B-CS Cybersecurity questions
Single-subject curriculum
Technology and Security
-
Computer Systems. Number systems, relationships between systems, whole number representation in the computer, arithmetic. Codes, internal, external, detection and correction. Processors, their parameters and architectures. Internal and external memories and principles of their function. Computer input and output devices and their connection.
(PB151)
-
Operating systems. Operating system architecture, kernel architecture, basic processor modes. Programming interfaces, libraries. User, access rights, virtualization. Virtual memory, process and page tables. Threads, thread and process scheduling. Concurrency, deadlock, resource allocation. Process creation and program execution in POSIX systems, copy-on-write.
(PB152,
PB152cv,
PV004)
-
File systems. Block device, block layer, I/O scheduler, RAID, disk encryption. Plain files, free space allocation, fragmentation. Directory structure and its representation on disk. Memory mapped input and output.
(PB152,
PV004)
-
Networks. Layer models of computer networks (ISO/OSI, TCP/IP). Physical layer, signals and their encoding, media access control. Interconnection of computer networks. Network protocols, switching and routing, multicast. Secured data transmission, connection setup and termination. Transport protocols.
(PB156,
PB156cv)
-
Network applications and security. Basic application protocols: mail delivery, file transfer, web, name service. Principles of service description and quality assurance, use for multimedia. Network communication security, authentication and encryption, security at the protocol layer.
(PB156,
PB156)
-
Principles of programming. Structured programming in imperative language. Program memory model; memory management, dynamic allocation, working with user data structures. Low-level memory handling, pointer, array and pointer arithmetic. Methods of program debugging. Safe programming and software development
(PB071,
PV080).
-
Databases. Relational model, relational schema, keys of relational schemas, integrity constraints, relational algebra, linking relations. SQL query language (select statement, session joins, aggregation functions). Query processing. Basic principles, example. Indexing. Transactions. Features of transaction processing.
(PB168)
-
Software and information systems Development and operation of software systems. Use of UML in software development. Applied information systems. Architectures of large-scale information systems. Methods of managing large-scale projects. IS operations management.
(PB007,
PV028)
-
Basic security functions and their assurance - confidentiality, integrity, availability, undeniability of origin. Organisation and management of security, security policies and procedures. Cybersecurity management structure, roles, responsibilities and competencies.
(PV080)
-
Authentication and access control methods. Biometric authentication methods, their implications and problems. Electronic signature and its use. Authentication of machines and applications.
(PV080,
PV157)
-
Risk analysis and management. Asset management, risk analysis, risk measures and their effectiveness. Identity and access control, ACLs, privileged users. Change, configuration, vulnerability and patch management. Audit, security, standards, security assessment.
(PV080,
PV157)
-
Security Architecture (state semester Fall 2023 and Spring 2024). Network security, network isolation and segmentation, firewalls. Monitoring, detection, and logging. Operating systems security, data security.
(PB156,
PB156cv,
PV004)
-
Security Architecture (statewide starting Fall 2024 semester). Network security, network isolation and segmentation, firewalls. Monitoring, detection, and logging. Operating systems security, data security.
(PB156,
PB156cv,
PV004,
PV175)
-
Cybersecurity in the organization. Roles and activities of an organization's security team. Cybersecurity incident and its resolution. Security alerts. Applicable security.
(PV080,
PV210,
PV017)
Cybersecurity law and policy
-
Definition of security studies. The terms security, threat and risk and their application to cybersecurity. Internal and external security and sectors from a cybersecurity perspective. Security policy definition and analysis with a focus on cybersecurity policy.
(BSSb1101)
-
Security Strategy. Documents of the Czech Republic and the importance of cybersecurity in them. Security system of the Czech Republic and the role of institutions in the field of cybersecurity.
(BSSb1103)
-
Cyberwarfare. Definition, history, current trends. Identification of actors, problems of attribution of cyber attacks, possibility of deterrence in cyberspace. The concept of netwars and its use in cyber conflict.
(BSSb1152)
-
Critical Infrastructure Protection. Cyber attacks on critical infrastructure. Attribution and deterrence in cyberspace.
(BSSb1103)
-
Legal regulation of cyber security in the Czech Republic and the EU. Basic institutes, principles, obligatory bodies, system of cyber security assurance.
(BVV03K)
-
Cybercrime. Sources of law (national, European and international), typical criminal activities, classification of crimes, legal qualification and related procedures and criteria, international cooperation.
-
Electronic evidence and its securing. Procedural institutes and their practical use, handling of electronic evidence, electronic documents.
(BVV03K)
-
Protection of personal data. Legal regulation. Principles and principles of personal data processing - definition, basic principles, risk assessment, proportionality test. Purposes of processing. Legal titles. Law on personal data processing - the Office of Personal Data Protection and its role and position in the Czech Republic.
(BI301K)
-
Electronic signature and electronic seal. Legal regulation and types. Data boxes - legal regulation and practice of use.
(BI301K)
For students studying under the
2020/2021 audit template and students under the 2021/2022 template who have taken BI201K instead of BI301K, the last two questions are replaced by the following two:
-
Intellectual Property Law Protection of copyright works, uses, technological means of protecting works, protection of computer programs, software licenses, database rights.
(BI201K)
-
Liability of information society service providers. Legal regulation in the Czech Republic and in the EU, decision-making practice, information society service provider, limitation of liability.
(BI201K)