ISTINYE UNIVERSITY BİLGİ PAKETİ / DERS KATALOĞU
| Information Security Technology | |||||
| Associate | TR-NQF-HE: Level 5 | QF-EHEA: Short Cycle | EQF-LLL: Level 5 | ||
Course Introduction and Application Information
| Course Code: | BGT208 | ||||
| Course Name: | Secure Web Software Development | ||||
| Semester: | Spring | ||||
| Course Credits: |
|
||||
| Language of instruction: | Turkish | ||||
| Course Condition: | |||||
| Does the Course Require Work Experience?: | No | ||||
| Type of course: | Compulsory Courses | ||||
| Course Level: |
|
||||
| Mode of Delivery: | Face to face | ||||
| Course Coordinator: | Öğr. Gör. KEYVAN ARASTEH ABBASABAD | ||||
| Course Lecturer(s): |
Öğr. Gör. HÜSEYİN GÖKAL |
||||
| Course Assistants: |
Course Objective and Content
| Course Objectives: | With this course, it is aimed to use the necessary structures for the prevention of weaknesses in web applications and to produce them in some cases. |
| Course Content: | General HTTP information and history, HTTP / 2 and its differences, security-related HTTP headers, types of vulnerabilities in web applications, passive and active information collection |
Learning Outcomes
|
The students who have succeeded in this course;
1) Know the concepts of HTTP. 2) Knows the types of vulnerabilities seen in web applications. 3) Knows the software security vulnerabilities. 4) Knows active and passive information gathering methods. |
Course Flow Plan
| Week | Subject | Related Preparation |
| 1) | General HTTP information and history | |
| 2) | HTTP/2 and its differences | |
| 3) | Security-related HTTP headers | |
| 4) | Types of vulnerabilities seen in Web applications | |
| 5) | Types of vulnerabilities seen in Web applications | |
| 6) | Types of vulnerabilities seen in Web applications | |
| 7) | Types of vulnerabilities seen in Web applications | |
| 8) | Midterm Exam | |
| 9) | Web Software Security | |
| 10) | Web Software Security | |
| 11) | Web Application Security Components | |
| 12) | Web Uygulama Güvenliği Bileşenleri | |
| 13) | Passive Information Collection | |
| 14) | Active Information Gathering | |
| 15) | Final Exam |
Sources
| Course Notes / Textbooks: | Şifreleme ve Şifre Çözme Yöntemleri, Nuri Ural , Ömer Örenç, Pusula Yayıncılık Kriptografi / Şifrelerin Matematiği, Canan Çimen, Sedat Akleylek, Ersan Akyıldız ODTÜ GELİŞTİRME VAKFI YAYINCILIK |
| References: | Şifreleme ve Şifre Çözme Yöntemleri, Nuri Ural , Ömer Örenç, Pusula Yayıncılık Kriptografi / Şifrelerin Matematiği, Canan Çimen, Sedat Akleylek, Ersan Akyıldız ODTÜ GELİŞTİRME VAKFI YAYINCILIK |
Course - Program Learning Outcome Relationship
| Course Learning Outcomes | 1 |
2 |
3 |
4 |
||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Program Outcomes | ||||||||||||
| 1) Has knowledge and skills about creating program algorithms. | ||||||||||||
| 2) Can install and manage software and hardware required for end user security. | ||||||||||||
| 3) Can follow current security products. | ||||||||||||
| 4) It can manage both software and people in the environment against cyber attack incidents. | ||||||||||||
| 5) Installs the basic software and hardware of the computer. | ||||||||||||
| 6) Installs and manages open source operating system and computer networks software. | ||||||||||||
| 7) It manages software, hardware and people in the environment in cyber attack incidents. | ||||||||||||
| 8) It creates and organizes the web page and database itself and can scan for vulnerabilities. | ||||||||||||
| 9) Creates, manages and organizes space on cloud platforms. | ||||||||||||
| 10) Firewall software also enables, manages and regulates the installation of hardware. | ||||||||||||
| 11) It solves the working logic of a device's software and makes the necessary arrangements to maximize its functions. | ||||||||||||
| 12) He/she has a good command of the professional, ethical, social and legal issues in his/her field. | ||||||||||||
Course - Learning Outcome Relationship
| No Effect | 1 Lowest | 2 Average | 3 Highest |
| Program Outcomes | Level of Contribution | |
| 1) | Has knowledge and skills about creating program algorithms. | 1 |
| 2) | Can install and manage software and hardware required for end user security. | 1 |
| 3) | Can follow current security products. | 1 |
| 4) | It can manage both software and people in the environment against cyber attack incidents. | 3 |
| 5) | Installs the basic software and hardware of the computer. | 1 |
| 6) | Installs and manages open source operating system and computer networks software. | 1 |
| 7) | It manages software, hardware and people in the environment in cyber attack incidents. | 1 |
| 8) | It creates and organizes the web page and database itself and can scan for vulnerabilities. | 1 |
| 9) | Creates, manages and organizes space on cloud platforms. | 1 |
| 10) | Firewall software also enables, manages and regulates the installation of hardware. | 1 |
| 11) | It solves the working logic of a device's software and makes the necessary arrangements to maximize its functions. | 1 |
| 12) | He/she has a good command of the professional, ethical, social and legal issues in his/her field. | 1 |
Assessment & Grading
| Semester Requirements | Number of Activities | Level of Contribution |
| Midterms | 1 | % 40 |
| Final | 1 | % 60 |
| total | % 100 | |
| PERCENTAGE OF SEMESTER WORK | % 40 | |
| PERCENTAGE OF FINAL WORK | % 60 | |
| total | % 100 | |
Workload and ECTS Credit Calculation
| Activities | Number of Activities | Preparation for the Activity | Spent for the Activity Itself | Completing the Activity Requirements | Workload | ||
| Course Hours | 14 | 2 | 28 | ||||
| Laboratory | 14 | 2 | 28 | ||||
| Application | 14 | 2 | 28 | ||||
| Midterms | 1 | 20 | 20 | ||||
| Final | 1 | 25 | 25 | ||||
| Total Workload | 129 | ||||||