Security Studies and Ethical Hacking

The course will provide an overview of definitions (what is security, economic and geopolitical underpinnings, etc.), security standards (for example ISO 27001, ISO 270017), scope and threat modelling, physical and network security, and common and current threat vectors. Students will learn how to implement security, the typical mechanical tools (layered switches, firewalls, load balancers, Intrusion detection systems, biometric tools) and common social mechanisms (security policy, user and admin training, live threat exercises). The law, and the ethics and moral reasoning in Security will be provided with an emphasis on the Slovenian and EU laws applicable to security (criminal law, data breach and retention laws, security classifications, GDPR), and on the ethics of security (ethical considerations concerning businesses, users and developers; ethical disclosure; moral obligation for follow-up and pursuit of increased resilience). The topic on ethical hacking will include definitions of basic terms and historical overview (from first MIT hacks, to phreaking, MBX hacks, and current state of play), typical tools used in PEN testing and ethical hacking (Kali, Shodan, Metasploit, Wireshark), and social engineering (definitions, empirical arguments, practical application).