You are here: Home » Study Plan » Subject

Sciences

Subject: SICUREZZA INFORMATICA (A.A. 2023/2024)

master degree course in COMPUTER SCIENCE

Course year 1
CFU 9
Teaching units Unit Sicurezza informatica
Information Technology (lesson)
  • TAF: Compulsory subjects, characteristic of the class SSD: ING-INF/05 CFU: 9
Teachers: Mirco MARCHETTI
Moodle portal

Aula virtuale su Microsoft Teams

Exam type oral
Evaluation final vote
Teaching language Italiano
Contents download pdf download

Teachers

Mirco MARCHETTI

Overview

"The course addresses the main issues related to the security of systems, services, and internet-based applications.

In the first part, the vulnerabilities of systems, networks, and applications are analyzed, along with the main types of direct and indirect attacks.

The second part delves into methodologies and mechanisms for the defense of network systems, including cryptography, authentication and authorization methods, security protocols, digital signatures, certification authorities, and monitoring systems.

The third part is dedicated to the design of secure network systems, including, Intrusion Detection Systems (IDS), VLANs, VPNs, and DMZs.Attack techniques and protection methodologies and tools are considered in depth."

Admission requirements

Operating systems, Network protocols

Course contents

Part I - Attacks [approx 24 hours - 3 CFU]
- Security communication protocols
- Wireless protocols vulnerabilities
- Operating systems and network applications vulnerabilities
Part II - Defense [approx 24 hours - 3 CFU]
- Risk maangement and security governance
- Private/Public Key systems, digital signature, certification authority
- Secure protocols: IPsec, SSL, HTTPS, S/MIME, SSH, PGP
Part III - Design of secure architectures [approx 24 hours - 3 CFU]
- Intrusion Detection System
- VLAN, NAT, Virtual Private Network, Intranet e Extranet, DMZ.

Teaching methods

The course consists of theoretical classroom teaching with the support of a projector and integrated slides, combined with practical hands-on training in a laboratory where each student has their own workstation. The course is delivered in the Italian language and requires in-person attendance. While attendance is not mandatory, it is strongly recommended.

Assessment methods

The examination consists of two parts typically conducted on consecutive days and aims to assess the knowledge and practical skills related to the learning objectives described earlier. The first part takes place in the laboratory, where students are required to demonstrate their ability to solve a security problem provided by the instructor, similar to the problems analyzed and solved during the practical exercises. The laboratory exam is an individual test with a duration of 60 to 90 minutes. It carries a maximum score of 11 out of 30 points and is considered passed with a minimum score of 5 out of 30. Students who pass the laboratory exam are eligible for the oral examination, where they must demonstrate their understanding of the theoretical and practical topics covered in the course. The oral exam lasts between 15 and 30 minutes and carries a maximum score of 21 points. The final grade is the sum of the scores obtained in the laboratory exam and the oral exam. The examination is considered passed if the final grade is at least 18. Grades higher than 30 may result in the assignment of honors.

Learning outcomes

- Ability to apply knowledge and understanding of key attack methodologies.
- Ability to apply knowledge and understanding of the main digital information defense methodologies and tools.
- Autonomy of judgment of IT risk and of the adequacy of IT security countermeasures and processes
- Ability to communicate cybersecurity threats and events with industry experts
- Ability to learn new cyber vulnerabilities and threats, defense technologies and cyber risk analysis approaches

Readings

Il corso non seguirà nessun testo