This course focuses on legal, ethical and security issues involving data and information assets organizations must address to ensure operational continuity as well as compliance with standards, policies and laws. Students examine various levels of threats to an organization’s data and develop standards, policies, procedures and plans to combat them. Security technology specific to safeguarding data and information assets is also covered.
Learning Objectives
- Given an organization which needs a general security policy, provide a brief overview of the guiding principles that should form the basis of that security policy.
- Possess a thorough understanding of the common body of knowledge.
- Have a working knowledge of security management practices.
- Be able to apply and explain how computer law and ethics relates to an organization's computer security practices.
- Understand the major security models and be able to integrate one or more of them into an organization's security plan.
- Given an organization requiring physical security, be able to establish physical security guidelines for that organization.
- Given an organization requiring operational security, be able to establish operational security guidelines for that organization.
- Be able to analyze and select the appropriate backup strategy for a given organization.
- Be able to establish access control strategies for a given organization.
- Be able to understand basic cryptography well enough to analyze different cryptography solutions, and select the appropriate one for a given organization's security needs.
- Be able to select the appropriate firewall.
- Be able to analyze and select an appropriate Intrusion Detection System.
- Explain how software development impacts data security and privacy.
Framework Connections
- Cyberspace Intelligence
- Design and Development
- Implementation and Operation
- Oversight and Governance
- Protection and Defense
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Cyber Defense Analysis
- Training, Education, and Awareness
- Systems Administration
- Systems Requirements Planning
- Threat Analysis
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.