course aims in Estonian
Aine eesmärk on tutvustada küberturbe baasmõisteid, olemust ja peamisi tehnikaid, samuti nende kasutatavust praktikas turbe erinevates stsenaariumides.
course aims in English
To introduce the nature, basic concepts and main techniques of cyber security as well as their usability on practice for different security scenarios.
learning outcomes in the course in Est.
Üliõpilane:
- on kursis peamiste küberturbe mõistete ja nende sisuga;
- tunneb põhilisi küberturbe tehnikaid ja oskab neid kasutada tüüpsituatsioonides;
- on kursis tüüpse kurivara käitumismustritega;
- on kursis krüptograafia pakutavate meetoditega küberturbes ja oskab neid kasutada krüpteerimisel ja signeerimisel, samuti on kursis avaliku võtme taristu põhimõtetega;
- suudab testida paroolide turvalisust, kasutades sõnastikründeid ja vikerkaaretabeleid;
- on kursis andmebaaside turbe ja võrguturbe tüüpvahenditega;
- suudab rakendada küberhügieeni parimaid tavasid;
- on baastasemel kursis küberturbe eetilise ja õigusliku poolega.
learning outcomes in the course in Eng.
Student:
- is familiar with the main concepts of cybersecurity and their content;
- knows the most common basic cybersecurity techniques and can use them in typical situations;
- is familiar with typical malware behaviour patterns;
- is familiar with the main cryptograhic methods in cybersecurity and is able to use them for encryption and signing purposes, as well as is familiar with the principles of PKI;
- can test password security by using dictionary attacks and rainbow tables;
- is familiar with the standard techniques for database security and network security;
- can implement best cyber hygiene practices;
- is familiar with the ethical and legal side of cyber security at the basic level.
brief description of the course in Estonian
Küberturbe olemus ja põhimõisted - varad, riskid, ohud, nõrkused, turvameetmed. Erinevad turbe ja jäärriski hindamise metoodikad, turbeülesande lahendamine. Krüptotehnilised meetodid küberturbes, erinevad krüptoalgoritmid ja nende kasutusvaldkonnad. Autentimine ja autoriseerimine, paroolide turve. E-allkirja (digiallkirja) vahendid, avaliku võtme taristu. Turvaline programmeerimine, andmebaaside turve, võrguturve. Veebirakenduste turve, OWASP. Küberhügieen. Turbe eetiline ja õiguslik pool, isikuandmete kaitse.
brief description of the course in English
Nature and basic concepts of cyber security - assets, risks, threats, weaknesses, security measures. Different security and risk assessment methods, security task solving process. Cryptographic techniques in cybersecurity, various cryptal algorithms and their uses. Authentication and authorization, password security. E-signature (digital signature) tools, PKI. Secure programming, database security, network security. Web Application Security, OWASP. Cyber Hygiene. Ethical and legal side of security, protection of personal data.
type of assessment in Estonian
-
type of assessment in English
-
independent study in Estonian
Teemakohane ettekanne seminaril (mida võib erandkorras asendada uurimistöö).
independent study in English
Thematic presentation at the seminar (which may exceptionally be replaced by the research).
study literature
- Edward Griffor. Handbook of System Safety and Security.Elsevier, 2016;
- Micki Krause Nozaki, and Harold F. Tipton. Information Security Management Handbook, 6th Edition, CRC Press, 2016;
- Ross Anderson. Security engineering. http://www.cl.cam.ac.uk/~rja14/book.html;
- H. Mägi, L. Vitsut. Infosõda: visioonid ja tegelikkus. Tallinn, EE, 2008;
- T. Beltier, J. Beltier, J. Blackley. Information Security Fundamentals. Auerbach, 2004.
study forms and load
daytime study: weekly hours
4.0
session-based study work load (in a semester):