Introduction to IT Security2023/2024
- Purpose and learning objectives
This elective aims to qualify students for a broad understanding of IT Security.Knowledge
The students will touch on different areas of IT security, which they can subsequently immerse themselves further in.
The goal is for students to gain knowledge of:Skills
• Understanding security issues such as: authentication, privacy, integrity and non-repudiation.
• Understanding of security (attack and defense) in real-life IT systems and the role of keys, cryptographic algorithms and protocols.
The student has knowledge of:
• What importance does program quality have for IT security in relation to:
o Threats to software
o Criteria for program quality
• Relevant security principles for system security
• OS roles in relation to security considerations.
• Risk analysis
• Standards and organizations in the safety work
• Threats and the threat picture
• Operational considerations for IT security
The student can:Competences
• Identify and describe what cryptographic mechanisms are needed to build a security protocol.
• Understand disadvantages related to the use of black-box security solution and homemade solutions.
• Identify and explain common security pitfalls in an IT system in a cryptographic context.
The student can:
• Take security aspects into account by detecting and preventing vulnerabilities in program codes
Utilize countermeasures to secure systems
• Implement systematic logging and monitoring of devices
• Carry out risk assessments of smaller systems / companies, including data security
• Assess which safety principles are to be applied in relation to a given context.
The student can:
• Analyze an IT system, and reflect on potential areas in which cryptography can improve the system.
Adopt a constructive and critical view of the security provided by a particular IT system
• Handling risk assessment of program code for vulnerabilities.
• handle units at command line level
• handle relevant encryption measures
• Handle analyzes of which security threats currently need to be addressed in a specific IT system
- Type of instruction
The teaching method is a mix of lectures and exercises. Each lecture will consist of a part with new theory and a part in which the teacher applies the new theory in a practical solution by using some tools. After that, the students will work with some exercises.
The learning outcomes of the exam are identical with the learning outcomes of the subject(s)/modul(es)Prerequisites for access to the examinationThere is one mandatory activity per 5 ECTS. A 10-ECTS module thus contains two mandatory
activities, while a 5-ECTS module contains one mandatory activity. This is described in the relevant
semester/class room on Fronter. Documentation of mandatory activities must be submitted
via Fronter.Exam in one or more subjectsSubject/module is tested standaloneThis elective will be completed with a hand-in synopsis followed by an oral exam.
The exam is an oral exam with a grade. For the exam, the student will draw one of the 5 areas in ITS in this elective which they will then have to present. Based on their presentation and the questions they are asked, a grade will be given. The time of the re-examination will be stated in the overall education calendar. The students must use their knowledge / assignments made in the lessons to show examples in which they have applied knowledge from the subject.Type of examCombined written and oral examinationFormal requirementsSynopsis max 2 A4 pages.Individual exam or group examIndividualExam languagesDanish (Norwegian/Swedish)DurationThe student must give a 10-minute presentation, followed by a 20-minute examination of the student, including grading.Type of evaluation7-point grading scaleExaminersInternal censureExam criteriaOne overall grade is given based on an overall assessment of the presentation and the subsequent examination
- Preliminary literature list
This is a preliminary literature list. A final literature list will be provided in connection with study start.A series of relevant links.
In the subject Introduction to IT Security you will receive 48 hours of instruction, which corresponds to 64 lessons (1 lesson = 45 min.) and 18% of your total workload for the subject.
The teaching primarily consists of the following activities: classroom teaching, exercises.
The preparation primarily consists of the following activities: reading your own notes, reading the curriculum.
Read about KEAs Study Activity Model
*KEA can deviate from the number of hours if this is justified by special circumstances