Course description

Main page | Study Branches/Specializations | Groups of Courses | All Courses | Roles Instructions

A course is the basic teaching unit, it's design as a medium for a student to acquire comprehensive knowledge and skills indispensable in the given field. A course guarantor is responsible for the factual content of the course.
For each course, there is a department responsible for the course organisation. A person responsible for timetabling for a given department sets a time schedule of teaching and for each class, s/he assigns an instructor and/or an examiner.
Expected time consumption of the course is expressed by a course attribute extent of teaching. For example, extent = 2 +2 indicates two teaching hours of lectures and two teaching hours of seminar (lab) per week.
At the end of each semester, the course instructor has to evaluate the extent to which a student has acquired the expected knowledge and skills. The type of this evaluation is indicated by the attribute completion. So, a course can be completed by just an assessment ('pouze zápočet'), by a graded assessment ('klasifikovaný zápočet'), or by just an examination ('pouze zkouška') or by an assessment and examination ('zápočet a zkouška') .
The difficulty of a given course is evaluated by the amount of ECTS credits.
The course is in session (cf. teaching is going on) during a semester. Each course is offered either in the winter ('zimní') or summer ('letní') semester of an academic year. Exceptionally, a course might be offered in both semesters.
The subject matter of a course is described in various texts.

BI-ZSB.21 Basics of System Security Extent of teaching: 2P+2C

Instructor: Fornůsek S., Novák D., Svetlík M. Completion: Z,ZK

Department: 18106 Credits: 5 Semester: Z

Annotation:
The goal of the course is to provide introduction to basic concepts in security of computer systems. Further, the course introduces the basics of forensic analysis and related topics such as malware analysis or incident response. After finishing the course student will get both theoretical and practical knowledge in the area of modern operating systems security, as well as skills needed for independent work in the area of operating system security incident analysis.

Lecture syllabus:

1. Introduction to systems security, definition of basic terms, system security requirements.

2. Operating systems security - threat model, security concepts.

3. Operating systems security - secure design, role of OS in security.

4. Memory and CPU architecture attacks (Meltdown, Spectre).

5. Access control in operating systems.

6. Introduction to forensic analysis, terminology, methodology, applications.

7. Forensic analysis - data acquisition.

8. Forensic analysis of file systems and its artefacts.

9. Security incident response.

10. Malware analysis (online services, static analysis, dynamic analysis).

11. Vulnerability management and Patch management.

12. Business Continuity Management.

13. Disaster Recovery.

Seminar syllabus:

1. Security features in OS Windows

2. Security features in OS Linux, SELinux

3. Access control in Linux and Windows

4 Meltdown & Spectre attacks

5. Basics of forensics analysis

6. File system forensic analysis, MFT extraction and analysis

7. Practical malware analysis

Literature:

1. Anderson R. : Security engineering - A Guide to building dependable distributed systems (2nd Edition). John Wiley & Sons, 2008. ISBN 978-0470068526.

2. Perla E. : A Guide to Kernel Exploitation: Attacking the Core. Syngress, 2010. ISBN 978-1597494861.

3. Arnes A. : Digital Forensics. John Wiley & Sons, 2017. ISBN 978-1119262381.

4. Stallings W., Brown L. : Computer Security: Principles and Practice, Global Edition (4th Edition). Pearson, 2018. ISBN 978-1292220611.

5. Anson S. : Applied Incident Response. John Wiley & Sons, 2020. ISBN 978-1119560265.

Requirements:
The course has no initial knowledge requirements.

Webová stránka předmětu ještě neexestuje.

The course is also part of the following Study plans:

Study Plan Study Branch/Specialization Role Recommended semester

BI-IB.21 Information Security 2021 (in Czech) PS 5

BI-SPOL.21 Unspecified Branch/Specialisation of Study VO 5

BI-SI.21 Software Engineering 2021 (in Czech) V 5

BI-TI.21 Computer Science 2021 (in Czech) V 5

BI-WI.21 Web Engineering 2021 (in Czech) V 5

BI-PS.21 Computer Networks and Internet 2021 (in Czech) V 5

BI-UI.21 Artificial Intelligence 2021 (in Czech) V 5

BI-PI.21 Computer Engineering 2021 (in Czech) V 5

BI-PG.21 Computer Graphics 2021 (in Czech) V 5

BI-PV.21 Computer Systems and Virtualization 2021 (in Czech) PS 5

BI-MI.21 Business Informatics 2021 (In Czech) V 5

Page updated 18. 4. 2024, semester: L/2020-1, L/2023-4, L/2019-20, Z/2021-2, L/2022-3, Z/2023-4, Z/2019-20, Z/2022-3, L/2021-2, Z/2024-5, Z/2020-1, Send comments to the content presented here to Administrator of study plans Design and implementation: J. Novák, I. Halaška

BI-ZSB.21	Basics of System Security			Extent of teaching:	2P+2C
Instructor:	Fornůsek S., Novák D., Svetlík M.			Completion:	Z,ZK
Department:	18106	Credits:	5	Semester:	Z

1.		Introduction to systems security, definition of basic terms, system security requirements.
2.		Operating systems security - threat model, security concepts.
3.		Operating systems security - secure design, role of OS in security.
4.		Memory and CPU architecture attacks (Meltdown, Spectre).
5.		Access control in operating systems.
6.		Introduction to forensic analysis, terminology, methodology, applications.
7.		Forensic analysis - data acquisition.
8.		Forensic analysis of file systems and its artefacts.
9.		Security incident response.
10.		Malware analysis (online services, static analysis, dynamic analysis).
11.		Vulnerability management and Patch management.
12.		Business Continuity Management.
13.		Disaster Recovery.

1.		Security features in OS Windows
2.		Security features in OS Linux, SELinux
3.		Access control in Linux and Windows

5.		Basics of forensics analysis
6.		File system forensic analysis, MFT extraction and analysis
7.		Practical malware analysis

1.		Anderson R. : Security engineering - A Guide to building dependable distributed systems (2nd Edition). John Wiley & Sons, 2008. ISBN 978-0470068526.
2.		Perla E. : A Guide to Kernel Exploitation: Attacking the Core. Syngress, 2010. ISBN 978-1597494861.
3.		Arnes A. : Digital Forensics. John Wiley & Sons, 2017. ISBN 978-1119262381.
4.		Stallings W., Brown L. : Computer Security: Principles and Practice, Global Edition (4th Edition). Pearson, 2018. ISBN 978-1292220611.
5.		Anson S. : Applied Incident Response. John Wiley & Sons, 2020. ISBN 978-1119560265.