The security manager must be equipped to identify and protect against all forms of internal and external threats. This course examines common security threats including hacker attacks, incursions, backdoor programs, email borne viruses, and the potential for internal sabotage. Students also learn how to anticipate and respond to such threats using an arsenal of security tools, appliances, and devices including encryption, firewalls, intrusion detection systems, vulnerability assessment systems, single sign on, virtual private networks, and authentication systems. Coursework also touches on implementing practical network security measures including the importance of hardening operating systems and critical applications to minimize vulnerabilities.
Learning Objectives
- Understand threats to business information systems and business information. Be able to articulate how these threats may be used to affect adversely the targeted systems and steal, alter and destroy the target’s proprietary information.
- Apply the analytical and technical skills to measure the degree of risk present in a given operating system and network. Apply the analytical and technical skills to select appropriate countermeasures to achieve an acceptable level of risk of damage or loss.
- Develop the technical skills, through case studies and lab exercises, to exhibit an working knowledge of the following: the use of routers, firewalls - packet filtering, stateful inspection, and proxy firewalls, filtering and policies, Intrusion detection systems, Virtual Private Networks (VPNs), network segmentation and screened subnets, host level protection, application level protection, network level protection, assessing the network boundary, and designing a secure network techniques.
- Achieve familiarity with the special information security considerations when using wireless computing and networking equipment.
- Understand the Incident Response process and how it fits into an overall business continuity framework. Evaluate incident response offerings and design an incident response capability for a business.