PA211 Advanced Topics of Cyber Security

Faculty of Informatics
Spring 2017
Extent and Intensity
2/1/1. 3 credit(s) (plus extra credits for completion). Type of Completion: zk (examination).
Teacher(s)
doc. Ing. Pavel Čeleda, Ph.D. (lecturer)
RNDr. Martin Drašar, Ph.D. (lecturer)
RNDr. Daniel Kouřil, Ph.D. (lecturer)
RNDr. Michal Procházka, Ph.D. (lecturer)
doc. RNDr. Jan Vykopal, Ph.D. (lecturer)
RNDr. Tomáš Jirsík, Ph.D. (seminar tutor)
RNDr. Martin Laštovička, Ph.D. (seminar tutor)
RNDr. Petr Velan, Ph.D. (seminar tutor)
RNDr. Martin Vizváry (seminar tutor)
RNDr. Martin Husák, Ph.D. (assistant)
Guaranteed by
doc. RNDr. Eva Hladká, Ph.D.
Department of Computer Systems and Communications – Faculty of Informatics
Supplier department: Department of Computer Systems and Communications – Faculty of Informatics
Timetable
Wed 16:00–17:50 C525
  • Timetable of Seminar Groups:
PA211/01: each even Thursday 8:00–9:50 B117, T. Jirsík, D. Kouřil, M. Laštovička, M. Procházka, P. Velan
PA211/02: each odd Thursday 8:00–9:50 B117, T. Jirsík, D. Kouřil, M. Laštovička, M. Procházka, P. Velan
Prerequisites (in Czech)
(( PV210 Security in an organization || SOUHLAS ) && ( PA159 Net-Centric Computing I || PA191 Advanced Computer Networking ) && ( PV065 UNIX -- Advanced Course I ))
recommended to concurrently enroll in PV077 UNIX -- Programming and System Management II
Course Enrolment Limitations
The course is offered to students of any study field.
The capacity limit for the course is 30 student(s).
Current registration and enrolment status: enrolled: 0/30, only registered: 0/30, only registered with preference (fields directly associated with the programme): 0/30
Course objectives (in Czech)
Graduate of this course shall be able to: organize establishment and operation of a CSIRT; understand advanced concepts in designing, developing, managing and analyzing of systems and tools used by a CSIRT; select appropriate methods of security monitoring, analysis and digital forensics for a given application;
Syllabus (in Czech)
  • Cyber security in an organization (summary of the course Cyber security in an organization).
  • Establishing of a CSIRT.
  • Structure of a CSIRT.
  • Penetration testing.
  • Honeypots.
  • Network security monitoring and attacks.
  • Advanced methods of network traffic monitoring (packet and flow analysis - Wireshark, Bro, FlowMon).
  • Advanced analysis of complex attacks (Bro Intelligence Module).
  • Advance methods of detection and evidence of security threats using network traffic.
  • Tools for digital forensic investigation (both commercial and open source).
  • Methods of digital forensics.
  • Forensic analysis of a simulated incident (analysis of data from heterogeneous sources).
Literature
  • M. J. West-Brown, et al. Handbook for Computer Security Incident Response Teams (CSIRTs). No. CMU/SEI-2003-HB-002. Carnegie-Mellon University Pittsburgh, 2003. http://www.cert.org/archive/pdf/csirt-handbook.pdf
  • K. Mell, P.: Guide to Intrusion Detection and Prevention Systems (IDPS). Recommendations of the National Institute of Standards and Technology, 2007.
Teaching methods (in Czech)
Lectures, 6 seminars, 6 assignments (homework) during the semester.
Assessment methods (in Czech)
Assignments during the semester (40 %), written exam (60 %).
Language of instruction
English
Further Comments
Study Materials
The course is taught annually.
The course is also listed under the following terms Spring 2016, Spring 2018, Spring 2019, Autumn 2022, Spring 2023, Spring 2024.
  • Enrolment Statistics (Spring 2017, recent)
  • Permalink: https://is.muni.cz/course/fi/spring2017/PA211