1.1 Introduction1.1.1 Why Do Attacks Occur?1.1.2 Are Security Attacks Avoidable?1.1.3 What Should Be Protected in Cyberspace?1.1.4 Security vs Safety1.1.5 Cybersecurity vs IT Security1.2 Security Terms and Definitions1.2.1 Assets and Attackers1.2.2 Vulnerabilities, Threats, and Risks1.3 Security Services1.3.1 Confidentiality and Privacy1.3.2 Integrity1.3.3 Availability1.3.4 Authentication and Authenticity1.3.5 Non-repudiation and Accountability1.3.6 Authorization1.4 Attacks1.4.1 Taxonomy of Attacks1.4.1.1 Attacks According to Their Origin1.4.1.2 Passive vs Active Attacks1.4.1.3 Attacks According to Their Objectives1.4.2 Taxonomy of Attackers1.4.3 Malware Taxonomy1.4.3.1 Virus1.4.3.2 Worm1.4.3.3 Trojan1.4.3.4 Ransomware1.4.3.5 Spyware and Adware1.4.3.6 Botnet1.4.3.7 Keylogger, Screen Scraper, and Web Shell1.4.3.8 Exploit, Logic Bomb, Backdoor, and Rootkit1.4.4 Daily Awareness to IT Security1.5 Countermeasures/Defenses1.5.1 Very Old Roots of Countermeasures1.5.2 Methods for Defense1.5.2.1 Prevention/Detection/Reaction Methods1.5.2.2 Level of Automation of Defense Methods1.5.2.3 Design Orientations of Defense Methods1.5.3 Overview of Security Countermeasures1.5.3.1 Organizational Measures1.5.3.2 Technical Countermeasures1.5.4 Security Penetration Testing Tools1.6 Overview of Defense Systems1.6.1 Firewalls1.6.2 Proxy Overview1.6.3 Intrusion Detection Systems1.6.4 Intrusion Protection Systems1.6.4.1 Performance Requirements Regarding IDSs and IPSs1.6.5 Honeypots1.6.6 Network Address Translation1.6.7 Virtual Private Networks1.6.8 Layered-Security Architecture1.7 Introduction to Privacy Protection1.7.1 Overview of Privacy Issues1.7.2 Introduction to the GDPR Directive1.7.2.1 Personal Data and Acts of Processing1.7.2.2 Principles of Data Protection1.8 Concluding Remarks1.9 Exercises and Solutions1.9.1 List of Exercises1.9.2 Solutions to ExercisesNotesReferences