The course addresses five major topics:
- The principal security requirements and attacker models
- The fundamental cryptographic tools in Information Security
- Primary security protocols and Internet standards (PKI, TLS)
- Practical techniques for penetrating and hardening IT-systems
- Computer forensic techniques
Intended learning outcomes
After the course, the student should be able to:
- Identify, list, and discuss major principles of IT security
- Apply and relate those principles to the securing of networked server installations
- List and analyse standard attacks, especially on web applications in particular
- Describe and explain intrusion detection
- Identify, list, and explain common security pitfalls of web applications
- Identify, describe and explain basic computer forensics techniques
- Identify and describe the proper use of cryptography in security
- Analyse an IT-system for security risks and reflect on potential improvements of the system
Ordinary examExam type:
A: Written exam on premises, external (7-trinsskala)
A11: Written exam on premises. Open book exam.
Exam questions will contain a sub-section on "Binary exploits and malicious code" not in the corresponding MSc exam.
The duration of the written examination is 4 hours.