This course introduces the concepts and issues related to securing information systems and the development of policies to implement information security controls. Topics include the historical view of networking and security, security issues, trends, security resources, and the role of policy, people, and processes in information security. Upon completion, students should be able to identify information security risks, create an information security policy, and identify processes to implement and enforce policy.
Learning Objectives
CLO1 Compare and contrast different types of social engineering techniques. | CLO2 Given a scenario, analyze potential indicators to determine the type of attack. | CLO3 Given a scenario, analyze potential indicators associated with application attacks. | CLO4 Given a scenario, analyze potential indicators associated with network attacks. | CLO5 Explain different threat actors, vectors, and intelligence sources. | CLO6 Explain the security concerns associated with various types of vulnerabilities. | CLO7 Summarize the techniques used in security assessments. | CLO8 Explain the techniques used in penetration testing. | CLO9 Explain the importance of security concepts in an enterprise environment. | CLO10 Summarize virtualization and cloud computing concepts. | CLO11 Summarize secure application development, deployment, and automation concepts. | CLO12 Summarize authentication and authorization design concepts. | CLO13 Given a scenario, implement cybersecurity resilience. | CLO14 Explain the security implications of embedded and specialized systems. | CLO15 Explain the importance of physical security controls. | CLO16 Summarize the basics of cryptographic concepts. | CLO17 Given a scenario, implement secure protocols. | CLO18 Given a scenario, implement host or application security solutions. | CLO19 Given a scenario, implement secure network designs. | CLO20 Given a scenario, install and configure wireless security settings. | CLO21 Given a scenario, implement secure mobile solutions. | CLO22 Given a scenario, apply cybersecurity solutions to the cloud. | CLO23 Given a scenario, implement identity and account management controls. | CLO24 Given a scenario, implement authentication and authorization solutions. | CLO25 Given a scenario, implement public key infrastructure. | CLO26 Given a scenario, use the appropriate tool to assess organizational security. | CLO27 Summarize the importance of policies, processes, and procedures for incident response. | CLO28 Given an incident, utilize appropriate data sources to support an investigation. | CLO29 Given an incident, apply mitigation techniques or controls to secure an environment. | CLO30 Explain the key aspects of digital forensics. | CLO31 Compare and contrast various types of controls. | CLO32 Explain the importance of applicable regulations, standards, or frameworks that impact organizational security posture. | CLO33 Explain the importance of policies to organizational security. | CLO34 Summarize risk management processes and concepts. | CLO35 Explain privacy and sensitive data concepts in relation to security.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Work Roles
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.