This course provides an overview to issues relating to information security, the fundamental theories of security policy, security vulnerability and protection and the current issues that affect computing. The following topics are covered: determining which security goals are rarely implemented and their reasons, analyzing computer programs and computer applications for the most common flaws, the use of various tools to discover security vulnerabilities and increase cyber security.
- Explain the concepts of information systems security as applied to an IT infrastructure.
- Assess the current methods of business communications today and the associated risks and threats.
- Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure.
- Describe how information security activities directly support several common business drivers.
- Explain the role of access controls in implementing security policy.
- Explain the role of operations and administration in effective implementation of security policy.
- Explain the importance of security audits, testing, and monitoring to an effective security policy.
- Describe the principles of risk management, the common response techniques, and the issues related to recovery of IT systems.
- Explain how businesses apply cryptography in maintaining information security.
- Analyze the importance of network principles and architecture to security operations.
- Explain the methods attackers use to compromise systems, networks, and the defenses used by organizations.
- Apply international and domestic information security standards to real-world applications in both the public and private sectors.
- Describe security training and education available to prepare for information security professions.
- Describe popular information security certifications and their requirements.
- Apply U.S. compliance laws to real-world applications in both the public and private sectors.