ITB8811 Foundations of Information Security Risk Analysis
Mine navigeerimisribale
Mine otsikasti
Course information
Code: ITB8811 Foundations of Information Security Risk Analysis
ECTS: 6
Assessment form: examination
Instructor: Aleksandr Lenin, email: aleksandr dot lenin at taltech dot ee
Schedule
Tue 10:00 - 11:30 SCI-028 Lecture
Tue 11:45 - 12:15 SCI-028 Practice
Announcements
Examination dates:
- 12/17/2019 SCI-028 10:00
- 1/7/2020 SCI-028 10:00
- 1/14/2020 SCI-028 10:00
Lectures
- Introduction
- Security Risk
- Financial Risk
- Qualitative Risk Assessment
- Factor Analysis of Information Risk (FAIR)
- Risk Management
- Reliability and Availability and some tasks to practice
- Foundations of Attack Trees
- Attack Tree Survey
- Quantitative Questions on Attack-Defense Trees
- Rational Choice Of Security Measures via Multi-Parameter Attack Trees
- Efficient Semantics of Parallel and Serial Models of Attack Trees
- Topics to prepare for the test
Assignments
- Think of an enterprise, a process, a system, or a product and perform qualitative risk analysis using the FAIR framework by filling in the following FAIR Template
- Perform cost analysis of human originated threats in your case studies. Use the tool ADTool for modeling, export attack trees in XML format and submit.