Bachelor's programme Information and Communication Security

The aim of the course Algorithm Design and Scripting is to develop students' ability for structured thinking and basic analytical skills necessary for describing processes and solving problems. Students will become familiar with basic forms of algorithm notation (in natural language and graphical form), will deepen their existing algorithmic skills, and will learn to create and implement algorithms in a selected scripting language.

1. Introduction to algorithm design.
2. Methods of algorithm development.
3. Basic structural elements.
4. Flowchart language.
5. Expressions.
6. Simple algorithms.
7. Algorithms involving numerical sequences.
8. Introduction to the Python scripting language.
9. Algorithms involving indexed variables (lists, strings).
10. Subprograms.
11. Input processing (text files).
12. Algorithms involving structured variables (lists, sets).

The course Computer Architecture introduces students to the history and especially the current state of computer architecture at various levels of abstraction. Students will be able to navigate the dynamically evolving architecture of computer systems and will be capable of selecting an optimal hardware configuration to solve a specific problem.

Lecture content:

1. Motivation (course objectives), organisation of teaching and course requirements, purpose and objectives of the semester project, requirements for the semester project (content and formal), rules of typography and citation of sources.
2. Structure of a computer, historical development of computing technology (computer generations, J. von Neumann principles).
3. Logic circuits.
4. Processors – structure, instructions, instruction cycle, registers, performance measurement.
5. Techniques for increasing computing performance, computation parallelism.
6. Current processors for servers, personal computers, and mobile devices (Intel, AMD, ARM, etc.), expected developments.
7. Principles of wired data transmission. Principles of wireless data transmission.
8. Modern computer buses and interfaces, motherboards, chipsets.
9. Memory – computer memory hierarchy, memory types and technologies, qualitative and quantitative memory parameters.
10. Input devices of a computer. Output devices of a computer.
11. Graphics adapters and display units, GPGPU.
12. Hardware of mainframes, data centres, and supercomputers.

Seminar content:

1. Introduction to the Arduino IDE and the Wiring language (library).
2. Basic structures of the Wiring language.
3. More advanced structures of the Wiring language.
4. Library and user-defined functions in the Wiring language.
5. Arduino – serial communication and loops.
6. Arduino – graphical output.
7. Arduino – working with memory (FLASH, SRAM, EEPROM).
8. Arduino – communication and peripherals.
9. Arduino – voltage measurement.
10. Logic circuits (simulation in simulation software).
11. Personal computer hardware.
12. Defence of semester projects.

Seminars 1–9 will take place in the Intelligent Systems Laboratory.

The aim of the course Data Networks is to familiarise students with the principles of communication networks and their security. After completing the course, the student will be able to design and configure a small LAN network. The course focuses on key aspects of network functionality and related security measures.

1. Introduction – a connected world.
2. Types of communication networks.
3. Introduction to computer networks – provided services, concepts, network security, and current trends.
4. Authentication.
5. Securing communication (IPSec, TLS, SSH).
6. Types of active network devices (routers, switches, L3 switches).
7. Network operating systems – for end-user and intermediate devices, types of OS, Cisco IOS command syntax, basic configuration.
8. Identification in networks (physical addresses, network addresses, application names) and their usage.
9. Small-scale network design – network design and planning concepts, ensuring security, and troubleshooting in small-scale network.
10. LAN configuration.
11. Ensuring network availability.
12. Network monitoring and management.

The aim of the course Mathematics and Statistics for Computer Science is to introduce students to the fundamental tools of mathematics and statistics necessary for further study and for understanding the methods used in computer science subjects.

1. Basics of matrix calculus.
2. Solving systems of linear equations.
3. Introduction to higher mathematics – differential and integral calculus.
4. Polynomials – operations with polynomials, factorisation, and analysis of function behaviour.
5. Fundamentals of probability theory.
6. Discrete and continuous random variables.
7. Selected probability distributions (Poisson, normal).
8. Basics of mathematical statistics.
9. Statistical measures of central tendency and variability for univariate data sets.
10. Description of multivariate statistical data sets.
11. The principle of hypothesis testing and distribution tests.
12. One-sample and two-sample hypothesis tests and the principles of linear regression.

