155-1328/01 – Cyber security (PB)
| Gurantor department | Department of Applied Informatics | Credits | 5 |
| Subject guarantor | Ing. Jan Ministr, Ph.D. | Subject version guarantor | Ing. Jan Ministr, Ph.D. |
| Study level | undergraduate or graduate | Requirement | Compulsory |
| Year | 3 | Semester | winter |
| | Study language | Czech |
| Year of introduction | 2020/2021 | Year of cancellation | |
| Intended for the faculties | EKF | Intended for study types | Bachelor |
Subject aims expressed by acquired skills and competences
Learning outcomes of the course unit The aim of the course is to acquire basic knowledge of students in the field of data protection and security. Students will become familiar with the structure and properties of the integrated management system with emphasis on planning and implementation of ISMS (Information Security Management System) in accordance with Czech legislation. In addition, students will acquire basic knowledge in the field of information security auditing, including basic procedures that require certification audit for ISMS compliance in an organization with the international standard ISO / IEC 27001.
Teaching methods
Lectures
Individual consultations
Tutorials
Project work
Summary
Learning outcomes of the course unit The aim of the course is to acquire basic knowledge of students in the field of data protection and security. Students will become familiar with the structure and properties of the integrated management system with emphasis on planning and implementation of ISMS (Information Security Management System) in accordance with Czech legislation. In addition, students will acquire basic knowledge in the field of information security auditing, including basic procedures that require certification audit for ISMS compliance in an organization with the international standard ISO / IEC 27001.
Compulsory literature:
Recommended literature:
Way of continuous check of knowledge in the course of semester
Credit:
- active participation in seminars;
- elaboration of the project according to the required structure and its delivery at a given date;
- get at least 23 points out of 45.
Exam:
- oral (defense of the project and oral questions from given topics).
E-learning
Students have at their disposal LMS Moodle presentations of individual lectures, case studies, assignments and data for exercises.
Other requirements
Active participation in seminars.
Elaboration of the project according to the required structure and its delivery within the given deadline.
Prerequisities
Subject has no prerequisities.
Co-requisities
Subject has no co-requisities.
Subject syllabus:
1. Introduction to information security, information and information process
2. Cryptography, computer viruses and malicious codes
3. Computer crime
4. IMS - Integrated Management System, (PCDA Model, Risk Management, QMS, EMS, OHASMS)
5. Management of informatics and information security in organization (IT Governance, IT Service Management)
6. Information Security Governance
7. Methodological frameworks COBIT and ITIL from the perspective of information security management
8. Information security management methodologies (historical development, security evaluation criteria)
9.. Information security management system (establishment, implementation, monitoring, maintenance and improvement of ISMS)
10. Implementation of security measures (security policy, asset management, human resources security, physical and environmental security, communication and traffic management, access control, IS acquisition and maintenance, security incidents, business continuity management).
11. Information security audit and testing (basic security audit, ISMS certification)
12. Legal framework of information security (in the Czech Republic, EU and other institutions)
13. Trends and development of information security
Conditions for subject completion
Occurrence in study plans
Occurrence in special blocks
Assessment of instruction