FI:PA211 Adv. Topics of Cyber Security - Course Information

PA211 Advanced Topics of Cyber Security

The course is not taught in Spring 2020

Extent and Intensity

2/1/1. 3 credit(s) (plus extra credits for completion). Type of Completion: zk (examination).

Teacher(s)

doc. Ing. Pavel Čeleda, Ph.D. (lecturer)
RNDr. Martin Drašar, Ph.D. (lecturer)
RNDr. Martin Husák, Ph.D. (lecturer)
RNDr. Daniel Kouřil, Ph.D. (lecturer)
RNDr. Michal Procházka, Ph.D. (lecturer)
RNDr. Petr Velan, Ph.D. (lecturer)
doc. RNDr. Jan Vykopal, Ph.D. (lecturer)
RNDr. Martin Laštovička, Ph.D. (seminar tutor)
RNDr. Stanislav Špaček, Ph.D. (seminar tutor)
RNDr. Bc. Dominik Velan, Ph.D. (seminar tutor)

Guaranteed by

doc. Ing. Pavel Čeleda, Ph.D.
Department of Computer Systems and Communications – Faculty of Informatics
Supplier department: Department of Computer Systems and Communications – Faculty of Informatics

Timetable of Seminar Groups

PA211/01: No timetable has been entered into IS. M. Drašar, D. Kouřil, M. Laštovička, M. Procházka, S. Špaček, D. Velan
PA211/02: No timetable has been entered into IS. M. Drašar, D. Kouřil, M. Laštovička, M. Procházka, S. Špaček, D. Velan

Prerequisites

(( PV210 Security in an organization || SOUHLAS) && ( PA159 Net-Centric Computing I || PA191 Advanced Computer Networking ) && ( PV065 UNIX -- Advanced Course I ))
recommended to concurrently enroll in PV077 UNIX -- Programming and System Management II

Course Enrolment Limitations

The course is also offered to the students of the fields other than those the course is directly associated with.
The capacity limit for the course is 30 student(s).
Current registration and enrolment status: enrolled: 0/30, only registered: 0/30, only registered with preference (fields directly associated with the programme): 0/30

fields of study / plans the course is directly associated with

there are 29 fields of study the course is directly associated with, display

Course objectives

This course aims at introducing aspects of building CSIRT (Computer Security Incident Response Team).

Learning outcomes

Graduate of this course shall be able to: organize establishment and operation of a CSIRT; understand advanced concepts in designing, developing, managing and analyzing of systems and tools used by a CSIRT; select appropriate methods of security monitoring, analysis and digital forensics for a given application;

Syllabus

• Cyber security in an organization (summary of the course Cyber security in an organization).
• Establishing of a CSIRT.
• Structure of a CSIRT.
• Penetration testing.
• Honeypots.
• Network security monitoring and attacks.
• Advanced methods of network traffic monitoring (packet and flow analysis - Wireshark, Bro, FlowMon).
• Advanced analysis of complex attacks (Bro Intelligence Module).
• Advance methods of detection and evidence of security threats using network traffic.
• Tools for digital forensic investigation (both commercial and open source).
• Methods of digital forensics.
• Forensic analysis of a simulated incident (analysis of data from heterogeneous sources).

Literature

• M. J. West-Brown, et al. Handbook for Computer Security Incident Response Teams (CSIRTs). No. CMU/SEI-2003-HB-002. Carnegie-Mellon University Pittsburgh, 2003. http://www.cert.org/archive/pdf/csirt-handbook.pdf
• K. Mell, P.: Guide to Intrusion Detection and Prevention Systems (IDPS). Recommendations of the National Institute of Standards and Technology, 2007.

Teaching methods

Lectures, 6 seminars, 6 assignments (homework) during the semester.

Assessment methods

Assignments during the semester (40 %), written exam (60 %).

Language of instruction

English

Further Comments

The course is taught annually.

• Enrolment Statistics (Spring 2020, recent)
  
• Permalink: https://is.muni.cz/course/fi/spring2020/PA211