![[RBI] Handling of security incidents](https://www.kis.fri.uniza.sk/wp-content/themes/Divi-child/imgs/KIS-subject-default.png)
Main objectives of the course:
After completing the course, the student will acquire the knowledge and skills necessary to successfully complete the tasks, duties and responsibilities of the security analyst in the Security Operations Center.
After completing the course, the student will know to:
• Explain the role of the analyst within cybersecurity
• Explain Windows and Linux resources and characteristics to support analysis within cybersecurity
• Analyze operations within network protocols and services
• Explain network infrastructure operations
• Classify different types of network attacks
• Use network monitoring tools to identify attacks against network protocols and services
• Use different methods to prevent malicious access to computer networks, users, and data
• Explain the effects of cryptography in monitoring security networks
• Identify network security messages, logs and reports
• Analyze network traffic to verify potential network abuse
• Apply incident response models, and obtain resources to manage network security incidents
Lecturers from the department:
| Course information sheet | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| University: University of Žilina | |||||||||||||
| Faculty: Faculty of Management Science and Informatics | |||||||||||||
| Course ID: 5BM131 | Course name: Handling of security incidents (RBI) | ||||||||||||
| Form, extent and method of teaching activities: | |||||||||||||
| Number of classes per week in the form of lectures, laboratory exercises, seminars or clinical practice | Lectures: 2.0 Seminars: 0.0 Lab.exercises: 2.0 | ||||||||||||
| Methods by which the educational activity is delivered | Present form of education | ||||||||||||
| Applied educational activities and methods suitable for achieving learning outcomes | |||||||||||||
| Number of credits: 5.0 | |||||||||||||
| Study workload: hours Specification of the study workload: | |||||||||||||
| Recommended term of study: 3. year, winter semester | |||||||||||||
| Study degree: 1. | |||||||||||||
| Required subsidiary courses: Prerequisites: Principles of Information and Communication Networks, Computer Networks 1, Introduction to Operating Systems Co-requisites: | |||||||||||||
| Course requirements: Continuous assessment / evaluation: A. Ongoing written tests [weight 30% of total score]. B. Practical assignments [weight 40% of total score]. Final assessment /evaluation: A. Final written test [weight 10% of total score]. B. Practical skill exam or project [weight 20% of total score]. The final score is the sum of the continuous and final examination: <92,100> points A <84, 92) points B <76, 84) points C <68, 76) points D <60, 68) points E To enroll for an exam student must have - points. | |||||||||||||
| Course outcomes: After completing the course, the student will acquire the knowledge and skills necessary to successfully complete the tasks, duties and responsibilities of the security analyst in the Security Operations Center. After completing the course, the student will know to: • Explain the role of the analyst within cybersecurity • Explain Windows and Linux resources and characteristics to support analysis within cybersecurity • Analyze operations within network protocols and services • Explain network infrastructure operations • Classify different types of network attacks • Use network monitoring tools to identify attacks against network protocols and services • Use different methods to prevent malicious access to computer networks, users, and data • Explain the effects of cryptography in monitoring security networks • Identify network security messages, logs and reports • Analyze network traffic to verify potential network abuse • Apply incident response models, and obtain resources to manage network security incidents | |||||||||||||
| Course scheme: Lectures: Concept of Cyber Security Operations Center Selected means of OS Windows and Linux for support of analyzes in cyber security Network attacks Network security options Public key cryptography and infrastructure Security and endpoint analysis Monitoring network security Data analysis on security breach Responses to network security breaches Seminars and Laboratory work: Laboratory exercises will be devoted to the use of the above knowledge to solve practical tasks in the laboratory (working with tools to effectively monitor network security and data archiving for later analysis, network security incident analysis and management, ethical hacking). | |||||||||||||
| Literature: 1. Cisco Networking Academy Curriculum: Cisco Certified CyberOps Associate 2. CCNA Cybersecurity Operations Companion Guide, Jun 17, 2018, Cisco Press, ISBN-10: 0-13-516624-1, ISBN-13: 978-0-13-516624-6 | |||||||||||||
| Instruction language: slovak/english | |||||||||||||
| Notes: | |||||||||||||
| Course evaluation:: Total number of evaluated students: 0
| |||||||||||||
| A | B | C | D | E | FX | ||||||||
| 0 % | 0 % | 0 % | 0 % | 0 % | 0 % | ||||||||
| Course teachers: | |||||||||||||
| Last updated: 2021-01-19 11:26:03.000 | |||||||||||||
| The person responsible for the course: prof. Ing. Pavel Segeč, PhD. | |||||||||||||
| Approved by: prof. Ing. Pavel Segeč, PhD. | |||||||||||||