Copenhagen School of Design and Technology

da

Introduction to IT Security

2022/2023
Danish title
Introduktion til IT-Sikkerhed
Study programme
Computer Science
Type of education
Full time education
Level of education
Academy Profession
Semester
4. semester
Duration of the subject/module
1 semester
Ects
10
Programme elements
Elective
Language
Danish and English
Start time
Autumn
Spring
Location
Guldbergsgade 29 N, København N
Subject number
3050420
Responsible for the subject(s)/modul(es)
Lorena Ronquillo Moreno
James Hindsgavl Brink
Dany Kallas
Charlie Demasi
Constantin Alexandru Gheorghiasa
  • Purpose and learning objectives

    This elective aims to qualify students for a broad understanding of IT Security.
    The students will touch on different areas of IT security, which they can subsequently immerse themselves further in.

    Knowledge

    The goal is for students to gain knowledge of:
    Crypto:
    • Understanding security issues such as: authentication, privacy, integrity and non-repudiation.
    • Understanding of security (attack and defense) in real-life IT systems and the role of keys, cryptographic algorithms and protocols.

    Software security:
    The student has knowledge of:
    • What importance does program quality have for IT security in relation to:
    o Threats to software
    o Criteria for program quality

    System security:
    • Relevant security principles for system security
    • OS roles in relation to security considerations.

    REM:
    • Assembly Registers and what they are used for: EAX (AX, AL, AH, RAX), EBX, ECX, ESP, EBP

    IT Governance:
    • Risk analysis
    • Standards and organizations in the safety work
    • Threats and the threat picture
    • Operational considerations for IT security

    Skills

    The student can:
    Crypto:
    • Identify and describe what cryptographic mechanisms are needed to build a security protocol.
    • Understand disadvantages related to the use of black-box security solution and homemade solutions.
    • Identify and explain common security pitfalls in an IT system in a cryptographic context.

    Software security:
    The student can:
    • Take security aspects into account by detecting and preventing vulnerabilities in program codes

    System security:
    Utilize countermeasures to secure systems
    • Implement systematic logging and monitoring of devices

    REM:
    • Be able to use relevant tools to perform static, static code, dynamic and behavioral analysis

    IT Governance:
    • Carry out risk assessments of smaller systems / companies, including data security
    • Assess which safety principles are to be applied in relation to a given context.

    Competences

    The student can:
    Crypto:
    • Analyze an IT system, and reflect on potential areas in which cryptography can improve the system.
    Adopt a constructive and critical view of the security provided by a particular IT system

    Software security:
    • Handling risk assessment of program code for vulnerabilities.

    System Security:
    • handle units at command line level
    • handle relevant encryption measures

    REM:
    Analyze malware at a basic level

    IT Governance:
    • Handle analyzes of which security threats currently need to be addressed in a specific IT system

  • Type of instruction
    The teaching method is a mix of lectures and exercises. Each lecture will consist of a part with new theory and a part in which the teacher applies the new theory in a practical solution by using some tools. After that, the students will work with some exercises.
  • Exam

    The learning outcomes of the exam are identical with the learning outcomes of the subject(s)/modul(es)

    Prerequisites for access to the examination
    There is one mandatory activity per 5 ECTS. A 10-ECTS module thus contains two mandatory
    activities, while a 5-ECTS module contains one mandatory activity. This is described in the relevant
    semester/class room on Fronter. Documentation of mandatory activities must be submitted
    via Fronter.
    Exam in one or more subjects
    Subject/module is tested standalone
    This elective will be completed with a hand-in synopsis followed by an oral exam.


    The exam is an oral exam with a grade. For the exam, the student will draw one of the 5 areas in ITS in this elective which they will then have to present. Based on their presentation and the questions they are asked, a grade will be given. The time of the re-examination will be stated in the overall education calendar. The students must use their knowledge / assignments made in the lessons to show examples in which they have applied knowledge from the subject.
    Type of exam
    Combined written and oral examination
    Formal requirements
    Synopsis max 2 A4 pages.
    Individual exam or group exam
    Individual
    Exam languages
    Danish (Norwegian/Swedish)
    Duration
    The student must give a 10-minute presentation, followed by a 20-minute examination of the student, including grading.
    Type of evaluation
    7-point grading scale
    Examiners
    Internal censure
    Exam criteria
    One overall grade is given based on an overall assessment of the presentation and the subsequent examination
  • Preliminary literature list
    This is a preliminary literature list. A final literature list will be provided in connection with study start.
    A series of relevant links.
64
hours of teaching
210
hours of preparation
The figure shows the extent of workload related to the subject divided into different study activities.

In the subject Introduction to IT Security you will receive 64 hours of instruction, which corresponds to 85 lessons (1 lesson = 45 min.) and 23% of your total workload for the subject.

The teaching primarily consists of the following activities: classroom teaching, exercises.
The preparation primarily consists of the following activities: reading your own notes, reading the curriculum.

Read about KEAs Study Activity Model

*KEA can deviate from the number of hours if this is justified by special circumstances