Module G: Cybersecurity of information and communication systems

Introduction to cybersecurity; overview of security threats and security requirements for networks and services. Security analysis; protective measures; standards, organizations, and authorities in the field of security. 

Cryptographic protection: symmetric and asymmetric algorithms, hash functions, digital signature and key management; certificates; public key infrastructure (PKI). 

Network security: types of threats and attacks (denial of service, spoofing, traffic interception and redirection, message integrity attacks, routing attacks, traffic analysis); network protocol and equipment vulnerabilities; the security of the access, network and transport layers of the TCP/IP stack. Defense mechanisms and protection methods at the interface, network and transport layers; firewalls and traffic filtering. 

Virtual Private Networks (VPNs): security protocols, design, advantages and disadvantages of different approaches. 

Techniques and tools for finding vulnerabilities and detecting intrusions at the network level. Defense mechanisms and countermeasures (network monitoring, intrusion detection, firewalls, anti-spoofing and DoS, honeypots). 

Operational management of network security (e.g., security policies, network access control configuration). 

Security of wireless networks. 

Security in mobile networks. 

Operating system security; user and kernel mode; user rights. Malware and rootkits. System service vulnerabilities and supply chain vulnerabilities (case studies). 

Software security: security of web traffic and web servers; hypertext transfer protocol (HTTP) security; secure SSL/TLS connections; authentication in online services; authentication and digital certificates. Application and browser security; session management; application vulnerabilities and protection (SQL injection, XSS and CSRF attacks); Client-side security (cookies, HTTPS, plugins, user tracking, same-origin policy); Server-side security tools (WAF, rate limiting, SIEM, central logging); Approaches and tools for finding vulnerabilities (e.g., fuzzing). Email security and Secure/Multipurpose Internet Mail Extensions (S/MIME). DNS service security and protection. 

Secure software development practices and life cycle; vulnerability management; software composition analysis. Static Application Security Tests (SAST), Dynamic Application Security Tests (DAST). 

The aim of the course is to give the student a comprehensive overview of the technical aspects of cyber security: security of computer hardware and peripheral equipment; security of the operating system; security of network equipment and network services (based on TCP/IP, typical topologies and architectures); secure software development; typical attack vectors on software systems; technologies to control and protect the security of endpoints and network equipment; and attack analysis. The course will give present a good basis for independent work in the field of planning secure architectures, networks, software and services, thus preparing them for career challenges in the role of an engineer, security analyst or manager. 

Lectures for theoretical aspects, classroom or laboratory work and teamwork for real-world use case scenarios and problem solving through project work. E-learning.