×
1 Choose EITC/EITCA Certificates
2 Learn and take online exams
3 Get your IT skills certified

Confirm your IT skills and competencies under the European IT Certification framework from anywhere in the world fully online.

EITCA Academy

Digital skills attestation standard by the European IT Certification Institute aiming to support Digital Society development

LOG IN TO YOUR ACCOUNT BY EITHER YOUR USERNAME OR EMAIL ADDRESS

CREATE AN ACCOUNT FORGOT YOUR PASSWORD?

FORGOT YOUR DETAILS?

AAH, WAIT, I REMEMBER NOW!

CREATE AN ACCOUNT

ALREADY HAVE AN ACCOUNT?
EUROPEAN INFORMATION TECHNOLOGIES CERTIFICATION ACADEMY - ATTESTING YOUR PROFESSIONAL DIGITAL SKILLS
  • SIGN UP
  • LOGIN
  • INFO

EITCA Academy

EITCA Academy

The European Information Technologies Certification Institute - EITCI ASBL

Certification Authority

EITCI Institute

Brussels, European Union

Governing European IT Certification (EITC) standard in support of the IT professionalism and Digital Society

  • CERTIFICATES
    • EITCA ACADEMIES
      • EITCA ACADEMIES CATALOGUE<
      • EITCA/CG COMPUTER GRAPHICS
      • EITCA/IS INFORMATION SECURITY
      • EITCA/BI BUSINESS INFORMATION
      • EITCA/KC KEY COMPETENCIES
      • EITCA/EG E-GOVERNMENT
      • EITCA/WD WEB DEVELOPMENT
      • EITCA/AI ARTIFICIAL INTELLIGENCE
    • EITC CERTIFICATES
      • EITC CERTIFICATES CATALOGUE<
      • COMPUTER GRAPHICS CERTIFICATES
      • WEB DESIGN CERTIFICATES
      • 3D DESIGN CERTIFICATES
      • OFFICE IT CERTIFICATES
      • BITCOIN BLOCKCHAIN CERTIFICATE
      • WORDPRESS CERTIFICATE
      • CLOUD PLATFORM CERTIFICATENEW
    • EITC CERTIFICATES
      • INTERNET CERTIFICATES
      • CRYPTOGRAPHY CERTIFICATES
      • BUSINESS IT CERTIFICATES
      • TELEWORK CERTIFICATES
      • PROGRAMMING CERTIFICATES
      • DIGITAL PORTRAIT CERTIFICATE
      • WEB DEVELOPMENT CERTIFICATES
      • DEEP LEARNING CERTIFICATESNEW
    • CERTIFICATES FOR
      • EU PUBLIC ADMINISTRATION
      • TEACHERS AND EDUCATORS
      • IT SECURITY PROFESSIONALS
      • GRAPHICS DESIGNERS & ARTISTS
      • BUSINESSMEN AND MANAGERS
      • BLOCKCHAIN DEVELOPERS
      • WEB DEVELOPERS
      • CLOUD AI EXPERTSNEW
  • FEATURED
  • SUBSIDY
  • HOW IT WORKS
  •   IT ID
  • ABOUT
  • CONTACT
  • MY ORDER
    Your current order is empty.
EITCIINSTITUTE
CERTIFIED

EITC/IS/ACSS Advanced Computer Systems Security

by admin / Monday, 18 October 2021 / Published in Uncategorized
Current Status
Not Enrolled
Price
€110
Get Started
Enrol for this Certification

EITC/IS/ACSS Advanced Computer Systems Security is the European IT Certification programme on theoretical and practical aspects of cybersecurity in computer systems.

The curriculum of the EITC/IS/ACSS Advanced Computer Systems Security covers knowledge and practical skills in mobile smart devices security, security analysis, symbolic execution, networks security (including web security model and secure channels and security certificates), practical implementations in real-life scenarios, security of messaging and storage, as well as timing attacks within the following structure, encompassing comprehensive video didactic content as a reference for this EITC Certification.

Advanced computer systems security goes beyond introductory notions. The curriculum first covers mobile devices security (including security of mobile apps). The curriculum then proceeds to formal security analysis, which is an important aspect of advanced computer systems security, with a main focus set on symbolic execution. Further the curriculum discusses introduction to networks security, including introduction of the web security model, networking security, definition and theory of secure channels, as well as security certificates. Furthermore the curriculum addresses practical implementation of information security, especially considering real life scenarios. It then proceeds to discussing certain areas of security applications, namely communication (messaging), and storage (with untrusted storage servers). It concludes on discussing advanced computer systems security threats in the form of the CPU timing attacks.

