440-4128/01 – Cyber Security II (KB II)
Gurantor department | Department of Telecommunications | Credits | 5 |
Subject guarantor | prof. Ing. Miroslav Vozňák, Ph.D. | Subject version guarantor | prof. Ing. Miroslav Vozňák, Ph.D. |
Study level | undergraduate or graduate | Requirement | Choice-compulsory type A |
Year | 1 | Semester | summer |
| | Study language | Czech |
Year of introduction | 2021/2022 | Year of cancellation | 2023/2024 |
Intended for the faculties | FEI | Intended for study types | Follow-up Master |
Subject aims expressed by acquired skills and competences
Learning outcomes are set so that students gain the ability to identify, detect and analyze modern cyber threats in order to create an effective defense against them in the form of their own firewall and the deployment of advanced applications and tools. The student will also gain knowledge in the field of penetration testing of network infrastructures and elements.
Teaching methods
Lectures
Tutorials
Experimental work in labs
Project work
Summary
The course focuses on special and advanced areas of cyber security in the form of a practical introduction of modern attack schemes, their analysis and the creation of effective countermeasures using their own tools or third-party applications. The student will also learn to implement penetration tests in small and medium networks and will also gain knowledge in the field of cryptocurrencies and quantum computers.
Compulsory literature:
[1] Yuri Diogenes, Erdal Ozkaya, Cybersecurity – Attack and Defense Strategies: Counter modern threats and employ state-of-the-art tools and techniques to protect your organization against cybercriminals, 2nd Edition, 2019, ASIN: B081SSGKF5.
Recommended literature:
[1] Steve Suehring, Linux Firewalls: Enhancing Security with nftables and Beyond, 2015, ASIN : B00SN5JYTW
Way of continuous check of knowledge in the course of semester
Each student can get a maximum of 100 points during the semester, including:
• semestral project 40 points,
• realization of the paper 20 points,
• laboratory practice, 4x10 points.
E-learning
https://lms.vsb.cz
Other requirements
Advanced knowledge of network protocols and services, advanced knowledge of working in Linux and knowledge of cryptographic techniques, basic knowledge of scripting programming languages.
Prerequisities
Subject has no prerequisities.
Co-requisities
Subject has no co-requisities.
Subject syllabus:
1. Methods and tools of penetration on the physical layer - HW hacking, signal hijacking, traffic disruption, social engineering.
2. Methods and tools for scanning and monitoring on network traffic - MiTM, ARP poisoning, EtherCAP, advanced work with Nmap.
3. Methods and tools for Denial of Service and eavesdropping - DOS vs. DDOS, botnet, ionorbitalcannon, Hulk.
4. Methods and tools for password detection - rainbow tables, dictionary vs. brute force attacks, combination and use of modern techniques - CUDA, neural networks.
5. Methods and tools for active penetration - malware, ransomware, locking.
6. Design of secure network infrastructure - element redundancy, high availability, authentication, role management, password policy, perimeter security, monitoring.
7. Design of secure network infrastructure - practical security of protocols and services - HTTPS, SFTP, DNSSEC, secure protocols el. mail, storage encryption.
8. Design of secure network infrastructure - firewall deployment - modes, IPtables, NFtables, advanced configuration - security zones, adaptive filtering, DMZ.
9. Design of secure network infrastructure - passive and active monitoring systems IDS / IPS - possibilities of deployment in topology, principles of detection, creation of rules, possibilities of connection to security elements, practical examples - Suricata.
10. Design of secure network infrastructure - Honeypots and Honeynets - division, principle of operation, deployment options, interaction modes - Tpot, Dianoea, Kippo, cowrie.
11. Penetration testing - vurneability tools for security level evaluation - Nessus, OpenVAS, Metasploit, PerfectStorm - creation of testing scenarios and malware sandboxing.
12. Penetration testing - tools for wireless networks - promiscuous vs. monitoring mode, principles of security modes penetration - PSK, EAP.
13.Practical Security - finance - cryptocurrencies - principles, security, blockchain, darknet and blackmarkets
14. Practical Security - quantum computer - principles, applications, new approaches to cryptography, impacts, current trends
Conditions for subject completion
Occurrence in study plans
Occurrence in special blocks
Assessment of instruction