The aim of the course Theoretical Foundations of Computer Science is to introduce students to the basic concepts and methods of formal logic when solving specific deductive problems. Students will become familiar with the structure and semantics of propositional and predicate logic languages and their derivation methods. Furthermore, the student will gain an understanding of computability theory and complexity theory, with an emphasis on the practical "programmer’s" perspective. This is a bachelor-level course, therefore it does not cover narrowly focused topics but basic concepts of algorithm theory — decidability, time and space complexity, and the P=NP problem. Emphasis is also placed on understanding the relationships to practical algorithm design as well as the internal relationships within theoretical computer science.

1. Theoretical computer science – classification, history and purpose. Overview of mathematical methods and concepts necessary for study (sets, relations, etc.).
2. Theory of formal languages and automata, computability and complexity.
3. Basic concepts of computability theory – problem, decidability, partial decidability, properties.
4. Computational model of the Turing machine and its properties.
5. Introduction to formal logic (syntax, semantics).
6. Semantics of propositional logic language, normal forms of propositional formulas.
7. Satisfiability and validity of propositional formulas.
8. Tableaux and resolution indirect proofs and deduction in propositional logic.
9. Model and language of predicate logic, semantics of predicate logic language.
10. Satisfiability and truth in predicate logic.
11. Deduction in predicate logic using indirect proofs.
12. Applications of formal logic in practice.

The aim of the course Operating System Architecture is to familiarise students with the principles of operation of modern client and server operating systems, and to demonstrate key administrative activities using representative examples of these systems.

Lecture Content:

1. The role of operating systems (relation to computer hardware, operating system services, types of operating systems).
2. Operating systems architecture (layered architecture, virtualised architecture, client-server architecture).
3. Process management (process scheduling, communication and process synchronization, deadlock, threads).
4. Main memory management (memory allocation, memory virtualisation).
5. Input/output device management (types of communication, communication means).
6. Secondary memory management (handling requests for secondary memory access).
7. File management (organisation of file systems, allocation methods).
8. Network interface management (network model and network architecture, network protocols).
9. User interfaces (command interpreter, graphical user interface), protection system (object protection, memory protection, security models of operating systems).
10. Distributed operating systems (time and state in distributed environments, transactions and concurrency, concurrency control of transactions, distributed algorithms, multicasting).
11. Real-time operating systems, operating systems for mobile devices.
12. Architecture of Windows, Unix, Linux, MAC OSx.

Seminar Content:

1. Introduction to the course, security rules, review of basic UNIX commands.
2. Development (interpretation vs compilation), filters, pipes.
3. Regular expressions, grep, sed.
4. VIM editor, environment variables, introduction to scripts.
5. Scripts.
6. Scripts.
7. Processes and job control.
8. Filesystem – directory structure, links, find.
9. Filesystem – fdisk, gparted, mkfs, mount.
10. User management.
11. System and application installation, archives.
12. Review and preparation for the test.

The aim of the course Database Systems and Their Design is to introduce contemporary database models and to practically apply the capabilities of modern database systems in the development of custom applications. Upon completion of the course, the student will be able to design a database model for a given application, describe and explain advanced SQL queries and their components, understand the logic of SQL queries, implement database models in common database systems, and use basic PL/SQL constructs.

1. Introduction to database systems – basic database concepts, historical development of data processing, database models.
2. Fundamentals of data modelling – data storage in computers, basic principles of data modelling, entities, relationships, and integrity constraints.
3. ERD and relationship modelling – creation of ER diagrams, advanced modelling tools, time modelling.
4. Database normalization – normal forms, identification of anomalies and their resolution.
5. Conversion of logical to physical model – terminology of conversion, mapping of relationships and structures to database tables.
6. Database creation using DDL – DDL language and its use in defining database structure.
7. Data modification using DML – basic DML commands, working with data: insertion, updating, deletion.
8. Querying with SQL – basics – anatomy of the SELECT statement, use of scalar and aggregate functions.
9. Joining tables in SQL – natural, inner and outer joins, specifics of their use.
10. More complex SQL querying – hierarchical queries and nested queries (simple, multiple, correlated).
11. Basics of PL/SQL – anonymous blocks, transactions, their control and limitations.
12. Advanced PL/SQL constructs – procedures, functions, triggers, exception handling and processing.

The aim of the course Switching and Routing in Computer Networks is to familiarise students with knowledge and skills in the areas of routing, configuration and utilisation of switches in LANs, and other related topics.

