Please note! Course description is confirmed for two academic years, which means that in general, e.g. Learning outcomes, assessment methods and key content stays unchanged. However, via course syllabus, it is possible to specify or change the course execution in each realization of the course, such as how the contact sessions are organized, assessment methods weighted or materials used.

LEARNING OUTCOMES

Learn how to identify and address security requirements relevant to a given context
Become familiar with information security concepts and terminology
Learn about information security lifecycle and its relevant processes
Discover available resources for secure systems development

Credits: 6

Schedule: 14.01.2022 - 25.02.2022

Teacher in charge (valid for whole curriculum period):

Teacher in charge (applies in this implementation): Hadi Ghanbari

Contact information for the course (applies in this implementation):

CEFR level (valid for whole curriculum period):

Language of instruction and studies (applies in this implementation):

Teaching language: English. Languages of study attainment: English

CONTENT, ASSESSMENT AND WORKLOAD

Content
  • valid for whole curriculum period:

    Introduction to Information Security (e.g. core security concepts)
    Information Security Policies and Standards
    Information security lifecycle and relevant techniques (e.g. risk management, threat modeling)
    Case studies about information security implementation and failures

Assessment Methods and Criteria
  • valid for whole curriculum period:

    Spring 2022:

    To pass the course, the studnets must at least gain 50 points by completing the following tasks: 

    1. Self-study (10%): students can gain maximum of 10 points by studying the course material and answering a set of online quizzes integrated into the material.  
    2. Individual Essay (15%): students can gain maximum of 15 points by writing an essay (2000-3000 words) about one of the topics to be introduced during the first session of the course.
    3. Group Task (40%): students can gain maximum of 40 points by forming a team of 4-5 and performing a security analysis and propose a high-level security design. The purpose of this task is to apply the theoretical knowledge gained during the lectures or by reading relevant literature.
    4. Final exam (35%): Students can gain maximum of 35 points by attending the final exam. The exam questions are based on the course slides and supplement

Workload
  • valid for whole curriculum period:

    Spring 2021:
    The course consists of approximately 100 hours of
    independent work and 60 hours of group work

    Spring 2022:

    The course consist of approximately 60 hours of independent work and 100 hours of group work.  The attendance in the contact sessions is not compulsory for those students who choose to complete the course remotely.

DETAILS

Study Material
  • valid for whole curriculum period:

    Course content designed based on the following books:
    1.Raggad, B. G. (2010). Information security management: concepts and practice. CRC Press.
    2.Andress (2014).The basics of information security: understanding the fundamentals of InfoSec in theory and practice. Syngress.
    3.Mano, P (2011). Official (ISC)2 Guide to the CSSLP CBK, Second Edition. CRC Press.
    5.Scientific publications and other publicly available online materials (e.g. OWASP, SANS, NIST, US-CERT)

Substitutes for Courses
Prerequisites
SDG: Sustainable Development Goals

    9 Industry, Innovation and Infrastructure

FURTHER INFORMATION

Further Information
  • valid for whole curriculum period:

    Students need to answer to a pre-assignment before the course begins in MyCourses.


    Teaching Period:

    2020-2021 Spring III

    2021-2022 Spring III


    Course Homepage: https://mycourses.aalto.fi/course/search.php?search=ISM-E2003


    Registration for Courses: In the academic year 2021-2022, registration for courses will take place on Sisu (sisu.aalto.fi) instead of WebOodi.

    Student registration will be confirmed after completing the pre-course assignment.