Unit INFORMATION SECURITY AUDITING, CERTIFICATION AND DIGITAL FORENSICS

Course
Informatics
Study-unit Code
A002089
Curriculum
Cybersecurity
Teacher
Alfredo Milani
Teachers
  • Alfredo Milani
Hours
  • 42 ore - Alfredo Milani
CFU
6
Course Regulation
Coorte 2020
Offered
2021/22
Learning activities
Caratterizzante
Area
Discipline informatiche
Academic discipline
INF/01
Type of study-unit
Obbligatorio (Required)
Type of learning activities
Attività formativa monodisciplinare
Language of instruction
English
Contents
1 Information Security policies Information security standards and certification process
2 Risk analysis and management
3 Product certification and Common Criteria ISO/IEC 15408
4 Process certification and ISO27001 ISO 27002
5 Business Continuity and Disaster recovery
6 Secure Coding best practice and standards
7 Cybersecurity early warning, monitoring and response infrastructures
8 Digital and Computer Forensics
Reference texts
All the reference material is available http://unistudium.unipg.it (ISO standard ISO are available for consultation on request)
Lecture notes and slides
Auditing Guidelines
Documents describing Common Criteria Standard and ISO 2700* standards
Educational objectives
Knowledge of main available standard for Information Security and IT product/process security.
Knowledge of main software vulnerability and secure programming best practice
Knowledge of main local and international infrastructures for service of monitoring, reactions to critical cybersecutiry events.-
Ability of analyzing and assessing the aspects of an IT process/product relate to IT security issues, and their certification.
Ability of making a motivated adoption of secure programming techniques.
Knowledge of main issue and ability of implementing a process of computer forensics , including digital evidence collection and maintenance
Prerequisites
General knowledge of IT systems, DB management.
Basics of computer programming in a standard programming language. Basic principles of cybersecnagement systems, Network maurity
Teaching methods
Front lessons.
Case studied and discussions.
Expert seminars.
Students report presentations,
Final project
Other information
Elearning platform for student-lecturer interaction and communication (lectures notes, online assignments etc.)
http://www.unistudium.unipg.it

Classes time tab e and Exams Schedule
http://www.dmi.unipg.it/didattica/corsi-di-studio-in-informatica/informatica-magistrale

The digital forensic classes will also host seminars from professional expert in the fiels
Learning verification modality
Written Final Examination and final project for students non attending the course.
Continuous assessment with assignments and projects for students attending the course. Continuous assignment consisting in students report presentation. Final project will be on assigned topic about information security/digital forensic
Extended program
Programme:

1 Introduction: Information Security policies, example of policies. General principles: logical and physical security.

2 Information security certification: actors of the certification process. Standards and Certification.
Product certification: ITSEC, Common Criteria (TOE, assurance level). Process Certification from BS7799 to ISO17799 and to
ISO2700* family. The main certification authority and actors in Italy. Auditor professionals certification.

3 Risk analysis and Risk Management. Vulnerabilities and information assets. Quantitative/Qualitative methods. Residual risk. Countermeasures.
Emergency and information security disaster management. Information security. Backup policies and techniques.

4 Product Certification for Information Security: ISO/IEC 15408 Common Criteria certification: general structure, Target of Evaluation,
Security Target (security target components, security requirement rationale etc.).
Security Functional classes and Assurance classes, structurt (classes, families,
components, dipendency). The assurance level EAL. Protection Profiles
Case studied on CC certificated product.

5 Process certification for Information Security: ISO27001/2 e BS7799 certification. The PDCA process. Structure and goals of an ISMS, the 11 areas of interests. ISO27002 control points.
Case studied: auditing a process according to ISO27002. Other certifications e.g. Health Informatics.

6 Secure Coding: most common software errors and vulnerabilities' (guidelines, areas and common weakness enumeration) Secure programming best practice standards. : rules and recommendation, structure, level and assessment of risk and vulnerability

7 Cybersecurity early warning, monitoring and response infrastructures.
CERT/CSIRT e ISAC, goals and functions. Situation of CERTs in Italy, Europe and the world. Italian AgID, ENISA
CWE Common Weakness enumeration and resources
8 Digital and Computer Forensics: Techniques
and methods of digital forensic. Protocols of acquisition, custody chain and integrity of digita evidence The main hardware and software tools. Analysis of non standard digital devices. Counter-forensics.
Condividi su