Introduction to IT-Operations and Information Security
Study plans 2016-2017
-
IMT1003
- 10 ECTS
Expected learning outcomes
Knowledge:
- Basic IT concepts and methodologies
- History, terms, concepts, threats, attacks, and controls about information security
- Legal/ethic, technical, organizational, and cultural aspects of information security
- Best practices in security planning and management
Skills:
- Basic practical skills for IT operations
- Methodologies for information security project planning, implementation, and management
- Ability to identify potential security threats and to identify the correct information resource to address the threats
- Basic communications skills in explaining the problem and presenting the security plan
- Basic skill in literature and status survey and report writing
General competence:
- Are aware of relevant professional, legal and ethical issues
- Can carry out and document work independently in keeping with academic practice
- Can convey technical material both written and oral
- Students should be familiar with basic methods of thinking and innovation
Topic(s)
Part I: IT preliminaries
- Computer principles
- Network and data communications
- Command line interfaces
Part II: Information security principles
- Overview: history and concepts
- Legal and ethical issues
- Risk management
- Information security planning (standards, best practice, and continuity strategies)
- VPN, firewall, and intrusion detection
- Authentication, identity management, privacy enhancing technologies
- Database and cloud security
- Cryptography
- Physical security
- Usability issues
- Human factors (organizational and culture aspects) in deploying information security
- Implementation and maintenance (software security, hardware security, system auditing and forensics, information security certifications)
Teaching Methods
Lectures
Group works
Mandatory assignments
Form(s) of Assessment
Portfolio Assessment
Written exam, 3 hours
Form(s) of Assessment (additional text)
Portfolio Assessment (veight 30%) consists of 2 assignments. The assignments are to be delivered via Fronter and as a two-sided print to the exams office.
Written Exam (veight 70%), 3 hours.
Both parts must be passed.
Grading Scale
Alphabetical Scale, A(best) – F (fail)
External/internal examiner
Internal examiner
Re-sit examination
Re-sit of written exam in August.
If fail on the portfolio, agreement on improvement must be made with course responsible.
Tillatte hjelpemidler
Code D: No printed or hand-written support material is allowed. A specific basic calculator is allowed.
Read more about permitted examination aids.
Coursework Requirements
None.
Teaching Materials
Core reading:
- Michael E. Whitman and Herbert J. Mattord: Principles of Information Security, Thomson Course Technology, 5. ed (2015)
Additional readings
- William Stallings and Lawrie Brown: Computer Security: Principles and Practice, 3. ed. (2014)
- Gene Kim, Kevin Behr and George Spafford: The Phoenix Project: A Novel About IT, Dev Ops and Helping your Business Win, IT Revolution Press, First edition (2013). Available as e-book on Amazon
- Torgeir Daler, Roar Gulbrandsen, Tore Audun High and Torbjørn Sjølstad: Handbook for Computer Security - information technology and risk management, Tapir Academic Press, 3rd edition (2010)
- Personal Data Act and the Personal Data Regulations (available online: www.lovdata.no)
Replacement course for
IMT1121