This 24 hour introduction to information security provides the foundation for understanding the planning and implementation of policies and procedures for protecting information assets, determining the levels of protection and response to security threats and incidents, and designing an appropriate information security system. It provides the foundation for all other courses in this certificate. Candidates will gain an overview of the field of information security and assurance, and will also learn the necessary knowledge to engage in information assurance activities and procedures. Coverage will include inspection and protection of information assets, detection of and reaction to threats to information assets, examination of pre- and post-incident procedures, technical and managerial responses, and an overview of the information security planning and staffing functions. Instructors will also introduce the role of the Chief Information Security Management Officer (CISMO).
Candidates will also master risk management, security planning, and security policy enforcement and auditing activities. Candidates will learn about security guidelines, regulation and legal implications, and standards that apply in information security management, as well as information confidentiality, data integrity, and system availability. The course also presents related concepts such as privacy and business continuity planning. While emphasis is placed on managerial and operational security controls, the course also provides an overview of the current and emerging technical security controls applied to access control, operating systems, applications, networks/web, cryptographic solutions, intrusion detection systems, physical security, wireless security, VPNs, digital forensics, and related topics.
The primary objectives of the course are to:
- Understand the importance of information security in business continuity
- Critically analyze security threats and define appropriate technical and managerial controls for these threats
- Understand procedures for ensuring compliance with security policies and standards, establish appropriate systems and plans for security implementation
- Identify legal implications of security and standards for security management
- Recognize the management, organizational, and sourcing considerations for having an effective information security program
- Describe audit and recovery approaches for coping with security breaches
- Provide the foundation Cyber Security knowledge required for the other courses in this certificate