1. Virtual Local Area Networks, DTP, VTP.
2. Principles of routing.
3. Static routing, default gateway.
4. Dynamic routing protocols.
5. Routing between VLANs.
6. Remote access to network devices (Telnet, SSH).
7. IPv6 and its applications.
8. Dynamic IP address assignment (DHCP).
9. Translation of network addresses to physical addresses – ARP, Neighbor Discovery, IPv6 address assignment – DHCPv6, SLAAC.
10. Network Address Translation (NAT).
11. Redundancy in LAN (STP, EtherChannel, HSRP).
12. Access Control Lists (ACLs) and their use in networks.

The aim of the course Computer Network Protocols is to familiarise students with knowledge and skills related to protocols used in computer networks.

1. Network protocols and communication principles – TCP/IP and ISO OSI reference models, encapsulation of network protocols.
2. Physical media and signal transmission – metallic, optical and wireless media; encoding, modulation, media access methods.
3. Ethernet and WiFi networks – Ethernet specifications, frame format, frame switching principles, ARP protocol, basic principles of WiFi networks.
4. Network layer protocols – IPv4 and IPv6, header format, routing principles, basic router configuration.
5. IP addressing – structure of IPv4 address, subnet mask, special IPv4 and IPv6 addresses, ICMP protocol.
6. Address space design – classful and classless IPv4 addressing, subnetting, IPv4 and IPv6 address planning.
7. Transport layer protocols – TCP and UDP, ensuring reliability using TCP protocol.
8. Application layer – HTTP(S), e-mail (SMTP, IMAP, POP3), DNS, DHCP, Telnet, SSH, FTP, TFTP.
9. Medium-scale network design – network and service concepts and design, ensuring security and troubleshooting.
10. Network device security – types of authentication, password protection.
11. Network management and monitoring – network management tools, performance analysis, logging and audits.
12. Network communication security – encryption, VPNs, firewalls, IDS/IPS systems.

The aim of the course Operation and Maintenance of Information Systems is to provide students with knowledge and an overall understanding of the relationship between informatics and the global strategy of an enterprise, as well as knowledge related to the basic principles of enterprise information systems (ERP). Students will deepen their understanding of IS architecture, lifecycle, and development methodologies. Emphasis will be placed on the final stages of the lifecycle, specifically on the administration, operation, and maintenance of information systems. Students will gain familiarity not only with methodologies and notations of the object-oriented approach to software application development, but also with the latest technologies for managing and operating information systems, including cloud technologies—namely the basics of developing applications for cloud-based solutions with a focus on deployment, administration, and maintenance of such applications. The lectures will also cover security policies, including practical examples.

1. Basic concepts and definitions – defining fundamental IS/ICT terms, IS/ICT in the economic environment, IS/ICT trends.
2. Importance of IS/ICT architecture – the role of architecture in the implementation and administration of IS/ICT.
3. Types of IS architectures – global and partial IS architecture, 4+1 view model architecture.
4. Modern approaches to IS architecture – component-based architecture and SOA, model-driven architecture (MDA).
5. Architectures of web and enterprise applications – MVC architecture for web applications, enterprise architecture (Zachman, TOGAF).
6. UML notation for IS architecture modelling – overview and use of basic UML elements in IS design.
7. Information system development lifecycle – phases of the IS development lifecycle, rigorous and agile IS development methodologies.
8. IS as a service – service definition, service catalogue, IS-as-a-service deployment (procedures and methodologies, economic perspective).
9. Operation and maintenance of IS – IS operation and maintenance, agile and lean operations (testing, refactoring).
10. IS service support – primary and secondary system support (Helpdesk, error resolution, updates, ticket management).
11. Introduction to cloud technologies – definition of key terms, understanding repeaters and service monetisation.
12. Deployment and administration of cloud applications – creating and deploying a cloud application, basics of administration, maintenance, and monitoring.

The course Fundamentals of Object-Oriented Design is focused on introducing students to the basics of object-oriented design. The programming language Python is used throughout the course. Students will learn object-oriented design concepts, from classes and their methods and attributes to design patterns.

1. Fundamentals of object-oriented design.
2. Class design – introduction.
3. Class design – continuation.
4. Sharing data between objects.
5. Relationships between classes – association and aggregation.
6. Relationships between classes – composition, nested class, collections.
7. Inheritance.
8. Polymorphism.
9. Review of inheritance and polymorphism.
10. Large-scale projects.
11. Design patterns – from the beginning to the Builder design pattern.
12. Design patterns – other design patterns.

The aim of the course Windows Operating Systems is to familiarise students with the architecture, features, and management principles of Microsoft Windows operating systems across various versions and types, used both on client workstations and servers.

