VINCENZO CARLETTI | SYSTEMS AND NETWORKS SECURITY
VINCENZO CARLETTI SYSTEMS AND NETWORKS SECURITY
cod. 0622700115
SYSTEMS AND NETWORKS SECURITY
| 0622700115 | |
| DEPARTMENT OF INFORMATION AND ELECTRICAL ENGINEERING AND APPLIED MATHEMATICS | |
| EQF7 | |
| COMPUTER ENGINEERING | |
| 2024/2025 |
| OBBLIGATORIO | |
| YEAR OF COURSE 2 | |
| YEAR OF DIDACTIC SYSTEM 2022 | |
| AUTUMN SEMESTER |
| SSD | CFU | HOURS | ACTIVITY | |
|---|---|---|---|---|
| ING-INF/05 | 3 | 24 | LESSONS | |
| ING-INF/05 | 2 | 16 | EXERCISES | |
| ING-INF/05 | 1 | 8 | LAB |
| Objectives | |
|---|---|
| THE COURSE DEVELOPS PRACTICAL SKILLS FOR THE IMPLEMENTATION OF STRATEGIES AND PROCESSES AIMED AT PROTECTING PERSONAL DATA AND CYBERSECURITY. KNOWLEDGE AND UNDERSTANDING FRAMEWORK AND BEST PRACTICES FOR CYBERSECURITY AND DATA PROTECTION. RISK AND VULNERABILITY ASSESSMENT AS WELL AS HARDENING TECHNIQUES FOR LINUX. IDENTITY MANAGEMENT AND ACCESS CONTROL TO SYSTEMS. PROCEDURES AND PROCESSES FOR DATA PROTECTION. SYSTEMS FOR SECURITY MONITORING AND CONTINUOUS IMPROVEMENT. PENETRATION TESTING METHODOLOGIES. APPLIED KNOWLEDGE AND UNDERSTANDING IMPLEMENTING PROCEDURES FOR IDENTIFYING RISKS, IMPLEMENTING PROTECTION MEASURES, IDENTIFYING AND RESPONDING TO ATTACKS, AND RECOVERY IN REAL COMPUTER SYSTEMS. |
| Prerequisites | |
|---|---|
| IN ORDER TO SUCCESSFULLY ACHIEVE THE SET OBJECTIVES, KNOWLEDGE OF COMPUTER NETWORKS, COMPUTER ARCHITECTURES, THE MAIN ENCRYPTION ALGORITHMS, AND BASIC KNOWLEDGE OF GNU/LINUX-BASED SYSTEMS ARE REQUIRED. |
| Contents | |
|---|---|
| UNIT 1: INTRODUCTION TO COMPUTER SECURITY (LECTURE/EXERCISE/LABORATORY HOURS: 8/0/0) -1 (4 HOURS LECTURE): INTRODUCTION TO SYSTEM AND NETWORK SECURITY -2 (4 HOURS LECTURE): MAJOR THREATS: MALWARE AND NETWORK ATTACKS KNOWLEDGE AND UNDERSTANDING:UNDERSTANDING BASIC CONCEPTS RELATED TO COMPUTER SECURITY, SECURITY GOVERNANCE, AND THE MAIN METHODOLOGIES FOR RISK ASSESSMENT AND VULNERABILITY ASSESSMENT APPLIED KNOWLEDGE AND UNDERSTANDING:IDENTIFYING AND EVALUATING THE MAIN CYBER RISKS OF SYSTEMS AND NETWORKS UNIT 2: GNU/LINUX ENGINEERING BASICS (LECTURE/EXERCISE/LABORATORY HOURS: 4/0/14) - 1 (6 HOURS LABORATORY): GNU/LINUX BASICS AND BASH - 2 (2 HOURS LECTURE): USER AUTHENTICATION AND ACCESS CONTROL - 3 (2 HOURS LABORATORY): USER AUTHENTICATION AND ACCESS CONTROL PRACTICE - 4 (2 HOURS LABORATORY): LINUX AUDITING AND LOGGING - 5 (2 HOURS LECTURE): LINUX SYSTEM SECURITY AND FIREWALL BASICS - 6 (2 HOURS LABORATORY): LINUX SYSTEM SECURITY AND FIREWALL BASICS PRACTICE - 7 (2 HOURS LABORATORY): LINUX SYSTEM SECURITY AND FIREWALL BASICS PRACTICE KNOWLEDGE AND UNDERSTANDING:KNOWLEDGE