Protecting computer systems and information from harm, theft, and illegal use is generally known as computer systems security, sometimes also referred to as cybersecurity. Serial numbers, physical security measures, monitoring and alarms are commonly employed to protect computer gear, just as they are for other important or sensitive equipment. Information and system access in software, on the other hand, are protected using a variety of strategies, some of which are fairly complicated and requiring adequate professional competencies.

Four key hazards are addressed by the security procedures associated with computer systems’ processed information and access:

  • Data theft from government computers, such as intellectual property,
  • Vandalism, including the use of a computer virus to destroy or hijack data,
  • Fraud, such as hackers (or e.g. bank staff) diverting funds to their own accounts,
  • Invasion of privacy, such as obtaining protected personal financial or medical data from a large database without permission.

The most basic method of safeguarding a computer system from theft, vandalism, invasion of privacy, and other irresponsible behavior is to track and record the various users’ access to and activity on the system. This is often accomplished by giving each person who has access to a system a unique password. The computer system may then trace the use of these passwords automatically, noting information like which files were accessed with which passwords, and so on. Another security technique is to keep a system’s data on a different device or medium that is ordinarily inaccessible via the computer system. Finally, data is frequently encrypted, allowing only those with a single encryption key to decode it (which falls under the notion of cryptography).

Since the introduction of modems (devices that allow computers to interact via telephone lines) in the late 1960s, computer security has been increasingly crucial. In the 1980s, the development of personal computers exacerbated the problem by allowing hackers (irresponsibly acting, typically self-taught computer professionals, bypassing computer access restrictions) to unlawfully access important computer systems from the comfort of their own homes. With the explosive rise of the Internet in the late twentieth and early twenty-first centuries, computer security became a major concern. The development of enhanced security systems tries to reduce such vulnerabilities, yet computer crime methods are always evolving, posing new risks.

Asking what is being secured is one technique to determine the similarities and differences in computer systems security. 

As an example,

  • Information security is the protection of data against unauthorized access, alteration, and deletion.
  • Application security is the protection of an application from cyber threats such as SQL injection, DoS attacks, data breaches, and so on.
  • Computer security is defined as protecting computer systems that communicate over computer networks in terms of control by keeping them updated and patched.
  • Network security is defined as securing both software and hardware technologies in a networking environment – cybersecurity is defined as protecting computer systems that communicate over computer networks in terms of control by keeping them updated and patched.

It’s critical to recognize the differences between these terms, even if there isn’t always a clear understanding of their definitions or the extent to which they overlap or are interchangeable. Computer systems security refers to the safeguards put in place to ensure the confidentiality, integrity, and availability of all computer systems components.

The following are the components of a computer system that must be protected:

  • Hardware, or the physical components of a computer system, such as the system memory and disk drive.
  • Firmware is nonvolatile software that is permamently stored on the nonvolatile memory of a hardware device and is generally transparent to the user.
  • Software are computer programmes that provide users with services such as an operating system, word processor, and web browser, determining how the hardware operates to process information accordingly with the objectives defined by the software.

The CIA Triad is primarily concerned with three areas of computer systems security:

  • Confidentiality ensures that only the intended audience has access to information.
  • Integrity refers to preventing unauthorized parties from altering data processed.
  • Availability refers to the ability to prevent unauthorized parties from altering data.

Information and computer components must be useable while also being safeguarded against individuals or software that shouldn’t be able to access or modify them.

Most frequent computer systems security threats

Computer systems security risks are potential dangers that could disrupt your computer’s routine operation. As the world becomes more digital, cyber risks are becoming more prevalent. The following are the most dangerous types of computer security threats:

  • Viruses – a computer virus is a malicious program that is installed without the user’s knowledge on their computer. It replicates itself and infects the user’s data and programs. The ultimate purpose of a virus is to prevent the victim’s computer from ever functioning correctly or at all.
  • Computer worm – a computer worm is a type of software that can copy itself from one computer to another without the need for human intervention. Because a worm can replicate in large volumes and at high speeds, there is a risk that it will eat up your computer’s hard disk space.
  • Phishing – action of individual who pose as a trustworthy person or entity in order to steal critical financial or personal information (including computer systems access credenials) via so-called phishing emails or instant messaging. Phishing is, regrettably, incredibly simple to carry out. A victim is being deceived into believing the communication from the phisher is an authentic official communication and the victim freely provides sensitive personal information.
  • Botnet – a botnet is a group of computers linked to the internet that have been infected with a computer virus by a hacker. The term zombie computer or a bot refers to a single computer in the botnet. The victim’s computer, which is the bot in botnet, will be exploited for malicious actions and larger-scale attacks like DDoS as a result of this threat.
  • Rootkit – a rootkit is a computer program that maintains privileged access to a computer while attempting to conceal its presence. The rootkit’s controller will be able to remotely execute files and change system configurations on the host machine once it has been installed.
  • Keylogger – keyloggers, often known as keystroke loggers, can monitor a user’s computer activity in real time. It records all keystrokes performed by the user’s keyboard. The use of a keylogger to steal people’s login credentials, such as username and password, is also a serious threat.

These are perhaps the most prevalent security risks one may encounter recently. There are more, such as malware, wabbits, scareware, bluesnarfing, and many others. There are, fortunately, techniques to defend computer systems and their users against such attacks.

We all want to keep our computer systems and personal or professional information private in this digital era, thus computer systems security is essential to protect our personal information. It’s also critical to keep our computers secure and healthy by avoiding viruses and malware from wreaking havoc on system performance.

Practices in computer systems security

These days, computer systems security risks are growing more and more innovative. To protect against these complicated and rising computer security risks and stay safe online, one must arm themselves with information and resources. One can take the following precautions:

  • Installing dependable anti-virus and security software
  • Because a firewall functions as a security guard between the internet and your local area network, you should activate it.
  • Keep up with the newest software and news about your devices, and install updates as soon as they become available.
  • If you are unsure about the origins of an email attachment, do not open it.
  • Using a unique combination of numbers, letters, and case types, change passwords on a regular basis.
  • While accessing the internet, be cautious of pop-ups and drive-by downloads.
  • Investing the time to learn about the fundamentals of computer security and to keep up with the latest cyber-threats
  • Perform daily complete system scans and establish a regular system backup schedule to ensure that your data is recoverable in the event that your machine fails.

Aside from these, there are a slew of other professional approaches to safeguard computer systems. Aspects including adequate security architectural specification, encryption, and specialist software can help protect computer systems.

Regrettably, the number of cyber dangers is rapidly increasing, and more complex attacks are appearing. To combat these attacks and mitigate hazards, more professional and specialized cybersecurity skills are required.

To acquaint yourself in-detail with the certification curriculum you can expand and analyze the table below.

The EITC/IS/ACSS Advanced Computer Systems Security Certification Curriculum references open-access didactic materials in a video form. Learning process is divided into a step-by-step structure (programmes -> lessons -> topics) covering relevant curriculum parts. Unlimited consultancy with domain experts are also provided.
For details on the Certification procedure check How it Works.

Primary supportive curriculum reading materials

Cryptography

  • Applied Cryptography by Bruce Schneier. John Wiley & Sons, 1996. ISBN 0-471-11709-9.
  • Handbook of Applied Cryptography by Menezes, van Oorschot, and Vanstone.
  • Introduction to Cryptography by Johannes Buchmann. Springer, 2004. ISBN 978-0-387-21156-5.
  • Cryptographic libraries:
    • KeyCzar by Google.
    • GPGME by GnuPG.
    • OpenSSL.
    • NaCl: Networking and Cryptography library by Tanja Lange and Daniel J. Bernstein.

Control hijacking attacks

  • Smashing The Stack For Fun And Profit, Aleph One.
  • Bypassing non-executable-stack during exploitation using return-to-libc by c0ntex.
  • Basic Integer Overflows, blexim.
  • The C programming language (second edition) by Kernighan and Ritchie. Prentice Hall, Inc., 1988. ISBN 0-13-110362-8.
  • Intel Memory Protection Extensions.
  • Intel Programmer's Reference
    Manual (combined volumes)
    , May 2018.
  • Intel 80386 Programmer's Reference Manual, 1987.
    Alternatively, in PDF format.
    Much shorter than the full current Intel architecture manuals below, but often sufficient.
  • Intel Architecture Software Developer Manuals.