1. Deployment options of the operating system.
2. Management and configuration of the Windows operating system.
3. Implementation of Microsoft Active Directory.
4. Use of Microsoft Active Directory for administration.
5. Microsoft Azure services.
6. Windows Server as a File Server.
7. Tools for remote management of Windows.
8. Security configuration of the Windows operating system.
9. Internet Information Services (IIS).
10. Windows Server Update Services (WSUS).
11. Application software deployment.
12. Management using System Center Configuration Manager (SCCM).

The course Artificial Intelligence in Cyber Security provides a comprehensive overview of the principles, benefits, and limitations of using artificial intelligence (AI) in the field of cyber security. Students will connect theoretical foundations with practical scenarios of AI deployment for monitoring, analysis, and autonomous incident response. They will become familiar with Explainable AI (XAI), Retrieval-Augmented Generation (RAG), and models of human oversight over AI systems.

1. AI in security solutions – SIEM and IPS.
2. AI in security solutions – DLP and antimalware.
3. Threat detection – malware and phishing.
4. Threat detection – APT (Advanced Persistent Threats).
5. Event correlation and the use of Threat Intelligence.
6. Security event analysis enhanced by AI.
7. Automated response (SOAR) and process orchestration.
8. Explainable AI (XAI) – model interpretation and trustworthiness.
9. Retrieval-Augmented Generation (RAG) – context refinement, link to XAI.
10. Models of human role – Human-in-the-Loop, Human-on-the-Loop, Human-out-of-the-Loop.
11. Ethical aspects and regulation of AI usage in cyber security.
12. Adversarial AI – attacks and defence strategies.

The course Unix Operating Systems aims to familiarise students with principles and best practices for managing servers and workstations based on Unix operating system platforms. It covers a broad range of topics focused on efficient administration and securing of these systems. Students will learn the fundamentals of Unix OS management, server monitoring, remote administration, and Unix server deployment. The course also focuses on Unix OS security aspects, including firewall and SELinux usage, storage management, file sharing, and directory services. Additional topics include mail services, DNS and DHCP server configuration, and web service management. This course provides practical skills needed for Unix system administration in real-world environments.

1. Automation of deployment and patch management.
2. Monitoring and scripting.
3. Introduction to the command line and physical storage management.
4. Software component and service installation and configuration.
5. Network connection setup and firewall access, process monitoring and control.
6. File security and management, user and group management, Linux filesystem access.
7. Installation and use of virtualized systems.
8. System log file and journal inspection, management of filesystems and logical volumes.
9. Scheduled task management, access to network file systems.
10. SELinux and firewall administration.
11. Management of network servers including DNS caching, MariaDB, Apache HTTPD, Postfix SMTP, network file sharing with NFS and SMB, iSCSI initiators and targets.
12. Advanced network and firewall configurations and usage of Bash shell scripts to automate, configure, and troubleshoot the system.

The aim of the course Web Application Development is to familiarise students with the principles and current best practices of web application development, including their deployment.

1. Introduction to web applications, internet technologies and protocols, terminology.
2. Introduction to HTML, web standards, HTML5, creating a basic web page including menus and other content types.
3. Working with forms and passing parameters between pages.
4. Server-side scripting languages (PHP), development frameworks and libraries.
5. SQL language – data manipulation, integration with DB systems.
6. Maintaining user state, sessions, cookies, integration with database systems.
7. JavaScript language, working with the DOM, use of development libraries.
8. Web application interfaces, REST and SOAP, utilisation of web services.
9. Cascading Style Sheets (CSS) – basic object properties, document formatting.
10. Cascading Style Sheets (CSS) – page design and layout, positioning, floating objects, responsive web design.
11. User authentication and authorisation in web applications.
12. Security vulnerabilities of web applications and their mitigation.

The aim of the course is to provide an overview and knowledge base for the successful management of information security and the performance of functions of an information security manager/administrator, as well as to introduce the subject of information security. The course covers relevant standards (ISO/IEC 15408, ISO/IEC 27001, ISO/IEC 27037), legislation (GDPR, Cybersecurity Act), and processes of security audit, risk analysis, and forensic analysis, together with tools for measuring and ensuring the level of information security.

