|
|
Methodology of a security audit
Kroupová, Hana ; Hana,, Sobotková (referee) ; Sedlák, Petr (advisor)
The master‘s thesis is focused on security audit. The aim of this thesis is to create methodology, which might help with creating security audits and research current condition of cybernetic and information security in a business establishment. Theoretical part explains basic terms and concepts about cyber and information security. Own interpretation consist description of methodological areas of security audit.
|
|
|
Security risks according to ISO 27001
Doubková, Veronika ; Oujezský, Václav (referee) ; Horváth, Tomáš (advisor)
This diploma thesis deals with the management of security information, according to ISO/IEC 27005 and it is implementation in the Verinice software environment. The risk information management process is applied to a critical infrastructure, that is connected to a optical fiber network. The work focuses on incidents aimed at threatening data from optical threats and active network elements in transmission systems. The result of the work is defined as a risk file in the .VNA format containing identified risks, for which appropriate measures are implemented in connection with the requirements of ISO/IEC 27001, for the protection of critical infrastructures and transmitted data in the transmission system.
|
|
|
Increase of Security Awareness at the Primary School
Kolajová, Jana ; Helena,, Doložílková (referee) ; Sedlák, Petr (advisor)
This diploma thesis is focused on the development of informational environment safety awareness at primary schools. The thesis consists of three main parts. The introduction explains the basic safety terms and briefly describe the legislative essentials necessary for this proposal. The second part consists of the analysis of the current situation at the school chosen for this research, including SLEPT analysis, Porter´s analysis, 7S analysis, and SWOT analysis. The practical part introduces the proposal of implementation of the program which is tailored to the requirements and needs of the primary school. The final part evaluates the pros and cons of the implemented solution.
|
|
|
Tool to support DoS testing
Kamenář, Filip ; Gerlich, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
The master thesis deals with denial of service attacks and their implementation in own application, called ptdos, that allows testing of web applications using the implemented attacks. Ptdos is also capable of monitoring the progress of testing as well as its evaluation. In the theoretical part of the thesis, the basic concepts are defined, the classification of attacks into categories is described and the individual attacks are discussed in detail in order to explain how the denial of service should occur in the context of an attack. The practical part of the thesis describes the design of the ptdos application architecture and its subsequent development, including a description of the implementation of all the selected attacks. The last part of the thesis is the testing of the application, which includes the creation of a test network and the analysis of all implemented attacks using different scenarios.
|
|
| |
|
|
Cybersecurity in the engineering industry
Jemelíková, Kristýna ; Blecha, Petr (referee) ; Maradová, Karla (advisor)
The master’s thesis deals with the management of cyber security in a manufacturing company. The theoretical part contains concepts and knowledge of cyber security and discusses the current requirements of legislation and standards of the ISO/IEC 27000 series. In practical part are proposed measures to increase cyber security and information security based on the theoretical background and analysis of current state in the selected company.
|
|
|
Quantified approach to risk analysis in case of cyber security
Řezáč, Petr ; Brychta, Josef (referee) ; Fujdiak, Radek (advisor)
This bachelor thesis deals with the quantitative approach to risk analysis in the frame-work of cyber security. The first part is devoted to the theoretical level. There are defined basic terms connected with cyber security and cyberspace. The risk management process according to ISO / IEC 27005 and NIST methodology is described. Furthermore, a comparison of individual risk analysis methods is performed. Finally, examples of quantitative methods are presented and the CIA triad is presented. The second part of this thesis is dedicated to the QRA method. This method is applied to two devices and probability, impact and risk are calculated. Finally, the evaluation and comparison of both devices is performed. The benefit of this bachelor thesis is a compiled methodology, which is applicable not only for the determination of the risk itself, but it is also possible to compare individual systems, equipment or solutions among them.
|
|
|
Specific anomaly detection methods in wireless communication networks
Holasová, Eva ; Blažek, Petr (referee) ; Fujdiak, Radek (advisor)
The diploma thesis is focuses on technologies and security of the wireless networks in standard IEEE 802.11, describes the most used standards, definition of physical layer, MAC layer and specific technologies for wireless networks. The diploma thesis is focused on description of selected security protocols, their technologies as well as weaknesses. Also, in the thesis, there are described security threats and vectors of attacks towards wireless networks 802.11. Selected threats were simulated in established experimental network, for these threats were designed detection methods. For testing and implementing designed detection methods, IDS system Zeek is used together with network scripts written in programming language Python. In the end there were trained and tested models of machine learning both supervised and unsupervised machine learning.
|
|
|
Information System Assessment and Proposal of ICT Modification
Novotný, Štěpán ; Novák, Lukáš (referee) ; Koch, Miloš (advisor)
The diploma thesis deals with the assessment of the current state of the information system of a selected social enterprise operating in the field of administration outsourcing. Based on the findings of the analyses and primary empirical research, the state of efficiency and especially security of the enterprise information system is evaluated. The result of this work is the development of a plan for the implementation of the new system and the proposal of changes and measures leading to the elimination of identified deficiencies and mitigation of potential risks.
|
|
|
Proposal for the implementation of security awareness program at grammar school
Holásková, Marie ; Neuwirth, Bernard (referee) ; Sedlák, Petr (advisor)
The diploma thesis deals with the issue of building security awareness at grammar schools. The thesis can be divided into three main parts. The introductory part introduces the theoretical definition of basic concepts in the area of information security and a brief description of the legislative requirements to be followed in solving the work. The second part analyzes the current situation of selected grammar school, including risk analysis, HOS 8 analysis and SWOT analysis. In the practical part, the proposal to introduce a security awareness program adapted to the grammar school.
|
guest ::
