Security of Electronic Operations

Security of Electronic Operations

Course title
Security of Electronic Operations
Course tag
11043
Semester
5
Course status
Mandatory
ECTS
4
Lectures
30
Practice
30
Independent work
60
Total
120
Teachers and associates
Msc Dražen Pranić, Lecturer
Robert Petrunić, Lecturer
The course aims
Introduce students with threats and methods of protection of modern information systems which are foundation for electronic business. Focus will be put on threats and methods of protection on the critical IT infrastructure components. Also, special focus will be placed on the security of web and mobile applications and their most important threats and protection mechanisms. Penetration testing methodology on electronic business information systems will be thoroughly explained.
Content
Basics and legal framework for e-business. Description of trends for attacks on the most important online business systems. Advanced cyber attacks and defense methods on critical IT infrastructure components. Web application security. Security of mobile devices. DOS/DDOS attacks. Malicious software. Methods of attacks on e-business information systems.
Literature:
Supplementary literature
1. CEH: Official Certified Ethical Hacker Review Guide: Exam 312-50 Autor: Kimberly Graves
2. Microsoft Forefront Threat Management Gateway (TMG) Administrators Companion Autori: Jim Harrison, Yuri Diogenes, Mohit Saxena Microsoft Press
3. Peter G Smith: Linux Network Security, Charles River Media 2005.

Minimum learning outcomes

  1. Determinethe basics of e-business security.
  2. Understand the most important e-business information security frameworks.
  3. Identify the most important threats to the security of web and mobile applications and their protection methods.
  4. Identify the most significant threats and vulnerabilities for security of e-business: malware, denial of service attacks, Web application vulnerabilities.
  5. Evaluate methods of carrying out attacks on e-business information systems.

Preferred learning outcomes

  1. Determine an appropriate legal framework for e-business.
  2. Evaluate and apply the most important e-business information security frameworks.
  3. Apply different methods of protection for web and mobile applications.
  4. Evaluate and apply methods of protection against malicious software, denial of service attacks and Web applications security.
  5. Choose appropriate methods of attacks on e-business information systems.