Lecture Content:

1. Principles of IS/IT Security – IT components, IT object, IT subject, authorisation and authentication, concepts: asset, vulnerability, threat, risk, attack.
2. Security Functions and Mechanisms – security functions, security mechanisms, types of attacks and their objectives.
3. Methods of Securing Enterprise IS/IT – enterprise security policy and security objectives, risk analysis, disaster recovery plan, security audit.
4. Evaluation of IS/IT Security – principles of IS/IT security evaluation, overview of standards for IS/IT evaluation.
5. Standards for IS/IT Security Evaluation – ISO/IEC 15408 (Common Criteria), ISO 27001 (information security management).
6. Impacts of GDPR and Cybersecurity – impacts of GDPR on IT systems, Cybersecurity Act and its application.
7. Social Engineering – introduction – importance of social engineering in business practice, social engineering methods (pretexting, phishing, pharming, etc.).
8. Defensive Mechanisms Against Social Engineering – defence mechanisms against social engineering.
9. Monitoring of IT Infrastructure and Systems – monitoring systems, incident reporting systems.
10. Forensic Analysis and Preservation of Digital Evidence – forensic analysis methods, forensic tools.
11. Basics of Modern Cryptography – introduction – principles of modern cryptography, encryption and decryption process, encryption key, cryptanalysis, security functionality of cryptographic mechanisms.
12. Cryptographic Algorithms and Digital Signature – symmetric and asymmetric cryptographic algorithms, their advantages and disadvantages, known standards and implementations, hash functions, digital signature.

Seminar Content:

1. Working with standards and their application in business practice.
2. Methodologies for information system evaluation.
3. Methodologies for infrastructure evaluation.
4. Detection and defence against phishing.
5. Practical demonstrations of social engineering.
6. System and network monitoring.
7. Detection of anomalies in systems and networks.
8. Forensic procedures in IT security.
9. Principles of encryption and its applications.
10. Digital signature and its applications.
11. Certificates and their role in IT security.
12. Examination and project defence.

The aim of this course is to present the capabilities of modern database systems in the development of practical applications. The course focuses primarily on the installation, configuration, and administration of various database systems (relational and NoSQL). Upon completion of the course, the student will be able to install, configure, and manage both relational and NoSQL database systems.

Lecture Content:

1. Installation of a relational database system.
2. Configuration of the database system.
3. Administration of database system instances.
4. Management of server logins and roles.
5. Management of users and database roles.
6. Introduction to NoSQL concepts.
7. Basic terminology, NoSQL principles, and the CAP theorem.
8. Classification of NoSQL databases by type and their characteristics.
9. Key-value databases (Redis, Memcached, Aerospike).
10. Document databases (MongoDB, Apache CouchDB).
11. Column-family databases (Apache Cassandra, Apache HBase).
12. Graph databases (Neo4j, InfiniteGraph).

Seminar Content:

1. Introduction to the course, revision of basics from the Database Systems and Database Design course.
2. Installation of a relational database system.
3. Basic system settings.
4. Management of data storage.
5. Management of server logins and roles.
6. Management of users and database roles.
7. Summary of relational database administration, work on the first project, consultations.
8. Introduction to NoSQL databases.
9. Key-value databases.
10. Document databases.
11. Column-family databases.
12. Graph databases, summary of NoSQL database administration, work on the second project, consultations.
     

The aim of this course is to teach students how to create their own scholarly texts that meet the requirements of academic style, while also guiding them to present content clearly and comprehensibly.

1. Standards and formal requirements for producing academic texts.
2. Source citation, overview of citation standards.
3. Methods and rules of citation.
4. Types of academic texts and their specifics.
5. Structure of scholarly texts.
6. Working with academic sources.
7. Fact-checking and critical thinking.
8. Language of academic writing.
9. Argumentation in academic texts.
10. Academic ethics.
11. The impact of artificial intelligence on academic writing.
12. Presentation skills.

The aim of this course is to introduce the principles of information security management and the practical use of information systems to support it. Students will become familiar with the creation and implementation of security policies and procedures, methods for assessing and managing security risks, legal and regulatory compliance requirements, and procedures for educating and training personnel in security awareness and best security practices.

1. Introduction to information security management.
2. Overview of information security management.
3. The importance of information security in organisations.
4. Policy development.
5. Creation and implementation of security policies.
6. Guidelines and models for writing effective policies.
7. Evaluation and assessment of existing policies.
8. Identification and analysis of security risks.
9. Development of risk mitigation strategies.
10. Communication of risk management plans to stakeholders.
11. Educating employees on security policies and procedures.
12. Ensuring ongoing education and updates of security procedures.

