Goal: The goal of the subject is to raise security awareness, to provide an overview on certain areas of IT security, and to prepare the prospective computer engineer for IT security problems, which arise in their later work.
Course description: Short overview on the history of information security. Ethical issues, motivations, targets, security awareness, regulations. Cryptology, cryptographic algorithms and basic protocols. Vulnerability of workstations, servers, networks and infrastructures. Physical protection. Malicious software (malware). User authentication, authorization and access management. Password management in operating systems. Problems of password choice, password breaking techniques. Network attack methods. Border protection of network (firewalls, IDS/IPS). Public Key Infrastructure. Secure communication, internet security protocols. Secure mail and data storage. Security of mobile and cloud-based systems. Vulnerability of applications. Risk management.