level of course unit
Learning outcomes of course unit
The students know the principal goals and requirements concerning confidentiality, integrity, and availability of information systems. They are aware of the threat environment and specific types of attacks. They know how information systems can be secured against these types of attacks. They are also aware of management tasks in order to increase security for data, information, communication, and IT systems.
prerequisites and co-requisites
courses of the previous semester successfully completed
Contents of this course are:
- Threat environment: Goals of IT security, types of attackers and attacks, planning and managing IT security
- Cryptography and cryptographic system standards: symmetric and public/private key encryption, digital signatures, Hashing, authentication, digital certificates, TSL/SSL, IPSec, wireless security
- Access control: passwords, biometric methods, role-based access control, identity management
- Firewalls: principles, static packet filtering, stateful packet inspection, NAT, intrusion detection and
- Prevention systems, firewall architectures and management
- Host and Data Security: host hardening, vulnerability and exploits, vulnerability testing, data protection and backups
- Application Security: hardening applications, web server attacks, email security
- Incident and Disaster Response: incident response, laws and regulations, business continuity planning
recommended or required reading
- Comer, Douglas E.: Computer Networks and Internets: With Internet Applications, 6th Ed. - Upper Saddle River, Pearson Education, 2015.
- Panko, Raymond R.; Panko, Julia A.: Business Data Networks and Security, 10th Ed. - Edinburgh, Pearson, 2015.
- Rhodes-Ousley, Mark: Information Security: The Complete Reference, 2nd Ed. - New York et al., Mc Graw Hill education, 2013.
- Stallings, William: Network Security Essentials: Applications and Standards, 6th Ed., Edinburgh, Pearson Education , 2017.
- Tanenbaum, Andrew S.: Computer Networks, 5th Ed. - Boston, Pearson, 2011.
assessment methods and criteria
submission and presentation of tasks and/or written exam (together with ’IT-Security Lab’ as module-based grading)
language of instruction
number of ECTS credits allocated
eLearning quota in percent
planned learning activities and teaching methods
Lecture, group work, presentation and discussion of student tasks
semester/trimester when the course unit is delivered
name of lecturer(s)
Prof. (FH) Dr. Johannes Lüthi
year of study
recommended optional program components
course unit code
type of course unit
mode of delivery