The aim of this course is to familiarised students with the knowledge and skills related to the configuration of WAN and WLAN networks.

1. Tools for remote access – VPN.
2. BGP.
3. Multi-area OSPF.
4. WiFi networks: management, controller-based networks.
5. Configuration of WLC.
6. AAA, Radius.
7. LDAP.
8. Mobile device management in networks – BYOD, MDM.
9. Quality of Service (QoS) and IP telephony.
10. DNS security – DNSSEC and DNS over SSH.
11. Network monitoring and management.
12. Network automation, SDN.

The aim of this course is to familiarised students with the principles and use of virtualisation applications (both server and client-side), as well as with the main use cases and principles of cloud services, focusing on the development and operation of application and security services.

Lecture Content:

1. Organisational information and introduction to virtualisation and containerisation technologies. Principles and types of virtualisation and containerisation.
2. Hardware resources for operating virtualisation platforms. Hardware setup and organisation of data centres and clusters.
3. Overview of selected virtualisation platforms (VMware). Description and features of the VMware platform.
4. Overview of selected virtualisation platforms (KVM). Description and features of the KVM platform.
5. Overview of selected virtualisation platforms (Hyper-V). Description and features of the Hyper-V platform.
6. Overview of selected containerisation platforms. Description and features of selected container platforms.
7. Unified management of virtualisation and containerisation platforms.
8. Introduction to cloud technologies and services. Private cloud.
9. Methods for mass deployment of virtual devices and their software configurations.
10. Introduction to public clouds and their services.
11. Selection and design of suitable virtualisation, containerisation, and cloud solutions with regard to practical usage.
12. Selection and design of appropriate cloud solutions for practical application.

Seminar Content:

1. Introduction to the course, safety rules, and familiarisation with tools to be used during practical sessions.
2. Configuration of hardware resources, preparation of servers, storage, and their connection.
3. Deployment and configuration of VMware virtualisation platform – part 1.
4. Management, maintenance, and monitoring of VMware virtualisation platform – part 2.
5. Deployment and configuration of KVM virtualisation platform – part 1.
6. Management, maintenance, and monitoring of KVM virtualisation platform – part 2.
7. Deployment and configuration of containerisation platform – part 1.
8. Management, maintenance, and monitoring of containerisation platform – part 2.
9. Deployment and configuration of solutions for unified management of virtualisation and containerisation platforms.
10. Deployment and configuration of a private cloud.
11. Commissioning solutions for mass deployment and software configuration.
12. Revision and exam preparation.

The aim of this course is to equip students with professional knowledge and skills in the field of auditing, control, and security of information systems. The course focuses on the process of auditing information systems, IT governance and management, and on acquiring, developing, and implementing these systems. It also covers their operation, maintenance, support, and protection of information assets.

1. Information Systems Audit Process – standards and guidelines for IS audit (ISACA), basic business processes and their audit, preparation, implementation, and audit plan.
2. Conducting IS Audit – audit execution and evidence lifecycle, communication of issues and risks, support for risk management and control implementation.
3. IT Governance and Management – evaluation of IT governance effectiveness and organizational structure, assessment of IT strategies, standards, and policies, performance monitoring and organizational continuity planning.
4. IT Investment and Control Management – IT investments and resource allocation, evaluation of IT contractual agreements, control and management of IT investments and risk management.
5. Acquisition, Development, and Implementation of IS – assessment of Business CASE for change management, project and lifecycle management, migration process evaluation and post-implementation review.
6. Development and Testing Control – assessment of development and testing processes, regular project reviews, control mechanisms for systems.
7. Operation and Maintenance of IS – assessment of maintenance and data management processes, capacity and performance monitoring, change, configuration, and release management.
8. Service Level and Incident Management – evaluation of service level management (SLA), third-party management procedures, problem and incident management.
9. Backup and System Recovery – assessment of backup adequacy, recovery procedures and effectiveness, evaluation of backup system implementation.
10. Protection of Information Assets – design and implementation of information security, basics of encryption and network infrastructure security, logical access control and data protection.
11. Risks and Virtualization – evaluation of risks related to virtualization, management and implementation of virtualization technologies, measures for securing virtual environments.
12. Physical Access Monitoring and Control – implementation of physical access control, data classification and protection, environmental control processes to ensure security.