Web security

  • Browser Security Handbook, Michael Zalewski, Google.
  • Browser attack vectors.
  • Google Caja (capabilities for Javascript).
  • Google Native Client allows web applications to safely run x86 code in browsers.
  • Myspace.com - Intricate Script Injection Vulnerability, Justin Lavoie, 2006.
  • The Security Architecture of the
    Chromium Browser
    by Adam Barth, Collin Jackson, Charles Reis, and
    the Google Chrome Team.
  • Why Phishing Works
    by Rachna Dhamija, J. D. Tygar, and Marti Hearst.

OS security

  • Secure Programming for Linux and Unix HOWTO, David Wheeler.
  • setuid demystified by Hao Chen,
    David Wagner, and Drew Dean.
  • Some thoughts on security after ten years
    of qmail 1.0
    by Daniel J. Bernstein.
  • Wedge: Splitting Applications into
    Reduced-Privilege Compartments
    by Andrea Bittau, Petr Marchenko, Mark Handley, and Brad Karp.
  • KeyKOS source code.

Exploiting hardware bugs

  • Bug Attacks on RSA, by Eli Biham, Yaniv Carmeli, and Adi Shamir.
  • Using Memory Errors to Attack a
    Virtual Machine
    by Sudhakar Govindavajhala and Andrew Appel.

Mobile devices security

  • iOS security

Certification Programme Curriculum

Expand All
Mobile security 2 Topics
Expand
Lesson Content
0% Complete 0/2 Steps
Mobile device security
Mobile app security
Security analysis 1 Topic
Expand
Lesson Content
0% Complete 0/1 Steps
Symbolic execution
Network security 4 Topics
Expand
Lesson Content
0% Complete 0/4 Steps
Web security model
Network security
Secure channels
Certificates
Implementing practical information security 1 Topic
Expand
Lesson Content
0% Complete 0/1 Steps
Information security in real life
Messaging 1 Topic
Expand
Lesson Content
0% Complete 0/1 Steps
Messaging security
Security of storage 1 Topic
Expand
Lesson Content
0% Complete 0/1 Steps
Untrusted storage servers
Timing attacks 1 Topic
Expand
Lesson Content
0% Complete 0/1 Steps
CPU timing attacks
EITC/IS/ACSS Advanced Computer Systems Security
  • Tweet

About admin

Home » My Account

Certification Center

Programme Home Expand All
Mobile security
2 Topics
Mobile device security
Mobile app security
Security analysis
1 Topic
Symbolic execution
Network security
4 Topics
Web security model
Network security
Secure channels
Certificates
Implementing practical information security
1 Topic
Information security in real life
Messaging
1 Topic
Messaging security
Security of storage
1 Topic
Untrusted storage servers
Timing attacks
1 Topic
CPU timing attacks
EITC/IS/ACSS Advanced Computer Systems Security

USER MENU

  • My Bookings

CERTIFICATE CATEGORY

  • EITC Certification (105)
  • EITCA Certification (9)

What are you looking for?

  • Introduction
  • How it works?
  • EITCA Academies
  • EITCI DSJC Subsidy
  • Full EITC catalogue
  • Your order
  • Featured
  •   IT ID
  • About
  • Contact

Eligibility for EITCA Academy 80% EITCI DSJC Subsidy support

80% of EITCA Academy fees subsidized in enrolment by 3/2/2023

    EITCA Academy Administrative Office

    European IT Certification Institute
    Brussels, Belgium, European Union

    EITC / EITCA Certification Authority
    Governing European IT Certification Standard
    Access contact form or call +32 25887351

    2 days agoThe #EITC/QI/QIF Quantum Information Fundamentals (part of #EITCA/IS) attests expertise in #Quantum Computation and… https://t.co/OrYWUOTC1X
    Follow @EITCI

    Automatically translate to your language

    Terms and Conditions | Privacy Policy
    Follow @EITCI
    EITCA Academy
    • EITCA Academy on social media
    EITCA Academy


    © 2008-2023  European IT Certification Institute
    Brussels, Belgium, European Union

    TOP
    Chat with Support
    Chat with Support
    Questions, doubts, issues? We are here to help you!
    End chat
    Connecting...
    Do you have a question? Ask us!
    Do you have a question? Ask us!
    :
    :
    :
    Send
    Do you have a question? Ask us!
    :
    :
    Start Chat
    The chat session has ended. Thank you!
    Please rate the support you've received.
    Good Bad