Type A
|
Code |
Competences Specific | | A6 |
Be able to design, develop, evaluate and ensure the accessibility, ergonomics, usability and security of IT systems, services and applications, and the information that they manage. |
| A7 |
Be able to define, evaluate and select hardware and software platforms for the development and execution of IT systems, services and applications. |
| CM5 |
Have knowledge of administration and maintenance of IT systems, services and applications.
|
| CM11 |
Have knowledge of and apply the characteristics, functions and structure of distributed systems, computer networks and the Internet, and the design and implementation of applications based on them.
|
| CM13 |
Have knowledge of and apply the tools necessary for the storage, processing and access to information systems, including web-based systems.
|
Type B
|
Code |
Competences Transversal |
Type C
|
Code |
Competences Nuclear |
Type A
|
Code |
Learning outcomes |
| A6 |
Know the risks of TCP/IP communications.
Know how to design the security architecture of an IT system.
Know how to use the different types of cryptosystems according to the needs.
| | A7 |
Know how to use vulnerability detection tools.
Know how to design the security architecture of an IT system.
| | CM5 |
Know how to configure a firewall.
Know how to configure an intrusion detection system.
Know the techniques for creating a deception system.
Know how to design the security architecture of an IT system.
| | CM11 |
Know how to design the security architecture of an IT system.
Understand the functioning of symmetrical and asymmetrical cryptosystems.
Know how to use the different types of cryptosystems according to the needs.
Understand the functioning of a public key infrastructure.
| | CM13 |
Understand the functioning of a public key infrastructure.
Know the different secure protocols currently used in TCP/IP communications.
Know how to use the secure communication protocols that currently exist.
|
Type B
|
Code |
Learning outcomes |
Type C
|
Code |
Learning outcomes |
Topic |
Sub-topic |
1. Cryptographic toolbox. |
1.1. Introduction
1.2. Stream encryption
1.3. Block encryption
1.4. Public key encryption
1.5. Digital signatures
1.6. Digital envelope
1.7. Public key infrastructure
1.8. Security devices |
2. Secure communication protocols |
2.1. Introduction
2.2. Link-level protocols:WEP/WPA/WPA2/WPA3
2.3. Network-level protocols: IPSec
2.4. Transport-level protocols: SSL/TLS/SSH
2.5. Application-level protocols
|
3. Vulnerabilities and protection |
3.1. Introduction
3.2. Eavesdropping and data interception
3.3. Attacks against authentication
3.4. Attacks against denial of service
3.5. Software attacks
3.6. Port scanning
3.7. Vulnerability scanning
3.8. Firewalls |
4. Intrusion detection |
4.1. Introduction
4.2. Intrusion Detection Systems (IDS)
4.3. SNORT
4.3. Honeypots
4.4. Security consoles |
5. Security management |
5.1. Information Security Management System (ISMS)
5.2. Implement, monitor, maintain, and improve
5.3. ISO/IEC 27000-series |
Methodologies :: Tests |
|
Competences |
(*) Class hours
|
Hours outside the classroom
|
(**) Total hours |
Introductory activities |
|
1 |
0.5 |
1.5 |
Lecture |
|
25 |
37.5 |
62.5 |
IT-based practicals in computer rooms |
|
28 |
42 |
70 |
Personal attention |
|
2 |
0 |
2 |
|
Extended-answer tests |
|
4 |
10 |
14 |
|
(*) On e-learning, hours of virtual attendance of the teacher. (**) The information in the planning table is for guidance only and does not take into account the heterogeneity of the students. |
Methodologies
|
Description |
Introductory activities |
The professor describes the content of the subject and the evaluation method. |
Lecture |
The students have access to the subject contents and a study plan. In each lecture, the professor explains the content corresponding to the planned session and answers the students' questions. The students are expected to have studied the material beforehand. |
IT-based practicals in computer rooms |
The practical sessions take place in weekly two-hour sessions. At the beginning of each session, a guide is provided, and the necessary concepts to carry out the practice are explained. The students work on the practice in pairs. |
Personal attention |
Laboratory Practices:
Students can consult any doubts with the professor. They can do so during class hours, by visiting the professor's office during consultation hours, through email, using the Moodle platform, or through authorized video conferencing tools arranged beforehand by the URV.
Lecture Session:
Students can consult any doubts with the professor. They can do so during class hours, by visiting the professor's office during consultation hours, through email, using the Moodle platform, or through authorized video conferencing tools arranged beforehand by the URV. |
Description |
Laboratory Practices:
Students can consult any doubts with the professor. They can do so during class hours, by visiting the professor's office during consultation hours, through email, using the Moodle platform, or with authorized video conferencing tools scheduled in advance by the URV.
Lecture Session:
Students can consult any doubts with the professor. They can do so during class hours, by visiting the professor's office during consultation hours, through email, using the Moodle platform, or with authorized video conferencing tools scheduled in advance by the URV.
|
Methodologies |
Competences
|
Description |
Weight |
|
|
|
|
IT-based practicals in computer rooms |
|
The subject is divided into two blocks, and each block has a practical component. The final grade for the practicals (NP) is calculated as follows:
NP = NP1 * 0.6 + NP2 * 0.4
Practical grade for Block I (NP1): topics 1 and 2
Practical grade for Block II (NP2): topics 3, 4, and 5
-The minimum grade for a practical to be averaged with the others must be 4.
