The course will provide an overview of
definitions (what is security, economic and geopolitical underpinnings, etc.),
security standards (for example ISO 27001, ISO 270017), scope and threat
modelling, physical and network security, and common and current threat
vectors. Students will learn how to implement security, the typical mechanical
tools (layered switches, firewalls, load balancers, Intrusion detection
systems, biometric tools) and common social mechanisms (security policy, user
and admin training, live threat exercises). The law, and the ethics and moral
reasoning in Security will be provided with an emphasis on the Slovenian and EU
laws applicable to security (criminal law, data breach and retention laws,
security classifications, GDPR), and on the ethics of security (ethical
considerations concerning businesses, users and developers; ethical disclosure;
moral obligation for follow-up and pursuit of increased resilience). The topic
on ethical hacking will include definitions of basic terms and historical
overview (from first MIT hacks, to phreaking, MBX hacks, and current state of
play), typical tools used in PEN testing and ethical hacking (Kali, Shodan,
Metasploit, Wireshark), and social engineering (definitions, empirical
arguments, practical application).