Skip to main content

ISLA IPGT 24010

Introduction to Cybersecurity

Cybersecurity
  • ApresentaçãoPresentation
    The course unit Introduction to Cybersecurity is part of the core training of the CTeSP in Cybersecurity and provides students with essential foundations in information security, digital threats and basic mechanisms for protecting systems and data. Its main scope includes the identification of vulnerabilities, types of attacks, risk analysis and recognised defence practices applied in digital environments, with an introductory and practical approach. The course unit also covers ethical principles and the legal framework of cybersecurity, including relevant standards and guidelines such as the GDPR and ISO 27001. Due to its transversal nature, this course unit forms a fundamental basis within the study programme, preparing students for more advanced technical units and for understanding the challenges of digital security.
  • ProgramaProgramme
    Description of contents Cybersecurity Fundamentals CIA principles, digital assets, threats, vulnerabilities and risks. Importance of cybersecurity in different contexts. hreats and Digital Attack Types Malware, phishing and social engineering. Network and system attacks (MITM, DoS/DDoS, brute-force). Vulnerabilities and Risk Management Identification and analysis of vulnerabilities. CVE/CVSS, risk assessment and mitigation. Defence Mechanisms and Best Practices Security policies, firewalls, antivirus and MFA. Backups, updates and system hardening. Introductory Tools Basic Nmap scanning, traffic and log analysis. Password managers, VPNs and protection tools. Ethical, Legal and Normative Framework Ethics and professional responsibility. GDPR, ISO 27001, ENISA and the Portuguese CNCS.
  • ObjectivosObjectives
    The course unit aims to provide students with essential knowledge in information security, addressing fundamental concepts of threats, vulnerabilities, risks and defence mechanisms, preparing them to understand the importance of protecting systems and data in digital environments. Students are expected to be able to: Understand the fundamental concepts of cybersecurity and information security. Identify common digital threats, vulnerabilities and types of attacks. Assess basic risks in systems and networks, recognising potential impacts. Apply good digital security practices in the protection of data and devices. Use introductory tools for monitoring, traffic analysis and incident detection. Recognise the ethical principles and legal framework of cybersecurity, including relevant standards and best practices such as the GDPR and ISO 27001.
  • BibliografiaBibliography
    Stallings, W. (2023). Computer security: Principles and practice (5th ed.). Pearson. ISBN 9780137983798 Pfleeger, C., Pfleeger, S., & Margulies, J. (2015). Security in computing (5th ed.). Pearson. ISBN 9780134085044 Andress, J. (2020). The basics of information security (3rd ed.). Syngress. ISBN 9780128194703 EC-Council. (2020). Certified Ethical Hacker (CEH) v11: Certified ethical hacker official study guide. Cengage Learning. ISBN 9780357500564  
  • MetodologiaMethodology
    The course integrates innovative methodologies through a virtual laboratory environment using multiple virtual machines (Parrot OS, Metasploitable2, Windows XP and Ubuntu Server) to safely simulate real-world cybersecurity scenarios. Classes combine theoretical exposition with guided practical activities, vulnerability analysis and controlled exploitation exercises, supported by tools such as Nmap, Wireshark and AI-assisted automation with Strix Pentesting. The curricular unit also promotes problem-solving challenges, collaborative work and critical reflection on incidents, fostering autonomy, experimentation and the development of essential practical skills in cybersecurity.
  • LínguaLanguage
    Português
  • TipoType
    Semestral
  • ECTS
    6
  • NaturezaNature
    Mandatory
  • EstágioInternship
    Não
  • AvaliaçãoEvaluation

    Descrição dos instrumentos de avaliação (individuais e de grupo) ¿ testes, trabalhos práticos, relatórios, projetos... respetivas datas de entrega/apresentação... e ponderação na nota final.

    Exemplo:

    Descrição

    Data limite

    Ponderação

    Trabalho Prático 01 – Exercícios de análise de ameaças, vulnerabilidades e pequenos laboratórios práticos. Entrega e apresentação de mini-trabalhos sobre temas definidos em aula (engenharia social, malware, riscos, CVE, etc.).

    05-11-2025

    20%

    Projeto Final – Simulação de um pentesting básico ao ambiente virtual da UC. Inclui relatório técnico, evidências, boas práticas e apresentação final.

    07-01-2025

    40%

    Teste de Avaliação – Avaliação teórico-prática sobre todos os conteúdos da unidade curricular.

    14-01-2025

    40%

     

    Informações adicionais:
    Ao longo do semestre, os estudantes beneficiam de acompanhamento contínuo nas aulas práticas, com orientação individual e feedback regular sobre o progresso das atividades e dos trabalhos. São disponibilizados exemplos de comandos, guias de laboratório, boas práticas de documentação e recursos complementares através do Moodle e do GitHub. Recomenda-se a consulta de documentação oficial das ferramentas utilizadas, incluindo Nmap, Wireshark, VMware/VirtualBox e boas práticas de cibersegurança apresentadas pelo OWASP e pelo CNCS.
    Os relatórios técnicos devem seguir uma estrutura clara, incluindo objetivos, metodologia, ambiente de testes, evidências recolhidas, análise dos resultados e conclusões.