Store

Information Security Specialists

ISS

Information Security Specialists ISS

bay-dynamics-cybersecurity-funding

Information Security (infosec) is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information. Infosec responsibilities include establishing a set of business processes that will protect information assets regardless of how the information is formatted or whether it is in transit, is being processed or is at rest in storage.

Infosec programs are built around the core objectives of the CIA triad: maintaining the confidentiality, integrity and availability of IT systems and business data. These objectives ensure that sensitive information is only disclosed to authorized parties (confidentiality), prevent unauthorized modification of data (integrity) and guarantee the data can be accessed by authorized parties when requested (availability).

Many large enterprises employ a dedicated security group to implement and maintain the organization's infosec program. Typically, this group is led by a chief information security officer. The security group is generally responsible for conducting risk management, a process through which vulnerabilities and threats to information assets are continuously assessed, and the appropriate protective controls are decided on and applied. The value of an organization lies within its information -- its security is critical for business operations, as well as retaining credibility and earning the trust of clients.

Threats to sensitive and private information come in many different forms, such as malware and phishing attacks, identity theft and ransomware. To deter attackers and mitigate vulnerabilities at various points, multiple security controls are implemented and coordinated as part of a layered defense in depth strategy. This should minimize the impact of an attack. To be prepared for a security breach, security groups should have an incident response plan (IRP) in place. This should allow them to contain and limit the damage, remove the cause and apply updated defense controls.

hacker-matrix-hacking-100678084-primary-idge

Course Overview:

This course provides the foundation for understanding the key issues associated with protecting information assets, determining the levels of protection and response to security incidents, and designing a consistent, reasonable information security system, with appropriate intrusion detection and reporting features. The purpose of the course is to provide the student with an overview of the field of information security and assurance. Students will be exposed to the spectrum of security activities, methods, methodologies, and procedures. Coverage will include inspection and protection of information assets, detection of and reaction to threats to information assets, and examination of pre- and post-incident procedures, technical and managerial responses, and an overview of the information security planning and staffing functions.

You will learn:

  • Information Security Terminology.
  • Introduction to Information Security.
  • Legal, Ethical, and Professional Issues Related to Information Security.
  • Security Policy and Procedures.
  • Information Security Components.
  • Identification, Assessment and Control of Risks Related to Information Security.
  • Defining key terms in information security terminology.
  • Learn the components and characteristics of an information system.
  • Identifying threats to an information system.
  • Identifying types of attacks to an information system.
  • Learn the laws relevant to information security.
  • Learn ethical and professional issues relevant to information security.
  • Identifying international laws and legal bodies.
  • Demonstrate an understanding of implementing security in systems' project management.
  • Discuss technical and non-technical topics of implementation.
  • Identify key physical threats to the information facility.
  • Identify and state the purpose of firewalls, intrusion detection systems and other security devices.
  • Identify cryptography and encryption-based solutions.
  • Identify access control devices.
  • State the steps in risk identification and assessment.
  • Identify risk control strategies.
  • Identify major security models.
  • The Need for Security
  • Planning for Security
  • Risk Management
  • Security Technology: Firewalls, VPNs, and Wireless
  • Security Technology: Intrusion Detection and Prevention Systems and Other Security Tools
  • Cryptography
  • Physical Security
  • Implementing Information Security
  • Security and Personnel
  • Information Security Maintenance and eDiscovery

Availability

This course is taught both as a self-paced online course as well as in a classroom setting.

What is included in the course:

  • Instruction by an expert facilitator
  • Online Assistance
  • Specialized manual and course materials

What you receive:

Personalized certificate in Information Security Fundamentals from National Cyber Security University.

Course Overview:

This course provides the foundation for understanding the key issues associated with protecting information assets, determining the levels of protection and response to security incidents, and designing a consistent, reasonable information security system, with appropriate intrusion detection and reporting features. The purpose of the course is to provide the student with an overview of the field of information security and assurance. Students will be exposed to the spectrum of security activities, methods, methodologies, and procedures. Coverage will include inspection and protection of information assets, detection of and reaction to threats to information assets, and examination of pre- and post-incident procedures, technical and managerial responses, and an overview of the information security planning and staffing functions.

$800 In stock