Upon successful completion of this course, the student should be able to
- understand the needs of enterprise information security and the importance of risk management
- be familiar with the laws and regulations related to information security
- identify company's security risks
- know the company's security policies
- protect against security risks

Topics to be covered in the course include the following:
- Security and Risk Management
- Protection of information assets
- Security Engineering
- Communications and Network Security
- Identity and Access Management
- Security Assessment and Testing
- Security Operations
- Security in the Software Development
- OWASP

- Teaching 48 h
- Independent study 87 h
- The assessment of one’s own learning 1 h
- Studying includes lectures and exercises

- The course web pages
- Online material
- Mark Ciampa: CompTIA Securtiy+ SY0-401 in Depth, Cengage Learning PTR, 2014. (Safari Books Online)
- Adam Gordon: Official (ISC)2 Guide to the CISSP CBK, CRC Press, 2015. (Safari Books Online)

Student has completed courses Orientation to ICT Infrastructures, ICT1TF010 and Server Technologies, ICT4TF021

Grade 1 (40%)
- Knows the basic concepts of network security.
- Understands the importance of information security to the corporation.
- Knows the basics of information security practices.
- Manages the basics of using information security tools.

Grade 3 (70%)
- Knows the information security concepts well
- Able to perceive how the various information security areas are related to the company's operations.
- Manages security practices well
- Able to use information security tools independently

Grade 5 (90%)
- Knows the information security concepts in depth.
- Able to define and analyze the security requirements resulting from the activities of the company.
- Able to develop security practices.
- Knows how to use information security tools excellently.