Services
Technology Training: Security: Corporate Security Awareness
Course Objectives:Upon completion of this course the student will be able to:
- Understand the services and business functions of information security management
- Differentiate between the tools available for the protection of information
- Explain the mechanisms required to provide assurance of information security controls
- Understand the threats and vulnerabilities available to information technology
Course Type:
The course is taught in class with an instructor.
Prerequisite:
None
Audience:
Individuals that need to understand network security, specifically Systems Engineers, Network Administrators, Network Consultants, Technical Architects, and Security Planners.
Course Description:
This course introduces the student to a vendor neutral overview of the entire Information Technology spectrum as related to security management practices. Through a series of lectures and discussions the student will gain knowledge of these concepts.
It is designed to give students an understanding of the areas of study required prior to taking the CISSP exam.
Course Outline
Telecommunications and Network Security
- ISO/OSI Layers and Characteristics
- Communications and Network Security
- Internet, Intranet and Extranets
- Network Attacks and Countermeasures
Access Control Systems
- Introduction to Access Controls
- Access Control Techniques
- Access Control Administration
- Access Control Models
- Identification and Authentication Techniques
- Access Control Methodologies and Implementation
- Methods of Attack
- Monitoring Techniques
Applications Development
- Distributed Environment
- Databases and Data Warehousing
- Data and Information Storage
- Knowledge Based Systems
- Malicious Code
- System Development Controls
- Methods of Attack
Business Continuity Planning
- Business Continuity
- Disaster Recovery
- BCP/DRP Planning
- BCP/CRP Events
Cryptography
- Cryptography Defined
- Cryptographic Concept’s
- Private Key Algorithms
- Public Key Algorithms
- Public Key Infrastructure
- Cryptographic Architecture
- Methods of Attack
Law, Investigation and Ethics
- Law
- Investigation
- Computer Crime
- Incident Handling
- Ethics
Operations Security
- Administrative Management
- Operational Concepts
- Control Types and Operations
- Resource Protection
- Auditing and Audit Trails
- Monitoring Tools and Techniques
- Intrusion Detection
- Penetration Testing
- Inappropriate Activities
- Threats and Countermeasures
Physical Security
- Facility Requirements
- Technical Controls
- Environment and Safety
- Physical Security Threats
Security Architecture
- Architecture and Design Principles
- Security Models, Architecture and Evaluation Criteria
- System Architecture Security Issues
Security Management
- Concept’s and Principles
- Protection Mechanisms
- Change Control and Management
- Data Classification
- Employment Policies and Practises
- Policies, Standards, Guidelines and Procedures
- Roles and Responsibilities
|
