Knowledge of the main categories of attack against IT systems. Knowledge and critical evaluation of the main concepts (e.g. encryption and digest) and technologies (e.g. PKI, firewall, VPN, TLS, S/MIME) for IT security. Knowledge and critical evaluation of the security architectures for authentication and access control and the ability to tailor them to the protection of IT systems. Ability to analyse the risks of a network application and design solutions for their protection. Knowledge of the general concepts and theories from the sociological heritage applied to security of IT systems.

Foundations of telecommunication systems. Local and wide area networks, wired and wireless (Ethernet, ADSL, Wifi, GSM, IP, routing, ...). TCP/IP networks and applications. High-level programming (C, C++, or Java) and web programming (JS, PHP). Operating systems and database.

(2 CFU) Computer systems (in)security: problems and attacks (sniffing, spoofing, DOS, …), risk analysis and management. (1 CFU) Basic protection techniques: steganography, cryptography, digest, X.509 certificates, certification authorities (CA) and public-key infrastructures (PKI). (1 CFU) Authentication techniques (password, challenges, Kerberos) and related hardware devices (token and smart card). (1 CFU) Network security: network access protection (PAP, CHAP, EAP, IEEE 802.1x); protection of IP networks and their configuration/management protocols; firewall and IDS to create protected subnets; virtual private networks (VPN). (1 CFU) Application security: e-mail protection (PGP, S/MIME), web security (SSL, TLS) and remote access protection (SSH, TLS), securing web applications. (2 CFU) Social sciences for cybersecurity. The general framework of social sciences (What are social sciences compared to «just» science? What are they for a future technician/engineer?) Risk Society studies (risk, uncertainty, cognitive biases, (dis)trust in expert systems, expanding the idea of rationality). Communicating and representing complexity (the role of social representations of risk, uncertainty, trust, and security, tricks and threats of communicating complexity in the digital era).

The course consists of lectures (56 hours), classroom exercises (9 hours), and laboratories(15 hours). The laboratory includes the development and analysis of several security solutions. There will be five laboratory subjects. The classroom exercises will analyse security solutions, including those tested in the laboratory.

Handouts of the instructor's foils and manuals for laboratory coursework. All learning material is available at the teaching portal. An auxiliary textbook, covering many but not all topics, is: - W. Stallings, "Cryptography and Network Security - principles and practice", Prentice-Hall

Lecture slides; Lab exercises; Video lectures (current year);

Exam: Written test;

Written test (90 minutes) with up to 10 open or closed questions about the analysis and design of security solutions, including the knowledge acquired with the laboratory exercises. For closed questions, there is no penalty for a missing answer while there is penalty for a wrong one. The written test is a “closed book” one and the maximum grade is 30/30.

In addition to the message sent by the online system, students with disabilities or Specific Learning Disorders (SLD) are invited to directly inform the professor in charge of the course about the special arrangements for the exam that have been agreed with the Special Needs Unit. The professor has to be informed at least one week before the beginning of the examination session in order to provide students with the most suitable arrangements for each specific type of exam.