This course covers the duties of those who are responsible for monitoring and detecting security incidents in information systems and networks, and for executing a proper response to such incidents. Depending on the size of the organization, this individual may act alone or may be a member of a computer security incident response team (CSIRT). The course introduces strategies, frameworks, methodologies, and tools to manage cybersecurity risks, identify various types of common threats, design and operate secure computing and networking environments, assess and audit the organization's security, collect, and analyze cybersecurity intelligence, and handle incidents as they occur. The course also covers closely related information assurance topics such as auditing and forensics to provide a sound basis for a comprehensive approach to security aimed toward those on the front lines of defense.
Learning Objectives
- Access information security risk in computing & network environments
- Create an information assurance lifecycle process
- Analyze threats to computing & network environment
- Design secure computing & network environments
- Operate secure computing & network environments
- Assess the security posture within a risk management framework
- Collect cybersecurity intelligence information
- Analyze collected intelligence to define actionable response
- Respond to cybersecurity incidents
- Investigate cybersecurity incidents
- Audit secure computing & network environment