[RBI] Handling of security incidents

BCKIS

[RBI] Handling of security incidents

Main objectives of the course:

After completing the course, the student will acquire the knowledge and skills necessary to successfully complete the tasks, duties and responsibilities of the security analyst in the Security Operations Center.
After completing the course, the student will know to:
• Explain the role of the analyst within cybersecurity
• Explain Windows and Linux resources and characteristics to support analysis within cybersecurity
• Analyze operations within network protocols and services
• Explain network infrastructure operations
• Classify different types of network attacks
• Use network monitoring tools to identify attacks against network protocols and services
• Use different methods to prevent malicious access to computer networks, users, and data
• Explain the effects of cryptography in monitoring security networks
• Identify network security messages, logs and reports
• Analyze network traffic to verify potential network abuse
• Apply incident response models, and obtain resources to manage network security incidents

Lecturers from the department:

Course information sheet
University: University of Žilina
Faculty: Faculty of Management Science and Informatics
Course ID: 5BM131Course name: Handling of security incidents (RBI)
Form, extent and method of teaching activities:
Number of classes per week in the form of lectures,
laboratory exercises, seminars or clinical practice
Lectures: 2.0 Seminars: 0.0 Lab.exercises: 2.0
Methods by which the educational activity is deliveredPresent form of education
Applied educational activities and methods suitable for achieving learning outcomes
Number of credits: 5.0
Study workload: hours
Specification of the study workload:
Recommended term of study: 3. year, winter semester
Study degree: 1.
Required subsidiary courses:
Prerequisites:
Principles of Information and Communication Networks, Computer Networks 1, Introduction to Operating Systems
Co-requisites:
Course requirements:
Continuous assessment / evaluation:
A. Ongoing written tests [weight 30% of total score].
B. Practical assignments [weight 40% of total score].

Final assessment /evaluation:
A. Final written test [weight 10% of total score].
B. Practical skill exam or project [weight 20% of total score].
The final score is the sum of the continuous and final examination:
<92,100> points A
<84, 92) points B
<76, 84) points C
<68, 76) points D
<60, 68) points E
To enroll for an exam student must have - points.
Course outcomes:
After completing the course, the student will acquire the knowledge and skills necessary to successfully complete the tasks, duties and responsibilities of the security analyst in the Security Operations Center.
After completing the course, the student will know to:
• Explain the role of the analyst within cybersecurity
• Explain Windows and Linux resources and characteristics to support analysis within cybersecurity
• Analyze operations within network protocols and services
• Explain network infrastructure operations
• Classify different types of network attacks
• Use network monitoring tools to identify attacks against network protocols and services
• Use different methods to prevent malicious access to computer networks, users, and data
• Explain the effects of cryptography in monitoring security networks
• Identify network security messages, logs and reports
• Analyze network traffic to verify potential network abuse
• Apply incident response models, and obtain resources to manage network security incidents
Course scheme:
Lectures:
Concept of Cyber Security Operations Center
Selected means of OS Windows and Linux for support of analyzes in cyber security
Network attacks
Network security options
Public key cryptography and infrastructure
Security and endpoint analysis
Monitoring network security
Data analysis on security breach
Responses to network security breaches

Seminars and Laboratory work:
Laboratory exercises will be devoted to the use of the above knowledge to solve practical tasks in the laboratory (working with tools to effectively monitor network security and data archiving for later analysis, network security incident analysis and management, ethical hacking).
Literature:
1. Cisco Networking Academy Curriculum: Cisco Certified CyberOps Associate
2. CCNA Cybersecurity Operations Companion Guide, Jun 17, 2018, Cisco Press, ISBN-10: 0-13-516624-1, ISBN-13: 978-0-13-516624-6
Instruction language: slovak/english
Notes:
Course evaluation::
Total number of evaluated students: 0
ABCDEFX
0 %0 %0 %0 %0 %0 %
ABCDEFX
0 %0 %0 %0 %0 %0 %
Course teachers:
Last updated: 2021-01-19 11:26:03.000
The person responsible for the course: prof. Ing. Pavel Segeč, PhD.
Approved by:
SOURCE: https://vzdelavanie.uniza.sk/vzdelavanie/planinfo.php?kod=274870&lng=en