Information Technology Security (SICT Sate Exam N-IN BITA)
- Basics of coding theory, Shannon's theorem. Entropy. Generation of truly- and pseudo-random sequences.
- Principles of symmetric block cipher algorithms (Feistel ciphers, DES, AES) and asymmetric algorithms (RSA, Diffie-Hellman, DSA/ElGamal). Principles of hash function construction. Elliptic curve cryptosystems.
- Application of symmetric block cipher algorithms – integrity and confidentiality, modes of operation. Application of other symmetric algorithms. Application of hash functions, MAC. Hybrid cryptosystems.
- Digital signature – constructions, legislation, public key management, certification authorities and public-key infrastructures.
- Cryptographic protocols, methods of key establishment, zero-knowledge protocols. Quantum cryptography.
- Attacks on cryptographic systems and protocols. Factorization and primality testing.
- Audit, security management, control of countermeasures. Security policies, their design, maintenance and enforcement, role and basics of risk analysis.
- Security evaluation, evaluation criteria and processes. Standards in IT security and cryptography, legislation and cryptology.
- Security in system sessions (SSL, SSH, IPSec, WEP, WPA, Kerberos), authentication in GSM networks. Security in the Internet environment. Security in SOA, Web Services Security.
- Use of hardware for protection of sensitive/cryptographic data and their operations. Smartcards and their role as a security mechanism.
- Authentication of users in computer systems – secret information, tokens, biometrics. Identification systems and user (credential) management.
- Parallel and distributed systems – basic concepts and principles of operations, principles of parallel and distributed algorithms, solutions for typical synchronization tasks (mutual exclusion, leader election, Byzantine agreement, etc.) in parallel and distributed environments.
- Computer networks – basic concepts, principles, architectures. Connection-oriented and connectionless protocols, OSI model, Internet protocols. Routing, basic network services, network management and security, firewalls, IDSs, etc.
- Database systems – basic concepts, principles, architectures. Data storage and representation, query processing. Correct transaction execution, processing of system faults, concurrent processing, plans, locks.