The goal of this course is to provide students with a comprehensive overview of hacking techniques, including advanced enumeration and scanning of networks or systems on an enterprise scale, malware and Trojan creation, advanced network attacks bypassing VLAN restrictions, and other methods. The course also covers extended testing of web servers and applications, SQL Injection, and hacking of mobile platforms.

1. Introduction to penetration testing.
2. Footprinting, reconnaissance techniques, and network scanning.
3. Enumeration and vulnerability analysis.
4. System hacking and malware.
5. Communication eavesdropping and advanced social engineering.
6. Denial of Service (DoS) attacks and session hijacking.
7. Evasive techniques: bypassing IDS/IPS, firewalls, WAFs, and honeypots.
8. Hacking web servers and web applications.
9. SQL injection and DOM injection.
10. Hacking WiFi networks and mobile platforms.
11. IoT hacking and cloud computing.
12. Attacks on cryptography.

Bachelor’s Seminar

Professional Practice I

The aim of this course is to define the fundamental legal aspects of cybersecurity. After a general overview of law and legal institutions related to cybersecurity, the course presents the role and activities of the key authority responsible for cybersecurity—the National Cyber and Information Security Agency (NÚKIB). The legal framework for cybersecurity is described at the European level (Directive (EU) 2016/1148 on measures for a high common level of security of network and information systems in the Union), at the national legislative level (Cybersecurity Act No. 181/2014 Coll., as amended), and through subordinate legal regulations, including the establishment of basic security measures, detection and reporting of cybersecurity incidents, and response systems. The final part addresses offenses and crimes in cybersecurity, cyber defense, intelligence service activities, and current legal issues related to cybersecurity law.

1. Cybersecurity and law in general.
2. Legal institutes of cyber law.
3. Position of the National Cyber and Information Security Agency (NÚKIB).
4. Activities of NÚKIB.
5. Cyber law within the EU (Directive 2016/1148).
6. Cybersecurity Act.
7. Subordinate legal regulations governing cybersecurity.
8. Offenses in cybersecurity.
9. Criminal liability in cybersecurity.
10. Cybersecurity and intelligence services.
11. Cyber defense.
12. Current legal issues in cybersecurity.

Bachelor´s Thesis

Professional Practice II

This course focuses on the role of psychology and sociology in managerial practice and personnel management. Students will gain insights into selected topics in personality psychology, motivation, communication, and social psychology. They will learn to navigate sociological and socio-psychological theories and findings that can be practically applied in group and team work and leadership. The course emphasizes interpersonal and group aspects (group structure and dynamics, teamwork, cooperation, conflicts) of team work and people management. Students will learn to apply selected psychological and sociological theories and methods in practice and utilize psychological and sociological approaches in the internal processes of companies or organizations.

1. Personality psychology.
2. Psychology of motivation.
3. Social intelligence. Psychology of leadership, development of leadership theories.
4. Psychology of communication.
5. Conflicts in organizations. Negotiation phases, strategies, and tactics.
6. Personal development management.
7. Psychology of success and career. Career management. Forms and methods of manager development. Coaching and mentoring.
8. Social groups. Group processes. Group cohesion.
9. Manager’s personality. Pitfalls of group dynamics, socio-psychological experiments, and their significance for leadership.
10. Psychological and sociological analyses and expertises in organizational management. Sociological research in management.
11. Structure and dynamics of the social system. Work teams.
12. Power, influence, and authority in organizations. Types of authority of organizational leaders. Micropolitics. International companies and power division in organizations.

The aim of this course is to introduce students to the basic aspects of projects and their management, which can be further developed in advanced studies. Students learn about the role of a project manager, the need to view projects as systems, project life cycles, and how people are managed within projects. The course concludes with a focus on practical issues, especially problematic situations in projects.

1. Project and project management – basic concepts, principles, and importance of project management.
2. Role of the project manager – competencies, responsibilities, and key skills.
3. Project management as a system – systems thinking in projects, dynamics, and behavior patterns.
4. Project methodologies and approaches – traditional (Waterfall) vs. agile project management (Scrum, Kanban).
5. Project life cycle – phases from initiation to closure.
6. Project planning – objectives, schedule, resource, and cost management.
7. Risk management in projects – identification, analysis, and risk response strategies.
8. Managing people in projects – leadership, motivation, and team dynamics.
9. Project-based companies – organizational structures and their impact on project management.
10. Problematic situations in projects – crisis management and conflict resolution.
11. Project monitoring and control – KPIs, reporting, and feedback.
12. Examples of successful and unsuccessful projects – case studies and key success/failure factors.