OF GNU/LINUX SYSTEMS AND BASH. UNDERSTANDING BASIC CONCEPTS FOR USER AUTHENTICATION AND RESOURCE ACCESS MANAGEMENT IN LINUX APPLIED KNOWLEDGE AND UNDERSTANDING:USING MAIN LINUX BASH COMMANDS AND CREATING SIMPLE SCRIPTS. BASIC FIREWALL CONFIGURATIONS. UNIT 3: ETHICAL HACKING AND PENETRATION TESTING BASICS (LECTURE/EXERCISE/LABORATORY HOURS: 2/0/14) - 1 (2 HOURS LECTURE): INTRODUCTION TO ETHICAL HACKING - 2 (2 HOURS LABORATORY): BUILDING A PENETRATION TESTING LAB - KALI LINUX, METASPLOITABLE, OWASP - 3 (4 HOURS LABORATORY): PERFORMING VULNERABILITY ASSESSMENT - 4 (4 HOURS LABORATORY): NETWORK PENETRATION TESTING - 5 (4 HOURS LABORATORY): LINUX PENETRATION TESTING LAB KNOWLEDGE AND UNDERSTANDING:UNDERSTANDING THE MAIN CONCEPTS OF ETHICAL HACKING AND PENETRATION TESTING APPLIED KNOWLEDGE AND UNDERSTANDING: PERFORMING VULNERABILITY ASSESSMENT. CONDUCTING PENETRATION TESTING USING KALI LINUX UNIT 4: PROJECT WORK (LECTURE/EXERCISE/LABORATORY HOURS: 0/0/8) - 1 (8 HOURS LABORATORY): PROJECT WORK KNOWLEDGE AND UNDERSTANDING:UNDERSTANDING ISSUES RELATED TO SYSTEM ASSESSMENT AND HARDENING APPLIED KNOWLEDGE AND UNDERSTANDING: PLANNING AND CONDUCTING PENETRATION TESTING (TOTAL LECTURE/EXERCISE/LABORATORY HOURS: 12/0/36) |
| Teaching Methods | |
|---|---|
| THE COURSE CONSISTS OF FRONTAL LECTURES AND EXERCISES IN THE CLASSROOM AND IN THE LABORATORY. PART OF THE LAB HOURS IS DEVOTED TO THE REALIZATION OF A TEAM PROJECT. |
| Verification of learning | |
|---|---|
| THE EXAM IS COMPOSED BY THE DISCUSSION OF A TEAM PROJECTWORK AND AN ORAL INTERVIEW. THE DISCUSSION OF THE PROJECT WORK AIMS AT EVALUATING THE ABILITY TO BUILD A VULNERABLE TECHNOLOGICAL INFRASTRUCTURE CONSISTING. THE DISCUSSION OF THE PROJECT INCLUDES A PRACTICAL DEMONSTRATION OF THE FUNCTIONING OF THE INFRASTRUCTURE REALIZED, AND A PROFESSIONAL REPORT THAT LISTS THE VULNERABILITIES AND TECHNIQUES TO BE APPLIED FOR A CORRECT POSTURE RELATING TO SECURITY. THE ORAL INTERVIEW EVALUATES THE LEVEL OF THE KNOWLEDGE AND UNDERSTANDING OF THE THEORETICAL TOPICS, TOGETHER WITH THE EXPOSITION ABILITY OF THE CANDIDATE. |
| Texts | |
|---|---|
| THE TEACHING MATERIAL WILL BE AVAILABLE ON THE UNIVERSITY E-LEARNING PLATFORM (HTTP://ELEARNING.UNISA.IT) ACCESSIBLE TO STUDENTS USING THEIR OWN UNIVERSITY CREDENTIALS. SUGGESTED BOOKS ARE: - MASTERING LINUX SECURITY AND HARDENING - DONALD A. TEVAULT - THE ULTIMATE KALI LINUX BOOK - GLEN D. SINGH - COMPUTER SECURITY PRINCIPLES AND PRACTICE - WILLIAM STALLINGS |
| More Information | |
|---|---|
| The course is held in English |
BETA VERSION Data source ESSE3 [Ultima Sincronizzazione: 2024-11-18]
