English   Danish

2014/2015  KAN-CIEBV2008U  IT Security

English Title
IT Security

Course information
Language English
Course ECTS 7.5 ECTS
Type Elective
Level Full Degree Master
Duration One Semester
Course period Autumn
Timetable Course schedule will be posted at calendar.cbs.dk
Min. participants 25
Max. participants 40
Study board
Study Board for BSc/MSc in Business Administration and Information Systems, MSc
Course coordinator
  • Freddie Drewsen - DIGI
Main academic disciplines
  • Information Systems
  • Statistics and mathematics
  • Corporate and Business Strategy
Last updated on 09-04-2014
Learning objectives
At the end of the course, the student should be able to
• identify and explain main areas in IT security
• compare and analyse technologies within IT-security
• identify and evaluate threats, vulnerabilities and risk for a given system
• perform a risk analysis

In the case of mini project the student should either
• carry out a small risk analysis of a given case/organisation
• or analyse a given new security technology or security problem.
Course prerequisites
The course requires a basic knowledge of math such as primes, modulus and exponentiation. Furthermore binary representation of numbers and characters should be understood. A minimum knowledge of networking and TCP/IP is required.
Examination
IT Security:
Exam ECTS 7,5
Examination form Oral exam based on written product

In order to participate in the oral exam, the written product must be handed in before the oral exam; by the set deadline. The grade is based on an overall assessment of the written product and the individual oral performance.
Individual or group exam Group exam, max. 2 students in the group
The oral exam starts with the defense of the mini project. Slides could be used in this part. Following the defense each student will be examined in the curriculum. One third of the exam time is allocated to the defense and one third of the time is for examination in curriculum. The remaining time is for examiners' discussion of grade, and informing plus explaining the grade
Size of written product Max. 15 pages
The subject of the mini project is chosen by the students during the course. Students are free to choose their own topic as long as it is within the field of IT security. Learning objectives should be fulfilled. Consult the course coordinator if in doubt.
Assignment type Project
Duration
Written product to be submitted on specified date and time.
20 min. per student, including examiners' discussion of grade, and informing plus explaining the grade
Preparation time No preparation
Grading scale 7-step scale
Examiner(s) Internal examiner and external examiner
Exam period December/January
Aids allowed to bring to the exam Closed Book
Make-up exam/re-exam
Same examination form as the ordinary exam
Course content and structure
The field of IT security – or rather Information Communication Technology (ICT) security is a broad research field rooted in computer science, math, psychology and economics. The field covers issues like privacy, integrity, availability, authentication and non repudiation, and spans problems within the entire society from citizens through business to national security.
 
This course will give the student a fundamental understanding of some aspects of the field. Starting with an introduction to cryptology as a basic tool, the course will discuss authentication methods (OpenId etc.), access controls, privacy concerns, threats to network communication (e.g. Eavesdropping, Denial of Service attacks), malicious software. Finally the course will introduce organizational controls like risk management, security policies, and continuity planning to mitigate risks.
 
The course could be use as a preparation for a subsequent CÍSSP certification.
Teaching methods
The course will consist of lectures and exercises, complemented by one or two guest lectures.
Student workload
Lectures 24 hours
Prepare to class 96 hours
Exercises 25 hours
Exam and prepare 62 hours
Total 207 hours
Further Information
Changes in course schedule may occur
Monday 08.00-11.30, week 36-41, 43-48
Expected literature
Lecture material and a list of literature will be provided at the web site for the course
 
Main text book
    Computer Security: Principles and Practices: International Edition, 2/E
    William Stallings and Lawrie Brown, Pearson Higher Education.
Last updated on 09-04-2014