Please note! Course description is confirmed for two academic years, which means that in general, e.g. Learning outcomes, assessment methods and key content stays unchanged. However, via course syllabus, it is possible to specify or change the course execution in each realization of the course, such as how the contact sessions are organized, assessment methods weighted or materials used.
LEARNING OUTCOMES
•Learn how to identify and address security requirements relevant to a given context
•Become familiar with information security concepts and terminology
•Learn about information security lifecycle and its relevant processes
•Discover available resources for secure systems development
Credits: 6
Schedule: 15.01.2021 - 26.02.2021
Teacher in charge (valid 01.08.2020-31.07.2022): Hadi Ghanbari
Teacher in charge (applies in this implementation): Hadi Ghanbari
Contact information for the course (applies in this implementation):
CEFR level (applies in this implementation):
Language of instruction and studies (valid 01.08.2020-31.07.2022):
Teaching language: English
Languages of study attainment: English
CONTENT, ASSESSMENT AND WORKLOAD
Content
Valid 01.08.2020-31.07.2022:
•Introduction to Information Security (e.g. core security concepts)
•Information Security Policies and Standards
•Information security lifecycle and relevant techniques (e.g. risk management, threat modeling)
•Case studies about information security implementation and failures
Assessment Methods and Criteria
Valid 01.08.2020-31.07.2022:
Spring 2022:
To pass the course, the studnets must at least gain 50 points by completing the following tasks:
- Self-study (10%): students can gain maximum of 10 points by studying the course material and answering a set of online quizzes integrated into the material.
- Individual Essay (15%): students can gain maximum of 15 points by writing an essay (2000-3000 words) about one of the topics to be introduced during the first session of the course.
- Group Task (40%): students can gain maximum of 40 points by forming a team of 4-5 and performing a security analysis and propose a high-level security design. The purpose of this task is to apply the theoretical knowledge gained during the lectures or by reading relevant literature.
- Final exam (35%): Students can gain maximum of 35 points by attending the final exam. The exam questions are based on the course slides and supplementary material which will be provided during the course.
Spring 2021:
To pass the course, the studnets must at least gain 50 points by completing the following tasks:
- Self-study (10%): students can gain maximum of 10 points by studying the course material and answering a set of online quizzes integrated into the material.
- Individual Essay (15%): students can gain maximum of 10 points by writing an essay (2000-3000 words) about one of the topics to be introduced during the first session of the course.
- Group Task (35%): students can gain maximum of 40 points by forming a team of 4-5 and performing a security analysis and propose a high-level security design. The purpose of this task is to apply the theoretical knowledge gained during the lectures or by reading relevant literature.
- Final exam (40%):
- Students can gain maximum of 40 points by attending the
final exam. The exam questions are based on the course slides and
supplementary material which will be provided during the course.
- Students can gain maximum of 40 points by attending the
Workload
Valid 01.08.2020-31.07.2022:
Spring 2021:
The course consists of approximately 100 hours of
independent work and 60 hours of group workSpring 2022:
The course consist of approximately 60 hours of independent work and 100 hours of group work. The attendance in the contact sessions is not compulsory for those students who choose to complete the course remotely.
DETAILS
Study Material
Valid 01.08.2020-31.07.2022:
Course content designed based on the following books:
1.Raggad, B. G. (2010). Information security management: concepts and practice. CRC Press.
2.Andress (2014).The basics of information security: understanding the fundamentals of InfoSec in theory and practice. Syngress.
3.Mano, P (2011). Official (ISC)2 Guide to the CSSLP CBK, Second Edition. CRC Press.
5.Scientific publications and other publicly available online materials (e.g. OWASP, SANS, NIST, US-CERT)
Prerequisites
Valid 01.08.2020-31.07.2022:
- Management Information Systems OR Information Systems Development
SDG: Sustainable Development Goals
9 Industry, Innovation and Infrastructure