Go to main contentGo to navigation menu
University of Catania  >  DMI
Reserved Area
ITA
Logo UniCt

Degree Course in

Computer Science

Follow us
Search

INTERNET SECURITY & LABORATORY
Module LABORATORY

Academic Year 2024/2025 - Teacher: SERGIO ESPOSITO

Expected Learning Outcomes

  1. Knowledge and understanding. Students will get to grips with the security issues affecting the Internet today, as well as of methods and tools to thwart such issues.
  2. Applying knowledge and understanding. Students will complete their fundamental security knowledge with the practical applications of the tools to establish security, for example through the setup, both at hardware and software level, of a portable laboratory consisting of laptops and hubs.
  3. Making judgements. Students will become expert players of the "security game", namely the game of finding attacks to a system that would have to be secure, and then devising appropriate ways to patch the attacks found.
  4. Communication skills. Students will familiarise with the typical cyber security terms, building their capacity to conjugate the general "security" word as appropriate depending on context.
  5. Learning skills. Students will get the critical attitude and competences to tackle and solve the security problems are they arise in various forms.

Course Structure

During each lesson, slides will be projected to support upfront teaching. The course is designed to be highly interactive between students and the lecturer, due to the extremely practical nature of the covered topics.

Required Prerequisites

Good logic reasoning. Fundamentals about operating systems and networks.

Attendance of Lessons

Attending the course is mandatory.

Detailed Course Content

  • Intrusions
  • Firewall
  • Intrusion Prevention System
  • Endpoint Detection and Response
  • Incident Response
  • System Logs
  • Security Information and Event Management
  • Security Orchestration, Automation and Response
  • Security Operation Center
  • Recent Threats

Textbook Information

  • William Stallings: Network security essentials.
  • Bruce Schneier: Secrets and lies.

Course Planning

 SubjectsText References
1IntrusionsEducational material given by the lecturer, online resources and aforementioned textbooks
2FirewallEducational material given by the lecturer, online resources and aforementioned textbooks
3Intrusion Prevention SystemEducational material given by the lecturer, online resources and aforementioned textbooks
4Endpoint Detection and ResponseEducational material given by the lecturer, online resources and aforementioned textbooks
5Incident ResponseEducational material given by the lecturer, online resources and aforementioned textbooks
6System LogsEducational material given by the lecturer, online resources and aforementioned textbooks
7Security Information and Event ManagementEducational material given by the lecturer, online resources and aforementioned textbooks
8Security Orchestration, Automation and ResponseEducational material given by the lecturer, online resources and aforementioned textbooks
9Security Operation CenterEducational material given by the lecturer, online resources and aforementioned textbooks
10Recent ThreatsEducational material given by the lecturer and online resources

Learning Assessment

Learning Assessment Procedures

  1. Optional mid-term tests, with lab activities aiming to solve real-world problems.
  2. Implementation project.
  3. Oral examination.

Examinations may take place remotely, if required by the circumstances.

For the assignment of grades for individual assessments, the following criteria are typically followed:

  • Fail: The student has not acquired the basic concepts and is unable to answer questions or complete the exercises.
  • 18-23: The student demonstrates a minimal mastery of the fundamental concepts; their ability to present and connect content is modest, and they can solve simple exercises.
  • 24-27: The student shows a good grasp of the course content; their ability to present and connect the content is good, and they solve exercises with few errors.
  • 28-30 with honors: The student has acquired all course content and can present them comprehensively with a critical perspective; they solve exercises completely and without errors.

Students with disabilities and/or learning disorders (DSA) must contact the lecturer and the CInAP representative at DMI well in advance of the exam date to inform them of their intention to take the exam with the appropriate compensatory measures.

Examples of frequently asked questions and / or exercises

  • Mid-term test: detect the exploitation of a CVE, using one of the solutions discussed within the course.
  • Implementation project: protect a server that runs some outdates services, leveraging both protection and monitoring solutions.
  • Oral examination: describe a possible strategy for the detection of a ransomware.