SAFE - Postgraduate Certificate in Information Security

SAFE-5101 Host Security

Familiarize students with the basic concepts of Operating System and Computer Architecture, particularly related concepts. In addition to a descriptive component of technology. The course provides practical workshops on common attacks (for example, buffer overflows) in popular operating systems (OpenBSD, Linux, Windows), to achieve a clear view of how they operate and how to protect and secure computers.

Credits

2

Instructor

Gomez Diaz Rafael

SAFE-5102 Network Security

This course presents a detailed description of the TCP/IP protocol, placing special emphasis on the security features of the protocols that make them fail in the event of an attack. In addition to the theoretic descriptive component of the protocols, the course includes a series of exercises that show the operation of fundamental security technologies, such as firewalls, sniffers, honey pots and port scanners.

Credits

3

Instructor

Donoso Yesid

SAFE-5103 Security Models and Standards

This course provides a theoretic, formative description the different formal models of security such as BellLapadula, Biba, Clark-wilson, Harrison-Ruzzo-Ullman, Denning, Chinese Wall and the different security certifications derived from these models, such as TCSEC (DoD Orange Book), ITSEC, Common Criteria (ISO 15408), SSE-CMM (ISO 21827), CMMI and ISO 27001, as well as standards such as ISO 17799, which defines the main information security controls to be taken into account in an organization.

Credits

3

Instructor

Arbelaez Roberto

SAFE-5201 Sciences Evaluation

During this course practices and discussions about formation and addition assessment strategies compatible to an Inquiry Based Sciences Teaching (IBST) approach will be held.

Credits

3

Instructor

Quiroga Becerra Milton

SAFE-5202 Cryptographic Engineering

Consolidates the attendees’ skills to use techniques that enable the cryptographic assurance of information systems in real operational environments. This course combines a formal and structural presentation of the cryptographic problems, algorithms, standards and protocols (DES, 3DES, AES, SSL, X.509, SHA, pkcs, XML-Enc, XML-DSig, etc.) with concrete discussions on their use and application in real environments such as Java and .NET.

Credits

2

Instructor

Quiroga Becerra Milton

SAFE-5203 Information Security Administration and Management

Presents administrative methodologies for security management. In the case of Risk Analysis, it presents the Octave and NIST800-30 methodology, for Continuity Planning, it presents BCP/DRP (Business Continuity Planning/Disaster Recovery Planning), and for Security Incidents Attention it presents NIST800-61. It will also present the basic organizational principles, such as responsibilities separation, less privileges, accountability, human resources procurement and termination.

Credits

2

Instructor

Jimenez Juan

SAFE-5301 Legal Aspects and Forensic Informatics

Shows a complete vision of the Colombian and international regulations, from the ethical and legal standpoints, on informatics crimes, copyrights and patents. Evidence collection techniques and the forensic analysis in general to adequately manage incidents will be studied.

Credits

3

Instructor

Correal Dario

SAFE-5302 Final Seminar

Provides a practical context to every concept studied during the specialization program through a final paper that approaches novelty problems connected to security issues. For instance, a problem yet to be explored in our environment is safe software development and integration. Thus, this course shall include the controls that should be embedded into systems and applications, steps to be followed during development, software development models, maintenance management, setup management, and the SSE-CMM and CMMI models.

Credits

3

Instructor

Jimenez Becerra Leyder