control models that can be used to safeguard information security
    • describe the protocols and standards related to identity, authentication and authorization.
    • understand the importance of controlling the flow of information in and out of the enterprise network and between security zones
    • have knowledge of mechanism for detecting anomalies and incidents early to detect and handle attacks.
    • understand the concept of Secure Software Development and Privacy by Design
    • Have knowledge of OWASP top 10 software security risk
    • have knowledge how to secure web applications and Application Programming Interface (API)

     

    Skills

    The student will be able to:

    • utilize security tools for encryption and signing
    • utilize programs to identify and detect vulnerabilities
    • enforce the principle of least privilege in services and other resources by using the Identity and Access Management System
    • scan and keep track of hardware and network equipment connected to enterprise networks using security tools
    • filter and control the traffic between the various security zones in the business and towards the internet by using a firewall technology.
    • detect and manage data attacks using Intrusion Detection and Prevention Systems (IDS / IPS)
    • apply the concept of secure software development with built-in privacy
    • develop secure web applications by utilizing standardized methods and protocols

     

    General competence

    The student is capable of:

    • discussing and communicating issues related to security principles confidentiality, integrity and accessibility
    • comparing, assessing and providing recommendations on the use and procurement of security solutions

  • Teaching and learning methods

    Lectures and work on practical assignments.

  • Course requirements

    How can you as a technologist contribute in innovative and value-creating projects? How can digital technologies help solve problems and opportunities? Based on innovation in this course you will work at development aimed at digital and sustainable business models. This is an introductory subject that gives you the skills and tools to contribute in digital projects. The course emphasizes innovation, business models, finance in development projects, sustainability and ethics. The course provides practical use of tools and examples from Norwegian working and business life to give you a understanding of how you can think and act as a technologist in local working life.

  • Assessment

    No requirements over and above the admission requirements.

  • Permitted exam materials and equipment

    After completing the course, the student should have the following overall learning outcomes defined in terms of knowledge, skills and general competence:

    Knowledge

    When completing this subject you will

    • have knowledge of key concepts, tools and methods within innovation and value creation

    • have knowledge of sustainable and digital business models

    • have knowledge of finance in development projects

     

    Skills:

    You should be able to

    • contribute to innovation processes and value-creating projects

    • carry out simple analyzes of business models and be able to identify opportunities for sustainable solutions

    • present your own work using relevant work tools

    • apply knowledge of finance in development projects, be able to identify deviations and propose measures

    • apply knowledge of ethics and sustainability and the influence of technologists in working life

     

    General competence:

    The candidate is

    • able to apply knowledge and skills about innovation and sustainable business models in collaboration with others and show an ability to reflect on process and results. 

  • Grading scale

    Lectures, project work, supervision, presentations and exercises.

  • Examiners

    One oral group presentation (max. 4 students) lasting a maximum of 10 minutes.