IT security management 2700-M-LM-Z4ZABE
The aim of the lecture is to familiarize students with the basic issues such as:
1. Security of information systems, assumptions of information security (confidentiality, non-repudiation, privacy, integrity, availability, reliability, authorization, authentication).
2. Classification of computer viruses, computer viruses, anticipated development of threats to information systems, raising the level of security.
3. Network burglaries and attacks, direct and distributed attacks, DoS attack, sniffing, spoofing, phishing, hackers.
4. Securing computer networks against loss of information and intrusions. Archiving backups. Standard PN-EN ISO / IEC 27001 - Information security management system.
5. Control of IT resources in the company. Software management. Software legality. Computer and Internet monitoring. Helpdesk. Remote control.
6. Risk management, standard 31000. Analysis and risk assessment.
7. Security policy. Documents related to information security in the company. Security incidents.
8. Protection of personal data. RODO. Encryption of information. Secure mail. BYOD.
9. The rules of safe use of the computer and the Internet.
10. Reports on IT security threats. Training.
11. Handling of valuable company resources in emergency and emergency situations as well as model security procedures in the institution.
Type of course
Course coordinators
Learning outcomes
After completing the course, students:
KNOWLEDGE:
After completing the course, the student will have knowledge of how to manage IT security and what documents to use. Standards.
SKILLS:
After completing the course, the student: can manage IT security. He knows what documents to create based on relevant standards.
OTHER COMPETENCES:
Assessment criteria
Presence and activity in the classroom. Exam
Bibliography
Białas A., Bezpieczeństwo informacji i usług w nowoczesnej firmie, Wydawnictwo Naukowo-Techniczne, Warszawa 2007;
Reuvid J., E-biznes bez ryzyka, Helion, Gliwice 2007; Piprzyk J., Hardjono T., Seberry J.,
Teoria bezpieczeństwa systemów komputerowych, Helion, Gliwice 2003; Waglowski P.,
Prawo w sieci, Helion, Gliwice 2005;
Urbanowicz P., Ochrona informacji w sieciach komputerowych, Wydawnictwo KUL, Lublin 2004;
Liderman K., Analiza ryzyka i ochrona informacji w systemach komputerowych, Wydawnictwo PWN, Warszawa 2008
Additional information
Additional information (registration calendar, class conductors, localization and schedules of classes), might be available in the USOSweb system: