INFT2001 - Information Security


Examination arrangement

Examination arrangement: School exam
Grade: Letter grades

Evaluation Weighting Duration Grade deviation Examination aids
School exam 100/100 4 hours E

Course content

Cybersecurity terminology and history, legal and ethical issues in cybersecurity, vulnerability in digital infrastructures, identities, authentication and authorization, human aspects of cybersecurity, basic threat profiling, future visions for a more secure digital society. Information security management systems (ISMS), frameworks for security work, standards 27001 and 27002, risk analyzes, security policy, security culture and evaluation.

Learning outcome


the candidate can:

  • explain the application of the standards ISO 27001 and ISO 27002 with emphasis on both connections and differences between them
  • explain a step-by-step plan for the introduction of an information security management system and account for critical success factors in each of the phases
  • explain the importance of information security for the company's finances and reputation
  • give an account of the most commonly used concepts in cybersecurity as well as the subject's most important historical development
  • explain how vulnerabilities in digital infrastructures can arise and how the most common vulnerabilities can be counteracted.


the candidate can:

  • make an assessment of strategy and measures for anchoring the safety work, based on a prior analysis of the situation in a specific company
  • carry out a risk analysis for a specific company based on a standard procedure and prioritize and implement relevant measures to reduce the risk value for identified threats
  • propose a strategy to involve both the company's own employees and any external expertise in the change processes related to the introduction of an ISMScarry out basic threat profiling and risk analysis
  • use tools to protect identities from common security attacks

General competence:

the candidate can:

  • account for society's vulnerability as a consequence of cybersecurity challenges
  • can search for and apply relevant subject matter to shed light on a given problem
  • convey subject matter both in writing and orally

Learning methods and activities

Lessons with accompanying presentations are posted weekly during the semester.

Exercises are carried out in groups throughout the semester.

Further on evaluation

Written school exam.

Re-sit exam: Written exam, alternatively oral exam. Re-sit in May/June.

Specific conditions

Admission to a programme of study is required:
Information Technology (ITBAINFO)

Course materials

Stated at the start of the semester.

Credit reductions

Course code Reduction From To
DCST2005 7.5 AUTUMN 2020
DIFT2007 7.5 AUTUMN 2020
IBED2003 7.5 AUTUMN 2020
IINI2009 7.5 AUTUMN 2020
IDRI2004 7.5 AUTUMN 2020
DCSG2005 7.5 AUTUMN 2020
IFUD1119 7.5 AUTUMN 2020
DCST1002 5.0 AUTUMN 2020
More on the course



Version: 1
Credits:  7.5 SP
Study level: Intermediate course, level II


Term no.: 1
Teaching semester:  AUTUMN 2023

Language of instruction: Norwegian

Location: Trondheim

Subject area(s)
  • Computer Science
Contact information
Course coordinator: Lecturer(s):

Department with academic responsibility
Department of Computer Science


Examination arrangement: School exam

Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
Autumn ORD School exam 100/100 E 2023-11-23 09:00 INSPERA
Room Building Number of candidates
SL274 Sluppenvegen 14 3
SL310 lilla sone Sluppenvegen 14 39
Spring UTS School exam 100/100 E 2024-06-04 09:00 INSPERA
Room Building Number of candidates
SL311 grønn sone Sluppenvegen 14 4
  • * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.

For more information regarding registration for examination and examination procedures, see "Innsida - Exams"

More on examinations at NTNU