Base Knowledge
Basic knowledge in computer networks and in operative systems
Teaching Methodologies
The topics are presented in vocational and theoretical classes which include the theoretical explanation of concepts and the demonstration of their application through practical examples. Slides and practical exercises are used for this purpose.
Learning Results
The curricular unit of “IT Security” from the Management IT Degree has as main goal to give students knowledge and to develop skills in the IT security area. In addition to the understanding of the basics, it is intended that the students acquire knowledge about the techniques and technology that can be used to implement security solutions in IT systems, and also that they develop the following fundamental skills:
- To understand the main concepts related with IT security and cybersecurity.
- To understand the fundamental notions of cryptography and the main protocols.
- To apply the cryptography concepts in the adequate configuration of the Internet services.
- To use filtering applications of packages and attacks’ detection.
- To elaborate technical reports about IT security solutions.
- To understand the issues related with the need of awareness of the IT security and cybersecurity.
- To understand the issues related with ethics in IT security.
Program
1. Introduction to IT security
1.1. Definition of IT security, information security and cybersecurity
1.2. Challenges in IT security
1.3. Fundamental principles of IT security
1.4. Security mechanisms and services
1.5. Types of attacks
2. Fundamental concepts in IT networks’ security
2.1. Generic model of networks’ security
2.2. Fundamental principles of network security mechanisms
2.3. Short contextualisation of the API of available packages’ capture
2.4. Applications of injection and capture of packages in a computers’ network
3. Fundamental notions in cryptography
3.1. Conventional model and classical cryptography
3.2. Block and stream ciphers
3.3. Functioning of the block and stream symmetric cryptography’s algorithms
3.4. RC4 and DES algorithms
3.5. Asymmetric cryptography – basics and computational requirements
3.6. Functioning of the asymmetric cryptography algorithms – RSA
3.7. Authentication and confidentiality using asymmetric cryptography
3.8. Hash functions and messages authentication
4. Distribution of keys and users’ authentication
4.1. Digital certificates
4.2. Certification authorities
5. IT security auditing
5.1. Recognition
5.2. Weaknesses’ identification
6. Malware
6.1. Notion of virus
6.2. Notion of trojan
6.3. Examples
7. Intrusion Detection Systems
7.1. General principles
7.2. IDS Classification
7.3. IDS based on signatures and behaviour
7.4. Performance assessment metrics
8. Human factor and ethics
8.1. Good practice
8.2. Cyber awareness
8.3. Legislation
8.4. Cybersecurity slang
8.5. Main entities related with cybersecurity management
Curricular Unit Teachers
Internship(s)
NAO
Bibliography
- William Stallings; “Network Security Essentials, 6th edition”; ISBN: 978-0134527338; Pearson
- William Stallings; “Cryptography and Network Security, 7th edition”; ISBN: 978-9332585225; Pearson
- Michael E. Whitman, Herbert J. Mattord; “Principles of Information Security”; ISBN: 9781337102063; Cengage Learning
- André Zuquete; “Segurança em Redes Informática”; ISBN: 978-972-722-923-9; FCA
- Jorge Granjal; “Segurança prática em sistemas e redes com Linux”; ISBN: 978-972-722-865-2; FCA
- Mário Antunes, Baltazar Rodrigues “Introdução à cibersegurança”; ISBN: 978-972-722-861-4; FCA