課程介紹
課程內容
項次 | 課程大綱 |
(1) | Course Introduction:網路資訊的基礎學理 |
(2) | CCNA簡介、Communicating over the network (I):網路基本運作原理、TCP/IP 網路安全導論、資料庫安全導論 |
(3) | Communicating over the network (II):OSI 7概念、乙太區域網路基礎、網路安全模型運作 |
(4) | Application Layer Functionality and Protocol:WAN與IP路由基礎、ICMP協定、ARP協定及資安威脅 |
(5) | 資訊安全管理政策及程序 |
(6) | 資訊安全法令(資安管理法、刑法、營業秘密概論) |
(7) | Midterm Exam. Time and Place to be announced. |
(8) | 網段資安的基本概念 |
(9) | 資安管理系統基本概念 |
(10) | 漏洞掃描及滲透測試概念 |
(11) | 紅隊攻防腳本概念 (實務) |
(12) | 事件緊急應變及數位鑑識概論 |
(13) | 雲端資安概念簡介 |
(14) | 同學的期末報告及研討 |
考核方式與比例
2.期中測驗 30% (期刊論文報告或考試)
3.期末報告 40% (報告15分鐘/1-2人一組/繳交投影片及報告)
教材資訊
●參考資訊:
1.本堂老師整理的投影片
2.教育部資訊安全人才培育計畫的參考投影片
3.Kali Linux滲透測試工具(第三版)
4.潘天佑(2012),資訊安全概論及實務(第三版),碁峯出版社。
5.李華峰(2020),不會C也是資安高手,用Python和駭客大戰三百回合,深智數位。
6.Mike Chapple, Darril Gibson, & James Michael Stewart. (2021). (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide, 9th Edition. Sybex.
7.期刊文獻報告:
(1) Hijji, & Alam, G. (2021). A Multivocal Literature Review on Growing Social Engineering Based Cyber-Attacks/Threats During the COVID-19 Pandemic: Challenges and Prospective Solutions. IEEE Access, 9, 7152–7169.
(2) CÎRNU, ROTUNĂ, C. I., VEVERA, A. V., & BONCEA, R. (2018). Measures to Mitigate Cybersecurity Risks and Vulnerabilities in Service-Oriented Architecture. Studies in Informatics and Control, 27(3), 359–368.
(3) Modi, Patel, D., Borisaniya, B., Patel, H., Patel, A., & Rajarajan, M. (2013). A survey of intrusion detection techniques in Cloud. Journal of Network and Computer Applications, 36(1), 42–57.
(4) Aryanto, Oudkerk, M., & van Ooijen, P. M. A. (2015). Free DICOM de-identification tools in clinical research: functioning and safety of patient privacy. European Radiology, 25(12), 3685–3695.
(5) Husák, Sadlek, L., Špaček, S., Laštovička, M., Javorník, M., & Komárková, J. (2022). CRUSOE: A toolset for cyber situational awareness and decision support in incident handling. Computers & Security, 115, 102609–.
(6) Scott. (2020). Red teaming financial crime risks in the banking sector. Journal of Financial Crime, 28(1)
(7) Ahmed, Hassan, R., & Othman, N. E. (2017). IPv6 Neighbor Discovery Protocol Specifications, Threats and Countermeasures: A Survey. IEEE Access, 5, 18187–18210.
(8) Pastor, A., Mozo, A., Vakaruk, S., Canavese, D., Lopez, D. R., Regano, L., Gomez-Canaval, S., & Lioy, A. (2020). Detection of Encrypted Cryptomining Malware Connections With Machine and Deep Learning. IEEE Access, Access, IEEE, 8, 158036–158055.
(9) Xu, Dong, W., Xing, J., Lei, W., Liu, J., Gong, L., Feng, M., Zheng, X., & Liu, S. (2023). Delay-CJ: A novel cryptojacking covert attack method based on delayed strategy and its detection. Digital Communications and Networks.
其他說明