| INFORMATION TECHNOLOGIES (ENGLISH, NONTHESIS) | |||||
| Master | TR-NQF-HE: Level 7 | QF-EHEA: Second Cycle | EQF-LLL: Level 7 | ||
| Course Code | Course Name | Semester | Theoretical | Practical | Credit | ECTS |
| CYS5123 | Web Application Security: Hacking and Defence | Fall | 3 | 0 | 3 | 12 |
| This catalog is for information purposes. Course status is determined by the relevant department at the beginning of semester. |
| Language of instruction: | English |
| Type of course: | Departmental Elective |
| Course Level: | |
| Mode of Delivery: | Face to face |
| Course Coordinator : | Assist. Prof. AHMET NACİ ÜNAL |
| Recommended Optional Program Components: | None |
| Course Objectives: | Teaching organizational management methods of information security. Discussing data access models. Discussing information security policies. |
|
The students who have succeeded in this course; Information management. Data access models. Information management legislation. Auditing and certification of information management processes will be though. |
| Introduction of data security principles. Standards defining data security levels. Standards regarding user security levels. Classification of data stored in the information systems. Classification of user access levels from security perspective. Access monitoring, auditing and reporting with respect to defined user and data security levels. Information management strategies and policies. Introducing national and international information management legislation. |
| Week | Subject | Related Preparation |
| 1) | Course outline | Lecturer notes |
| 2) | Information security and access | Lecturer notes |
| 3) | Confidentiality levels and access levels | Lecturer notes |
| 4) | Access models | Lecturer notes |
| 5) | Confidentiality classification methods | Lecturer notes |
| 6) | Auditing access | Lecturer notes |
| 7) | Undeniability of access | Lecturer notes |
| 8) | Information management concept | Lecturer notes |
| 9) | Information management policies | Lecturer notes |
| 10) | Information management standards | Lecturer notes |
| 11) | Certification of information management | Lecturer notes |
| 12) | National and international information management principles | Lecturer notes |
| 13) | Daily topics | Lecturer notes |
| 14) | Daily topics | Lecturer notes |
| Course Notes / Textbooks: | Management of Information Security, 4th Ed., Michael E. Whitman, Herbert J. Mattord, 2013, Cengage Learning. Fundamentals Of Information Systems Security, 2nd Ed., David Kim, Michael G. Solomon, 2013, Jones & Bartlett Learning. |
| References: | Ders notları |
| Semester Requirements | Number of Activities | Level of Contribution |
| Attendance | 10 | % 0 |
| Homework Assignments | 4 | % 10 |
| Presentation | 1 | % 10 |
| Midterms | 1 | % 20 |
| Final | 1 | % 60 |
| Total | % 100 | |
| PERCENTAGE OF SEMESTER WORK | % 40 | |
| PERCENTAGE OF FINAL WORK | % 60 | |
| Total | % 100 | |
| Activities | Number of Activities | Duration (Hours) | Workload |
| Course Hours | 14 | 3 | 42 |
| Study Hours Out of Class | 14 | 12 | 168 |
| Presentations / Seminar | 2 | 3 | 6 |
| Homework Assignments | 4 | 8 | 32 |
| Midterms | 1 | 20 | 20 |
| Final | 1 | 20 | 20 |
| Total Workload | 288 | ||
| No Effect | 1 Lowest | 2 Low | 3 Average | 4 High | 5 Highest |
| Program Outcomes | Level of Contribution | |
| 1) | Follows the scientific literature in the field of Information Technology, critically analyzes it, and effectively utilizes it in solving complex IT problems. | 3 |
| 2) | Designs, plans, implements, and manages original projects related to the field of Information Technology. | 3 |
| 3) | Conducts independent studies in the field of Information Technology, assumes scientific responsibility, and evaluates the findings with a critical perspective. | 3 |
| 4) | Presents the outcomes of research and projects effectively in written, oral, and visual forms, in accordance with academic and professional standards. | 3 |
| 5) | Conducts independent research on specialized topics within the field, develops innovative and original ideas, and translates this knowledge into practice and technology. | 3 |
| 6) | Effectively applies advanced theoretical knowledge and practical skills specific to the field of Information Technology; analyzes and develops current software, hardware, and system solutions. | 3 |
| 7) | Acts in accordance with professional, scientific, and ethical principles; takes responsibility by considering the societal, environmental, and ethical impacts of IT applications. | 3 |