- Docente: Anna Paola Lenzi
- Credits: 6
- Language: Italian
- Moduli: Anna Paola Lenzi (Modulo 1) Fabio Giustiniani (Modulo 2)
- Teaching Mode: Traditional lectures (Modulo 1) Traditional lectures (Modulo 2)
- Campus: Cesena
- Corso: First cycle degree programme (L) in Computer Systems Technologies (cod. 5816)
-
from Feb 21, 2023 to May 09, 2023
-
from Feb 21, 2023 to Jun 06, 2023
Learning outcomes
At the end of the course the student will know the basic principles of computer security and the main security issues of computer systems and networks. He/She will know the communication protocols and mechanisms used to ensure the secure transfer of information. He/She will be able to critically evaluate the security of an information system, identifying possible vulnerabilities and implementing all the necessary countermeasures to mitigate the problems identified and increase the robustness of the system. He/she will know the principles and methodologies behind directory services and will be able to manage a small system based on proprietary or open source directory services. He/she will know the methods to support an application to a directory service deployed in the cloud through the services of the main cloud providers. He/she will be able to contribute to the design of systems, even in cloud, where security is an essential and structural element. He/She will be able to design and secure mechanisms for Internet-based devices and cloud-distributed systems, using the frameworks available on these cloud platforms. He/She will be able to use "penetration testing" tools to validate the security of a system by researching its vulnerabilities and measuring the effects of exploiting these vulnerabilities.
Course contents
The course consists of two modules.
The contents are divided into the following macro topics:
Module 1:
The protection of personal data: regulatory framework
The security measures in the GDPR
Privacy by design and privacy by default: impacts on software development
Module 2:
1. Context, history, trend
2. Basic principles of computer security
3. Cybersecurity frameworks
4. Cybersecurity: multidisciplinary approach
5. Network security
1. Networking principles
2. Laboratory: set up of a network, simulation of attacks, remediations
6. Directory Services
1. Principles and methodologies of directory services
2. Laboratory: simulation of attacks, remediations
2. Cloud infrastructure
1. General principles of cloud infrastructure and dev ops
2. Laboratory: simulation of attacks, remediations
3. Risk assessments
4. Vulnerability Finding Using OWASP Guide
5. Manual penetration test
6. Incident management
7. Secure coding: design and development of an app from a "security and privacy by design" perspective
8. The role of artificial intelligence in cybersecurity
9. Static code analysis: scanning, analysis and evidence management
Ulteriori informazioni su questo testo di originePer avere ulteriori informazioni sulla traduzione è necessario il testo di origine
Invia commenti
Riquadri laterali
Readings/Bibliography
The slides relating to the teaching material will be made available on Virtuale.
Teaching methods
Lectures and laboratory exercises
Assessment methods
Final written test with closed-ended questions test.
Teaching tools
Slides and additional material will be made available on Virtuale.
Office hours
See the website of Anna Paola Lenzi
See the website of Fabio Giustiniani