• Online, Self-Paced
Course Description

IT security risks can be defined as a combination of the consequences of an event and the associated likelihood of occurrence. They can be managed by an organization through asset-safeguarding strategies. Through this course, learn about managing enterprise information security (InfoSec) risk and risk tolerance.

Explore the definition of risk, how it differs from threats and vulnerabilities, and the history of information security. Next, discover common threats to IT systems and data, how to identify and manage security risks, and the key differences between quantitative and qualitative risk analysis. Finally, learn about common risk assessment tools and the differences between penetration testing and vulnerability assessments.

Upon completion, you'll be able to outline and manage IT security risks.

Learning Objectives

{"discover the key concepts covered in this course"}

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Operational Planning
  • Cyber Defense Infrastructure Support
  • Cybersecurity Management
  • Executive Cyber Leadership
  • Risk Management
  • Systems Analysis
  • Systems Development
  • Threat Analysis
  • Vulnerability Assessment and Management