National CAE Designated Institution
  • Classroom

This course provides an overview to issues relating to information security, the fundamental theories of security policy, security vulnerability and protection and the current issues that affect computing. The following topics are covered: determining which security goals are rarely implemented and their reasons, analyzing computer programs and computer applications for the most common flaws, the use of various tools to discover security vulnerabilities and increase cyber security.

Learning Objectives

  1. Explain the concepts of information systems security as applied to an IT infrastructure.
  2. Assess the current methods of business communications today and the associated risks and threats.
  3. Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure.
  4. Describe how information security activities directly support several common business drivers.
  5. Explain the role of access controls in implementing security policy.
  6. Explain the role of operations and administration in effective implementation of security policy.
  7. Explain the importance of security audits, testing, and monitoring to an effective security policy.
  8. Describe the principles of risk management, the common response techniques, and the issues related to recovery of IT systems.
  9. Explain how businesses apply cryptography in maintaining information security.
  10. Analyze the importance of network principles and architecture to security operations.
  11. Explain the methods attackers use to compromise systems, networks, and the defenses used by organizations.
  12. Apply international and domestic information security standards to real-world applications in both the public and private sectors.
  13. Describe security training and education available to prepare for information security professions.
  14. Describe popular information security certifications and their requirements.
  15. Apply U.S. compliance laws to real-world applications in both the public and private sectors.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Defense Analysis
  • Cyber Defense Infrastructure Support
  • Incident Response
  • Systems Analysis
  • Vulnerability Assessment and Management

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.