Fundamental principles of Information Technology Security and Risk Management: Hardware software processes communications applications and policies and procedures of organizational cyber security and risk management.
Learning Objectives
- Describe the fundamental principles of information technology security. define the concepts of threat evaluation of assets information assets physical operational and information security and how they are related.
- Evaluate the need for the careful design of a secure organizational information infrastructure.
- Perform risk analysis and risk management. determine both technical and administrative mitigation approaches. explain the need for a comprehensive security model and its implications for the security manager or Chief Security Officer (CSO).
- Create and maintain a comprehensive security model. apply security technologies.
- Define basic cryptography its implementation considerations and key management.
- Design and guide the development of an organization’s security policy
- Determine appropriate strategies to assure confidentiality integrity and availability of information.
- Apply risk management techniques to manage risk reduce vulnerabilities threats and apply appropriate safeguards/controls.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Network Services
- Systems Administration
- Systems Analysis
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.