Erinevus lehekülje "ITB8811 Foundations of Information Security Risk Analysis" redaktsioonide vahel
Mine navigeerimisribale
Mine otsikasti
(ei näidata sama kasutaja 28 vahepealset redaktsiooni) | |||
16. rida: | 16. rida: | ||
== Announcements == | == Announcements == | ||
+ | |||
+ | |||
+ | Examination dates: | ||
+ | |||
+ | * 12/17/2019 SCI-028 10:00 | ||
+ | * 1/7/2020 SCI-028 10:00 | ||
+ | * 1/14/2020 SCI-028 10:00 | ||
== Lectures == | == Lectures == | ||
23. rida: | 30. rida: | ||
# [[Media:ITB8811-2019-FinancialRisk.pdf|Financial Risk]] | # [[Media:ITB8811-2019-FinancialRisk.pdf|Financial Risk]] | ||
# [[Media:ITB8811-2019-QualitativeRiskAssessment.pdf|Qualitative Risk Assessment]] | # [[Media:ITB8811-2019-QualitativeRiskAssessment.pdf|Qualitative Risk Assessment]] | ||
+ | # [[Media:Risk-Taxonomy-FAIR.pdf|Factor Analysis of Information Risk (FAIR)]] | ||
+ | # [[Media:ITI8610-Riskmanagement.pdf|Risk Management]] | ||
+ | # [[Media:ITI8610-2019-Reliability.pdf|Reliability and Availability]] and some [[Media:ITB8811-2019-Reliability-Availability-Tasks.pdf|tasks]] to practice | ||
+ | # [https://www.researchgate.net/publication/225151465_Foundations_of_Attack_Trees Foundations of Attack Trees] | ||
+ | # [http://people.rennes.inria.fr/Barbara.Kordy/papers/survey.pdf Attack Tree Survey] | ||
+ | # [https://arxiv.org/pdf/1210.8092.pdf Quantitative Questions on Attack-Defense Trees] | ||
+ | # [https://research.cyber.ee/~peeter/research/attacks11.pdf Rational Choice Of Security Measures via Multi-Parameter Attack Trees] | ||
+ | # [https://digi.lib.ttu.ee/i/?496 Efficient Semantics of Parallel and Serial Models of Attack Trees] | ||
+ | # [[Media:ITB8811-2019-Recap.pdf|Topics to prepare for the test]] | ||
+ | |||
+ | == Assignments == | ||
+ | # Think of an enterprise, a process, a system, or a product and perform qualitative risk analysis using the FAIR framework by filling in the following [[Media:ITB8811-2019-FAIR_Template.zip|FAIR Template]] | ||
+ | # Perform cost analysis of human originated threats in your case studies. Use the tool [https://satoss.uni.lu/members/piotr/adtool/ ADTool] for modeling, export attack trees in XML format and submit. |
Viimane redaktsioon: 9. jaanuar 2020, kell 07:24
Course information
Code: ITB8811 Foundations of Information Security Risk Analysis
ECTS: 6
Assessment form: examination
Instructor: Aleksandr Lenin, email: aleksandr dot lenin at taltech dot ee
Schedule
Tue 10:00 - 11:30 SCI-028 Lecture
Tue 11:45 - 12:15 SCI-028 Practice
Announcements
Examination dates:
- 12/17/2019 SCI-028 10:00
- 1/7/2020 SCI-028 10:00
- 1/14/2020 SCI-028 10:00
Lectures
- Introduction
- Security Risk
- Financial Risk
- Qualitative Risk Assessment
- Factor Analysis of Information Risk (FAIR)
- Risk Management
- Reliability and Availability and some tasks to practice
- Foundations of Attack Trees
- Attack Tree Survey
- Quantitative Questions on Attack-Defense Trees
- Rational Choice Of Security Measures via Multi-Parameter Attack Trees
- Efficient Semantics of Parallel and Serial Models of Attack Trees
- Topics to prepare for the test
Assignments
- Think of an enterprise, a process, a system, or a product and perform qualitative risk analysis using the FAIR framework by filling in the following FAIR Template
- Perform cost analysis of human originated threats in your case studies. Use the tool ADTool for modeling, export attack trees in XML format and submit.