IKT447 Trust, Threats, Risk and Vulnerability
- ECTS Credits:
- 7.5
- Responsible department:
- Faculty of Engineering and Science
- Course Leader:
- Arne Øslebø
- Lecture Semester:
- Autumn
- Teaching language:
- Norwegian
- Duration:
- 1 term
The course is connected to the following study programs
- Cyber Security, Master’s Programme
Teaching language
NorwegianCourse contents
The main topics are:
- The core Cyber Security vocabulary (technical perspective)
- Trust and its properties
- Risk and vulnerability assessments
- The STRIDE model, modelling strategies and methods
- Trust and threats related to privacy (PIA, Privacy-by-Design, GDPR)
- “Grunnprinsipper for IKT sikkerhet” from the Norwegian National Security Authority
- Common threats to cloud and hybrid cloud infrastructure
Learning outcomes
On successful completion of the course, the students should:
- understand the core cyber security and privacy vocabulary
- understand the concepts of trust in cyber security
- understand the central concepts relating to threats, risk and vulnerability in ICT
- be able to do a simple risk and vulnerability assessment
- have an overview understanding of the document “Grunnprinsipper for IKT sikkerhet” from the Norwegian National Security Authority and how it can be used to lower risk and vulnerabilities.
- be well acquainted with the STRIDE model and methods
- be able to apply STRIDE on small projects
- be well acquainted with threats and risks associated with privacy
- be well acquainted with threats to cloud and hybrid cloud infrastructure
Examination requirements
Compulsory hand ins and presentations must be approved. Information about compulsory assignment will be given in Canvas at the start of the semester.
Teaching methods
Lectures, weekly exercises, and assignments.
The total expected workload is estimated to be approximately 200 hours for the average student. Students may find that they need to work more than this, especially if they target better grades.
Evaluation
The person responsible for the course decides, in cooperation with student representative, the form of student evaluation and whether the course is to have a midway or end of course evaluation in accordance with the quality system for education, chapter 4.1.
Offered as Single Standing Module
Yes. Subject to availability or capacity.
Admission Requirement if given as Single Standing Module
Admission requirements for the course are the same as for the master’s programme in Cyber Security.
Assessment methods and criteria
Written examination, 3 hours. Graded assessment.