Bachelor
2024/2025
Operation Systems Security
Type:
Compulsory course (Information Security)
Area of studies:
Information Security
Delivered by:
Department of Cyber-Physical Systems Information Security
Mode of studies:
offline
Open to:
students of one campus
Instructors:
Danil Smirnov
Language:
English
ECTS credits:
6
Contact hours:
40
Course Syllabus
Abstract
Operating system security is the field of knowledge about the architecture of operating systems, built-in mechanisms for ensuring and monitoring information security. This discipline examines the security criteria of computer systems, the concept of creating a highly reliable computing base, the basis of identification, authentication, authorization and access control. The study reveals in detail aspects of the work of information security monitoring centers based on an OS security audit. The discipline also examines information system vulnerabilities and attacks on information systems. Separately, aspects of the work of destructive software influences (malware and tools of attackers when carrying out attacks on information systems) are studied. During training, monitoring of student knowledge is provided in the form of recording student activity at the seminar and exam
Learning Objectives
- Introduction to the principles of operating system security
- Developing skills in setting up security and audit mechanisms
- Developing skills to identify signs of an attack using operating system logs
- Formation of an idea about the work of an analyst of the Security Operations Center (SOC)
Expected Learning Outcomes
- Defines the basic concepts and objectives of operating system security
- Knows the security principles of Windows NT operating systems
- Knows the security mechanisms of Linux Kernel
- Can configure auditing in Windows family operating systems
- Knows the principles of built-in and additional auditing in Windows family operating systems
- Can configure auditing in the Linux kernel
- Knows the built-in and additional auditing mechanisms in the Linux kernel
- Can configure auditing of a domain environment using Active Directory as an example
- Knows the principles of identification, authentication and authorization of subjects of the Active Directory domain environment (NTLM, Kerberos, LDAP, SMB protocols)
- Knows aspects of the vulnerability management process in an organization
- Knows the classification of information system vulnerabilities
- Knows the classification of attacks on information systems (MITRE ATT&CK, KillChain)
- Knows aspects of attack mitigation and detection (according to MITRE ATT&CK)
- Knows the main methods of attacks on information systems using malware
- Knows aspects of mitigation and detection of attacks using malware
- Knows the topology of a typical corporate computing network
Course Contents
- Introduction to the subject
- Basic security principles of Windows NT
- Basic security principles of Linux kernel
- Basic principles of Windows OS security audit
- Basic principles of Linux kernel security audit
- Basic security principles for an Active Directory domain environment
- Vulnerabilities of information systems
- Attacks on information systems
- Malicious software (malware)
- Key aspects of building a secure information systems
Interim Assessment
- 2024/2025 2nd module0.2 * Практическая работа 1 + 0.2 * Практическая работа 2 + 0.2 * Практическая работа 3 + 0.4 * Экзамен
