LEARNING OUTCOMES
Learn how to identify and address security requirements relevant to a given context
Become familiar with information security concepts and terminology
Learn about information security lifecycle and its relevant processes
Discover available resources for secure systems development
Credits: 6
Schedule: 14.01.2022 - 25.02.2022
Teacher in charge (valid for whole curriculum period):
Teacher in charge (applies in this implementation): Hadi Ghanbari
Contact information for the course (applies in this implementation):
CEFR level (valid for whole curriculum period):
Language of instruction and studies (applies in this implementation):
Teaching language: English. Languages of study attainment: English
CONTENT, ASSESSMENT AND WORKLOAD
Content
valid for whole curriculum period:
Introduction to Information Security (e.g. core security concepts)
Information Security Policies and Standards
Information security lifecycle and relevant techniques (e.g. risk management, threat modeling)
Case studies about information security implementation and failures
Assessment Methods and Criteria
valid for whole curriculum period:
Spring 2022:
To pass the course, the studnets must at least gain 50 points by completing the following tasks:
- Self-study (10%): students can gain maximum of 10 points by studying the course material and answering a set of online quizzes integrated into the material.
- Individual Essay (15%): students can gain maximum of 15 points by writing an essay (2000-3000 words) about one of the topics to be introduced during the first session of the course.
- Group Task (40%): students can gain maximum of 40 points by forming a team of 4-5 and performing a security analysis and propose a high-level security design. The purpose of this task is to apply the theoretical knowledge gained during the lectures or by reading relevant literature.
- Final exam (35%): Students can gain maximum of 35 points by attending the final exam. The exam questions are based on the course slides and supplement
Workload
valid for whole curriculum period:
Spring 2021:
The course consists of approximately 100 hours of
independent work and 60 hours of group workSpring 2022:
The course consist of approximately 60 hours of independent work and 100 hours of group work. The attendance in the contact sessions is not compulsory for those students who choose to complete the course remotely.
DETAILS
Study Material
valid for whole curriculum period:
Course content designed based on the following books:
1.Raggad, B. G. (2010). Information security management: concepts and practice. CRC Press.
2.Andress (2014).The basics of information security: understanding the fundamentals of InfoSec in theory and practice. Syngress.
3.Mano, P (2011). Official (ISC)2 Guide to the CSSLP CBK, Second Edition. CRC Press.
5.Scientific publications and other publicly available online materials (e.g. OWASP, SANS, NIST, US-CERT)
Substitutes for Courses
valid for whole curriculum period:
Prerequisites
valid for whole curriculum period:
SDG: Sustainable Development Goals
9 Industry, Innovation and Infrastructure
FURTHER INFORMATION
Further Information
valid for whole curriculum period:
Students need to answer to a pre-assignment before the course begins in MyCourses.
Teaching Period:
2020-2021 Spring III
2021-2022 Spring III
Course Homepage: https://mycourses.aalto.fi/course/search.php?search=ISM-E2003
Registration for Courses: In the academic year 2021-2022, registration for courses will take place on Sisu (sisu.aalto.fi) instead of WebOodi.
Student registration will be confirmed after completing the pre-course assignment.
- Teacher: Ghanbari Hadi