Explores the building blocks needed to implement security within the System Development Life-Cycle (SDLC). Instruction focuses on how to analyze internal applications, computing platforms/network infrastructure, and corporate objectives with an eye toward designing flexible security architecture that is best suited for the enterprise. Defense in-depth techniques will be studied and applied to optimize security architecture.
Learning Objectives
- Understand common hacker strategies, attack methods, tools, and attack classes, e.g., distributed denial of service, root kits, sniffer programs and Trojan horses.
- Develop strategies and architecture countermeasures to protect an environment from hacker exploits and tactics. Focus is on routers, operating systems, firewalls, IDS and other network systems.
- Plan and coordinate the implementation of holistic security measures in multiple layers within the IT networking environment.
- Develop requirements and planning documentation for security risk assessment, vulnerability assessment and penetration testing.
- Understand how to apply the various options available for IT security architecture to a given set of requirements.
- Design a process to track vulnerabilities and security incidents and plan for applying vendor related patches and updates in an ongoing basis.
- Design and develop security architecture analysis models.
- Demonstrate the uses and usefulness of security architectures.
- Describe security design and the tools for documenting it.
- Describe key building blocks and the mortar for gluing them into a coherent whole.
- Recommend guiding principles and specific recommendations for consideration in every security architecture design.
- Apply cloud Security architecture.
- Review of Resilience Management Models.