-NP1 and NP2 must be greater than or equal to 5 to pass the corresponding block's practicals. |
0.25 |
Extended-answer tests |
|
The subject is divided into two blocks, and the final grade for the development tests (NE) is calculated as follows:
NE = E1 * 0.6 + E2 * 0.4
Exam grade for Block I (E1): topics 1 and 2
Exam grade for Block II (E2): topics 3, 4, and 5
The minimum passing grade for an exam to continue with the Continuous Assessment (AC) is 4. If the grade for either of the two exams (E1 or E2) is below 4, the Continuous Assessment is failed. The subject can only be passed by retaking the failed part in the second assessment period.
Starting from a grade of 4, the exams are weighted averaged and the final grade (NE) must be higher than 5.
The development tests can be conducted on paper or using electronic devices provided by the URV in computerized classrooms. |
0.75 |
Others |
|
The Final Grade of the Continuous Assessment (NFAC) is calculated as follows:
NFAC = NE * 0.75 + NP * 0.25
Where:
NE represents the final grade for the development tests,
NP represents the final grade for the practical assignments.
The development tests contribute 75% to the final grade, while the practical assignments contribute 25%. By combining these two components with their respective weights, the NFAC is determined, representing the overall grade for the Continuous Assessment. |
|
|
Other comments and second exam session |
If students do not follow the Continuous Assessment (AC), if they obtain less than a 4 on one of the exams (E1 or E2), or if they do not pass it (the Final Grade of the Continuous Assessment - NFAC - is less than 5), they can pass the subject in the second call.
Exams: - The student only needs to take the exam for the block they have not taken or in which they have obtained a score below 5.
- The student will have a grade for each block: NE1 (block 1) and NE2 (block 2).
- The second call exam grade for each block must be equal to or higher than 4 (NE1 >= 4, NE2 >= 4) to calculate the average.
- The exam grade is calculated the same way as in the AC: NE = 0.6NE1 + 0.4NE2.
Practicals: - Practical assignments must be submitted and passed following the same criteria as in the AC.
- Therefore, the student will have an NP1 and NP2 corresponding to the practical grade for block 1 and block 2, respectively.
- The practical grade is calculated the same way as in the AC: NP = 0.6NP1 + 0.4NP2.
Final Grade: NF = 0.75NE + 0.25NP.
Considerations: - Students are not allowed to bring electronic devices to any of the face-to-face written exams.
- Development tests can be carried out on paper or using URV electronic devices in computerized classrooms.
- If, given the health conditions, face-to-face exams cannot be held, they will be conducted online through Moodle questionnaires on the scheduled dates. These questionnaires will contain practical questions, that is, exercises with calculations and reasoning problems. Each exam will have different values or variations of the problem, and therefore, different answers. In other words, no two exams will be the same.
- The duration of the test will be two hours, and this time limit will be fixed.
In the case of online tests, it is necessary to ensure the identity of the student and that the assessment is individual, so the following procedure will be followed: - Access the "URV Online Campus" (Moodle) with the student's credentials about 30 minutes before the test.
- Then connect to the MS Teams theory classroom (or a video conferencing tool authorized by the URV).
- When accessing, the camera must be turned on. It will be verified that the student participating in the online test is alone and that the student is the one taking the test.
- Request a commitment to honest conduct from the student, meaning that the student commits, on their honor, to complete the test without receiving any external help. They will answer the questions without any assistance.
- Request the student's approval to take the exam with the camera turned on.
- Turn off the microphones during the test. However, they can be connected if there is a general question to ask or an incident occurs.
- If dishonest behavior is detected and there is only one connected professor, evidence of the actions will be collected.
- If the student has a specific question about the exam, they can send it to the professor's mailbox.
- In case of an incident, efforts will be made to resolve it quickly and increase the response time for affected students.
The students can consult updated information in the Moodle space for the subject. |
Basic |
E.D.Zwicky, S.Cooper, D.B.Chapman, Building Internet Firewalls, 2n Edition, O'Reilly, 2000
Sean Convery, Network Security Architectures, , Cisco Press, 2004
Bruce Schneider, Applied cryptography, , Wiley, 1996
Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone, Handbook of applied cryptography, , CRC Press, 2001
Josep Domingo-Ferrer, Jordi Herrera Joancomartí, Ricardo X. Sànchez del Castillo, Criptografia, , Universitat Oberta de Catalunya, 1999
Jordi Herrera Joancomartí, Joaquín García Alfaro, Xavier Perramón Tornil, Seguretat en Xarxes de Computadors, , Universitat Oberta de Catalunya, 2004
|
|
Complementary |
|
|
Subjects that continue the syllabus |
ELECTRONIC COMMERCE SYSTEMS/17234121 |
|
Subjects that are recommended to be taken simultaneously |
MANAGEMENT OF SYSTEMS AND NETWORKS/17234119 |
|
Subjects that it is recommended to have taken before |
DISCRETE MATHEMATICS I/17234009 | DISCRETE MATHEMATICS II/17234010 | DATA NETWORKS/17234118 |
|
(*)The teaching guide is the document in which the URV publishes the information about all its courses. It is a public document and cannot be modified. Only in exceptional cases can it be revised by the competent agent or duly revised so that it is in line with current legislation. |
|