Masterstudium Business Informatics - Fakultät für Informatik, TU Wien
Masterstudium Business Informatics - Fakultät für Informatik, TU Wien
Masterstudium Business Informatics - Fakultät für Informatik, TU Wien
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Skills:<br />
• Practical skills to identify security gaps and conducting security assessments including<br />
technical vulnerability scans in large IT infrastructures<br />
• Designing and implementing enterprize security architectures (e.g. RBAC, AAA,<br />
logging, security domains, information security policy, monitoring and incident<br />
response)<br />
• Identiying security pitfalls in enterprize architectures<br />
• Economics of security and right sizing security architectures (security- vs. business<br />
risks)<br />
• Compromising information security and data integrity ("hacking", social engineering)<br />
Competences:<br />
• Methods for interdisciplinary threat- and risk identication<br />
• Eective incident response in complex technological and organizational contexts<br />
• Enforcing best practice security engineering behavior in early phases of IT-projects<br />
(security engineering as part of systems engineering)<br />
Syllabus: Based on the concepts and security mechanisms this module broadens and<br />
deepens the knowledge of IT security by teaching theoretical aspects and best practice<br />
solutions as well as giving practical exercises.<br />
Advanced aspects of the planning and implementation of security mechanisms: Requirement<br />
studies, situation analysis and risk identication, security architecture principles,<br />
advanced aspects for implementing, software security, Web application security, mobile<br />
security, network security, public key infrastructures, service level agreements, quality<br />
of service; attacking IT systems, e.g., injection attacks, buer overows, dierent kinds<br />
of denial of service attacks, eects of the combination of attacks for IT systems; best<br />
practice examples of implementing security in large IT infrastructures; security testing<br />
in large IT infrastructures, e.g., test process, penetration testing.<br />
Expected Prerequisites:<br />
WIN/RSI - Recht und Sicherheit<br />
Teaching and Learning Methods and Adequate Assessment of Performance: The module<br />
is organized along lectures, exercises in group work, e-learning.<br />
Courses of Module:<br />
3.0/2.0 VU Advanced Security for Systems Engineering<br />
3.0/2.0 VU IT security in Large IT infrastructures<br />
80