INTERNET SECURITY
Academic Year 2023/2024 - Teacher: SERGIO ESPOSITOExpected Learning Outcomes
- Knowledge and understanding. Students will get to grips with the security issues affecting the Internet today, as well as of methods and tools to thwart such issues.
- Applying knowledge and understanding. Students will complete their fundamental security knowledge with the practical applications of the tools to establish security, for example through the setup, both at hardware and software level, of a portable laboratory consisting of laptops and hubs.
- Making judgements. Students will become expert players of the "security game", namely the game of finding attacks to a system that would have to be secure, and then devising appropriate ways to patch the attacks found.
- Communication skills. Students will familiarise with the typical cyber security terms, building their capacity to conjugate the general "security" word as appropriate depending on context.
- Learning skills. Students will get the critical attitude and competences to tackle and solve the security problems are they arise in various forms.
Course Structure
During each lesson, slides will be projected to support upfront teaching. The course is designed to be highly interactive between students and the lecturer, due to the extremely practical nature of the covered topics.
Required Prerequisites
Good logic reasoning. Fundamentals about operating systems and networks.
Attendance of Lessons
Attending the course is highly encouraged due to the practical nature of the covered topics.
Detailed Course Content
- Intrusions
- Firewall (with lab activity)
- Intrusion Prevention System (with lab activity)
- Endpoint Detection and Response (with lab activity)
- Incident Response
- System Logs
- Security Information and Event Management (with lab activity)
- Security Orchestration, Automation and Response
- Security Operation Center
- Recent Threats
Textbook Information
- William Stallings: Network security essentials.
- Bruce Schneier: Secrets and lies.
Course Planning
| Subjects | Text References | |
|---|---|---|
| 1 | Intrusions | Educational material given by the lecturer, online resources and aforementioned textbooks |
| 2 | Firewall | Educational material given by the lecturer, online resources and aforementioned textbooks |
| 3 | Intrusion Prevention System | Educational material given by the lecturer, online resources and aforementioned textbooks |
| 4 | Endpoint Detection and Response | Educational material given by the lecturer, online resources and aforementioned textbooks |
| 5 | Incident Response | Educational material given by the lecturer, online resources and aforementioned textbooks |
| 6 | Log di Sistema | Educational material given by the lecturer, online resources and aforementioned textbooks |
| 7 | Security Information and Event Management | Educational material given by the lecturer, online resources and aforementioned textbooks |
| 8 | Security Orchestration, Automation and Response | Educational material given by the lecturer, online resources and aforementioned textbooks |
| 9 | Security Operation Center | Educational material given by the lecturer, online resources and aforementioned textbooks |
| 10 | Recent Threats | Educational material given by the lecturer and online resources |
Learning Assessment
Learning Assessment Procedures
- Optional mid-term tests, with lab activities aiming to solve real-world problems.
- Implementation project.
- Oral examination.
Examinations may take place remotely, if required by the circumstances.
Examples of frequently asked questions and / or exercises
- Mid-term test: detect the exploitation of a CVE, using one of the solutions discussed within the course.
- Implementation project: protect a server that runs some outdates services, leveraging both protection and monitoring solutions.
- Oral examination: describe a possible strategy for the detection of a ransomware.