Information Technology Security (SICT Sate Exam N-IN BITA)

  1. Basics of coding theory, Shannon's theorem. Entropy. Generation of truly- and pseudo-random sequences.
  2. Principles of symmetric block cipher algorithms (Feistel ciphers, DES, AES) and asymmetric algorithms (RSA, Diffie-Hellman, DSA/ElGamal). Principles of hash function construction. Elliptic curve cryptosystems.
  3. Application of symmetric block cipher algorithms – integrity and confidentiality, modes of operation. Application of other symmetric algorithms. Application of hash functions, MAC. Hybrid cryptosystems.
  4. Digital signature – constructions, legislation, public key management, certification authorities and public-key infrastructures.
  5. Cryptographic protocols, methods of key establishment, zero-knowledge protocols. Quantum cryptography.
  6. Attacks on cryptographic systems and protocols. Factorization and primality testing.
  7. Audit, security management, control of countermeasures. Security policies, their design, maintenance and enforcement, role and basics of risk analysis.
  8. Security evaluation, evaluation criteria and processes. Standards in IT security and cryptography, legislation and cryptology.
  9. Security in system sessions (SSL, SSH, IPSec, WEP, WPA, Kerberos), authentication in GSM networks. Security in the Internet environment. Security in SOA, Web Services Security.
  10. Use of hardware for protection of sensitive/cryptographic data and their operations. Smartcards and their role as a security mechanism.
  11. Authentication of users in computer systems – secret information, tokens, biometrics. Identification systems and user (credential) management.
  12. Parallel and distributed systems – basic concepts and principles of operations, principles of parallel and distributed algorithms, solutions for typical synchronization tasks (mutual exclusion, leader election, Byzantine agreement, etc.) in parallel and distributed environments.
  13. Computer networks – basic concepts, principles, architectures. Connection-oriented and connectionless protocols, OSI model, Internet protocols. Routing, basic network services, network management and security, firewalls, IDSs, etc.
  14. Database systems – basic concepts, principles, architectures. Data storage and representation, query processing. Correct transaction execution, processing of system faults, concurrent processing, plans, locks.