2025
Technical Principles in Cybersecurity
Name: Technical Principles in Cybersecurity
Code: INF15645O
2 ECTS
Duration: 2 weeks/52 hours
Scientific Area:
Informatics
Teaching languages: Portuguese
Languages of tutoring support: Portuguese
Regime de Frequência: B-learning
Sustainable Development Goals
Learning Goals
Students who complete this course successfully will be able to:
1. Know the main software development cycle, including programming, debugging, and testing
2. Know tools and practices for management and control of software versions and corrections
3. Understand the client-server communication model using sockets and its programming interface
4. Know the fundamentals, concepts, principles, restrictions, and effects of cybersecurity.
5. Understand the requirements of confidentiality, integrity, and availability requirements
6. Know of current and emerging cryptographic techniques
7. Know of different classes of attacks (passive, active, internal, distributed)
8. Know of emerging security risks and vulnerabilities
9. Know different types of databases, as well as their comparative advantages and shortcomings
10. Know cryptographic security features in databases
1. Know the main software development cycle, including programming, debugging, and testing
2. Know tools and practices for management and control of software versions and corrections
3. Understand the client-server communication model using sockets and its programming interface
4. Know the fundamentals, concepts, principles, restrictions, and effects of cybersecurity.
5. Understand the requirements of confidentiality, integrity, and availability requirements
6. Know of current and emerging cryptographic techniques
7. Know of different classes of attacks (passive, active, internal, distributed)
8. Know of emerging security risks and vulnerabilities
9. Know different types of databases, as well as their comparative advantages and shortcomings
10. Know cryptographic security features in databases
Contents
a) Introduction to programming: variables, types, flow control operations, input and output, functions,
environment variables, reading and writing files, libraries to communicate with remote processes
b) Code repositories for sharing and versioning
c) Cryptographic mechanisms for information protection: symmetric and asymmetric ciphers, MAC and digital
signature, certificates, and public key infrastructures
d) Cryptographic libraries for software development
e) Authentication and Authorization: password storage; security models and policies
f) Relational and non-relational databases and techniques to enforce confidentiality, integrity, and availability
in databases
g) Analysis of lists of typical software vulnerabilities (CWE) and lists of software with vulnerabilities (CVE).
Emerging security risk reports (ENISA, OWASP Top 10).
environment variables, reading and writing files, libraries to communicate with remote processes
b) Code repositories for sharing and versioning
c) Cryptographic mechanisms for information protection: symmetric and asymmetric ciphers, MAC and digital
signature, certificates, and public key infrastructures
d) Cryptographic libraries for software development
e) Authentication and Authorization: password storage; security models and policies
f) Relational and non-relational databases and techniques to enforce confidentiality, integrity, and availability
in databases
g) Analysis of lists of typical software vulnerabilities (CWE) and lists of software with vulnerabilities (CVE).
Emerging security risk reports (ENISA, OWASP Top 10).
Teaching Methods
Theoretical-practical teaching, with 10 sessions corresponding to 35 contact hours (10 sessions of 3.5 hours). The expected total working time of the trainee is 54 hours. Theoretical classes are intended for exposition and discussion of the main syllabus contents, encouraging interactivity, and asking questions.
Topics are further explored through practical labs for each of the different topics, supported by guides provided by the teacher and by a practical report carried out in a group. The labs are carried out using i) software development tools and cryptographic libraries; ii) configuration and access to databases; iii) exploitation of vulnerabilities in training applications;
Topics are further explored through practical labs for each of the different topics, supported by guides provided by the teacher and by a practical report carried out in a group. The labs are carried out using i) software development tools and cryptographic libraries; ii) configuration and access to databases; iii) exploitation of vulnerabilities in training applications;
Assessment
The learning outcomes are assessed individually through one written exam (50% of the grade) and two practical assignments (each worth 25%). Thus, the final grade will be 50% theoretical + 50% practical (FG = 0.5 * T + 0.5 * P)
Teaching Staff
- Hugo Miguel Mataloto Agoga
- Vítor Manuel Beires Pinto Nogueira [responsible]
- Vítor Manuel Beires Pinto Nogueira [responsible]
Accreditations and Certifications
