National CAE Designated Institution
  • Online, Instructor-Led
  • Classroom

Introduces concept of information security. Discusses need for organizational policy to define required services such as confidentiality, authentication, integrity, nonrepudiation, access control, and availability, and mechanisms to implement those services. Covers different types of security including physical security, computer security, and network security; common threats to and attacks against information systems, including accidental damage, identity theft, malicious software, and "spam"; and defensive measures.

Learning Objectives

On successful completion of this course, students will be able to:
- Define information security (IS) and information assurance (IA),
and explain their relevance to information systems and information technology.
- Describe security services needed for modern information systems.
- Describe common threats to and attacks against information systems.
- Explain the need for an organization to define an information security policy describing the
services required to secure the organization's information assets, and for information security
technologies adopted by the organization to be consistent with the policy requirements.
- Describe and give examples of modern information security technologies.
- Give examples of current applications of information security technologies.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Vulnerability Assessment and Management
  • Training, Education, and Awareness

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.