Module EIT-FUN-413-M-7

Information Security Assessment and Operations (M, 8.0 LP)

Module Number	Module Name	CP (Effort)
EIT-FUN-413-M-7	Information Security Assessment and Operations	8.0 CP (240 h)

CP, Effort	8.0 CP = 240 h
Position of the semester	1 Sem. in SuSe
Level	[7] Master (Advanced)
Language	[EN] English
Module Manager	Schotten, Hans D., Prof. Dr.-Ing. (PROF \| DEPT: EIT)
Lecturers	Duque Antón, Simon, Dipl.-Ing. (EXT \| DEPT: EIT) Schotten, Hans D., Prof. Dr.-Ing. (PROF \| DEPT: EIT)
Area of study	[EIT-FUN] Wireless Communication and Navigation
Reference course of study	[EIT-88.781-SG#2010] M.Sc. Electrical and Computer Engineering [2010]
Livecycle-State	[NORM] Active

Type/SWS	Course Number	Title	Choice in Module-Part	Presence-Time / Self-Study		SL	SL is required for exa.	PL	CP	Sem.
6K+V+L	EIT-FUN-413-K-7	Information Security Assessment and Operations	P	45 h	195 h	L-Schein	ja	PL1	8.0	SuSe

About [EIT-FUN-413-K-7]: Title: "Information Security Assessment and Operations"; Presence-Time: 45 h; Self-Study: 195 h
About [EIT-FUN-413-K-7]: The study achievement [L-Schein] proof of successful participation in the practical course / lab must be obtained. It is a prerequisite for the examination for PL1.

Form of examination: examination in form of partial achievements
Examination Frequency: each semester

written exam 60 min (33%) + lab exam 120 min (67%)

The grade of the module examination is also the module grade.

Introduction to information security (10 %)
Security assessment (40 %)
- Introduction to security assessment
- Reconnaissance
- Scanning
- Exploitation
- Post-exploitation
Security operations (30 %)
- Intrusion prevention and detection
- Incident response
- Standards, regulations and security policies
Emerging topics (1-3 current topics per semester, 20 %)
- E.g. Industrial security, cloud security, mobile/IoT security and WiFi auditing

Memorize and define common IT (Information Technology) security taxonomies for threat intelligence, vulnerability assessment and security operations.
Describe the standard methodologies for the phases reconnaissance, scanning, exploitation and post-exploitation of a security assessment.
Describe the standard methodologies for authentication, intrusion detection, intrusion prevention, incident response and physical security in the context of security operations.
Develop and justify information security policies with knowledge of regulatory compliance and industry standards.
Identify security problems in emerging topics of the IT and OT (Operational Technology) fields.
Choose and use common scanning tools to discover potentially vulnerable services on a given target host.
Compose and apply vulnerability exploitation techniques and gain privileged access to show a host is vulnerable.
Analyze and reconstruct information in storage media and log files using common forensic tools
Summarize significant findings and write about necessary technical details to reproduce these findings

None

Course of Study	Section	Choice/Obligation
[EIT-88.781-SG#2010] M.Sc. Electrical and Computer Engineering [2010]	Elective Subjects	[W] Elective Module
[EIT-88.A44-SG#2018] M.Sc. Media and Communication Technology [2018]	Technical Elective Subjects	[W] Elective Module
[EIT-88.?-SG#2021] M.Sc. Electrical and Computer Engineering [2021]	Technical Elective Modules	[W] Elective Module
[EIT-88.?-SG#2021] M.Sc. Media and Communication Technology [2021]	Technical Elective Modules	[W] Elective Module
[EIT-88.?-SG#2021] M.Sc. Automation and Control (A&C) [2021]	Elective Modules	[W] Elective Module