Jedes Modul umfasst 3 ECTS. Sie wählen insgesamt 10 Module/30 ECTS in den folgenden Modulkategorien:
- 12-15 ECTS in Technisch-wissenschaftlichen Modulen (TSM)
TSM-Module vermitteln Ihnen profilspezifische Fachkompetenz und ergänzen die dezentralen Vertiefungsmodule. - 9-12 ECTS in Erweiterten theoretischen Grundlagen (FTP)
FTP-Module behandeln theoretische Grundlagen wie die höhere Mathematik, Physik, Informationstheorie, Chemie usw. Sie erweitern Ihre abstrakte, wissenschaftliche Tiefe und tragen dazu bei, den für die Innovation wichtigen Bogen zwischen Abstraktion und Anwendung spannen zu können. - 6-9 ECTS in Kontextmodulen (CM)
CM-Module vermitteln Ihnen Zusatzkompetenzen aus Bereichen wie Technologiemanagement, Betriebswirtschaft, Kommunikation, Projektmanagement, Patentrecht, Vertragsrecht usw.
In der Modulbeschreibung (siehe: Herunterladen der vollständigen Modulbeschreibung) finden Sie die kompletten Sprachangaben je Modul, unterteilt in die folgenden Kategorien:
- Unterricht
- Dokumentation
- Prüfung
The course will
first give the necessary background knowledge in the field of
cybersecurity such as CIA and availability as well as data security. Thereby,
the module will define a threat and risk assessment accompanied with main
security standards and General Data Protection Regulation (GDPR).
Based on that, it will go in
deep to permit the student to have a complete overview how identify and list threats
and risks. Then, the student will be able to propose and implement a list of
mitigation mechanisms. This will be applied in three security fields: software
development, software security and web security based on tools.
The course
covers the following core topics:
- Reminder of basic knowledge about security
- Security development
- Software security
- Web security
Eintrittskompetenzen
- Cryptography basics
- Knowledge of at least one programming language, such as C, Python, Java
Lernziele
- Understand and choose the appropriate cryptographic primitive(s)
- Identify and list the threats and risks of a system and propose different kind of mitigation mechanisms
- Understand, apply and use processes and tools towards secure development
- Understand, identify vulnerabilities in software and web applications then propose mitigations
Modulkategorie
Basics (25%):
- Confidentiality, integrity, availability, authenticity, authorization, accounting
- Threat model, malwares, etc.
- Data Protection and GDPR
- Risk and threat analysis and standards
Secure development (25%):
- SDLC: fundamentals of DevOps and how DevOps teams can build and deliver secure software
- Secure DevOps: How to build security into Continuous Delivery and Continuous Deployment
- The tools, patterns, and techniques of security automation in DevOps
Software security (25%):
- Software vulnerability identification (SANS Top 25)
- Software exploitation techniques and tools
- Software protections and mitigations
Web application security (25%):
- Web vulnerabilities (OWASP top 10)
- Web exploitation techniques and tools
- Web protections and mitigations
Lehr- und Lernmethoden
This
course involves theoretical presentations and hands-on exercises.
Bibliografie
Lecture slides, references to internet resources and books are
mentioned during the module introduction.
Vollständige Modulbeschreibung herunterladen
Zurück