Checking date: 23/04/2024


Course: 2024/2025

Cybersecurity engineering
(19474)
Dual Bachelor in Computer Science and Engineering, and Business Administration (Plan: 437 - Estudio: 233)


Coordinating teacher: ESTEVEZ TAPIADOR, JUAN MANUEL

Department assigned to the subject: Computer Science and Engineering Department

Type: Compulsory
ECTS Credits: 6.0 ECTS

Course:
Semester:




Skills and learning outcomes
Description of contents: programme
1. Introduction to Cybersecurity 1.1. What is cybersecurity? 1.2. The CIA Triad 1.3. Vulnerabilities, Threats, Risks, and Controls 1.4. Adversaries 1.5. Design Principles 1.6. Research Areas in Cybersecurity 2. Authentication 2.1. User Authentication 2.2. Authentication Factors 2.3. Passwords and Password Managers 2.4. Biometric Authentication 2.5. Federated Identity 3. Access Control 3.1. The Protection Problem 3.2. Access Control Models 3.3. Access Control in Linux (I): Credentials and the Permission System: 3.4. Access Control in Linux (II): POSIX ACLs and Capabilities 4. Network Security 4.1. Communication Security 4.2. TCP/IP Security 4.3. Network Discovery and Scanning 4.4. Web Security 4.5. Firewalls 4.6. Intrusion Detection Systems 5. Security Protocols: TLS 5.1. History and Design Goals. 5.2. The Handshake Protocol 5.3. The Record Protocol 5.4. Interception and Certificate Pining 6. Vulnerabilities 6.1. Vulnerability Types 6.2. Numbering (CVE) and Metrics (CVSS) 6.3. Life Cycle of a Vulnerability 7. Malware 7.1. Malicious Code 7.2. Types 7.3. Payloads, Propagation and Activation 7.4. Case Studies 8. Cybersecurity Regulation 8.1. Regulation in the US 8.2. Regulation in the EU 8.3. Privacy Regulation
Learning activities and methodology
The teaching methodology includes: 1. Lectures to present the knowledge base that students must acquire. Students will be provided with the lecture notes used in class along with additional documents and basic text references to help in the study of the topics covered. (2 ECTS) 2. Practical lectures, where the students will have to solve exercises and quizzes. (1 ECTS) 3. Discussion of real cases to illustrate concepts and techniques introduced during the lectures. (1 ECTS) 4. Lab sessions in computer labs, where the students will learn techniques and develop skills in the use of cybersecurity tools, including binary analysis, distributed systems security and network security. (2 ECTS)
Assessment System
  • % end-of-term-examination 60
  • % of continuous assessment (assigments, laboratory, practicals...) 40

Calendar of Continuous assessment


Extraordinary call: regulations
Basic Bibliography
  • Anderson, Ross. SECURITY ENGINEERING: A GUIDE TO BUILDING DEPENDABLE DISTRIBUTRED SISTEMS (2nd edition). Wiley. 2008
  • Vacca, John R. (Editor).. COMPUTER AND INFORMATION SECURITY HANDBOOK.. Elsevier (The Morgan Kaufmann Series in Computer Security).. 2009
Additional Bibliography
  • Vacca, John R. (Editor).. COMPUTER AND INFORMATION SECURITY HANDBOOK.. Elsevier (The Morgan Kaufmann Series in Computer Security).. 2009

The course syllabus may change due academic events or other reasons.