The aim of this course is to familiarise students with basic concepts in the field of business economics. Students are first introduced to fundamental terms related to entrepreneurship, enterprises, and their environment. Then, key business areas are explained, such as accounting and business management, asset and capital structure, and remuneration. The course concludes with an introduction to the specifics of nonprofit institutions, laying a foundation for studying management in various types of nonprofit organizations.

1. Introduction to business economics. Entrepreneurship, enterprise, entrepreneur. Business environment.
2. Costs and revenues. Relation to expenditures and income. Cost functions.
3. Cost calculation. Costing systems and methods.
4. Revenues, costs, and economic results. Break-even point.
5. Enterprise assets. Depreciation. Balance sheet.
6. Enterprise capital. Optimal asset and capital structure. Financial leverage, tax effect.
7. Enterprise as an economic system. Typology of enterprises.
8. Wages and labor costs of the enterprise.
9. Mergers and divisions of enterprises.
10. Rehabilitation and liquidation of enterprises.
11. Business risks. Risk analysis.
12. Specifics of nonprofit organizations.

The course focuses on key aspects of cybersecurity essential for managerial practice in today’s digital environment. Students will gain knowledge about data protection principles, risk management, and strategies for preventing and addressing cybersecurity incidents. The course bridges theoretical foundations with practical tools and procedures, enabling managers to effectively safeguard organizations against cyber threats. Emphasis is placed on a systemic approach, analytical and critical thinking, and decision-making skills in crisis situations.

1. Introduction to cybersecurity.
2. Legal and regulatory framework.
3. Threats and vulnerabilities.
4. Risk management in cybersecurity.
5. Security strategies and planning.
6. Technologies for data protection.
7. Human factor in cybersecurity.
8. Incident response.
9. Security monitoring and audit.
10. Cybersecurity in the supply chain.
11. Innovations and future trends in cybersecurity.
12. Case studies.

The aim of the course Applications of Artificial Intelligence in Organisational and Regulatory Security is to familiarise students with the fundamentals of artificial intelligence, its definitions, and main areas of application in legal practice; to provide students with an overview of the legal regulations related to artificial intelligence and their development; to analyse the ethical and legal issues arising from the use of AI within the legal framework of fundamental rights; to explore the potential misuse of AI and its consequences for society, law, and security; to examine how AI influences legislation and how it is currently regulated in legal norms; to introduce students to cyber security issues in the context of AI and its legal framework; and finally, to familiarise students in detail with the Czech Cyber Security Act, its significance, and practical applications.

1. Introduction to artificial intelligence.
2. Legal definitions and terminology of AI.
3. Areas of artificial intelligence application.
4. Autonomous systems and adaptive algorithms.
5. European AI regulation – the AI Act.
6. National legal framework for AI.
7. AI and fundamental rights and freedoms.
8. Misuse of AI technologies.
9. AI and copyright and civil law.
10. Cyber security and AI.
11. Cyber Security Act.
12. Practical examples and current challenges.

The aim of the course Managerial Skills is to equip students with knowledge in the area of managerial competencies. It explains the nature of an effective manager, the skills they should possess, and the basis on which they should make decisions. Students will also learn how to resolve conflicts, lead people, and manage their time efficiently. The course further addresses current challenges and issues in the field of managerial skills.

1. Managerial worker. Skills, character, and personality.
2. Types of skills and management processes. Modes and types of thinking. Analytical and synthetic thinking, creativity.
3. Decision making. Types of decisions and stages of the decision-making process. Decision-making methods, decision criteria.
4. Delegation and motivation.
5. Communication. Types of communication and the communication process.
6. Conflicts and their resolution.
7. Rationalisation of time consumption.
8. Leadership. Management styles and work groups.
9. Self-management, self-reflection, and self-assessment.
10. Techniques and methods of self-assessment, mental cleansing of the manager.
11. Burnout syndrome.
12. Current problems and challenges in managerial skills.

Data Networks
Computer Architecture
Switching and Routing in Computer Networks

Cybersecurity Fundamentals
Information Systems for Security Management
Legislative Aspects of Cybersecurity

Theoretical Foundations of Computer Science
Virtualisation and Cloud Services

For the examination in the Fundamentals of Data Analysis course, detailed knowledge of the mathematical and statistical methods used in data analysis will be required.

Bachelor´s Thesis Defence