After successful completion of the course, students are able to timely recognize security sensitive aspects of projects during the engineering process of IT systems as well as introduce appropriate security measures in order to have a sufficient level of IT security during the operation of an IT system. Your general security awareness is promoted.

The topics of the lecture are among others

• Introduction in IT Security/ Basics of IT Security 
• Approach and Point of View of Attackers 
• Methods of Attackers to Gain Information 
• Risk Analysis 
• Access Control (Authentication, Authorization,...) 
• Operating System Security 
• Network Security 
• Basics of Cryptography 
• Security in Software Development 
• Security of Applications 
• Security of Web Applications 
• Organizational Security 
• Discovery of Security Problems 
• Security Tests 

Theoretical basics, as well as lessons learned, are taught in the lectures. In 3 individual/team exercises the content is deepened and broadened. Again and again, you will switch into the role of attackers so you can think about how security measures can go wrong and to help you understand the background why it is important to secure IT systems.

In the lecture the necessary technical foundations are taught, research in depth is guided on-demand, and real, often large, case studies are presented. In the exercises, the application of different aspects of the lecture are deepened and extended in 3 single and group tasks in our IT security lab infrastructure.

Effort for the student (ECTS-Breakdown):

• Preliminary talk: 1 h
• Lectures: 13,5 h
• Self Study (Exercises, Preparation Time for Written Exam): 59 h
• Written Exam: 1.5 h

Total: 75 hours (3 ECTS)

If you have any questions, please contact lva.security@inso.tuwien.ac.at

During the term, 3 individual/team exercises, primarily in the style of Jeopardy CTF Contests, need to be finished and documented. For the team exercises, additional exercise interviews need to be done. Moreover, there is a written exam.