Fundamental principles of Information Technology Security and Risk Management: Hardware software processes communications applications and policies and procedures of organizational cyber security and risk management.
Learning Objectives
- Describe the fundamental principles of information technology security. define the concepts of threat evaluation of assets information assets physical operational and information security and how they are related.
- Evaluate the need for the careful design of a secure organizational information infrastructure.
- Perform risk analysis and risk management. determine both technical and administrative mitigation approaches. explain the need for a comprehensive security model and its implications for the security manager or Chief Security Officer (CSO).
- Create and maintain a comprehensive security model. apply security technologies.
- Define basic cryptography its implementation considerations and key management.
- Design and guide the development of an organization’s security policy
- Determine appropriate strategies to assure confidentiality integrity and availability of information.
- Apply risk management techniques to manage risk reduce vulnerabilities threats and apply appropriate safeguards/controls.
Framework Connections
Specialty Areas
- Network Services
- Systems Administration
- Systems Analysis
Feedback
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.