The document outlines an information security course covering 6 units: 1) overview of information security threats, vulnerabilities, and risk assessments; 2) information asset classification; 3) risk analysis and risk management processes; 4) access control methods; 5) physical security controls; and 6) emerging technologies such as cloud computing, internet of things (IoT), blockchain, cryptography, and SCADA security. The course aims to educate on fundamental information security principles and best practices for protecting data and systems.
The document outlines an information security course covering 6 units: 1) overview of information security threats, vulnerabilities, and risk assessments; 2) information asset classification; 3) risk analysis and risk management processes; 4) access control methods; 5) physical security controls; and 6) emerging technologies such as cloud computing, internet of things (IoT), blockchain, cryptography, and SCADA security. The course aims to educate on fundamental information security principles and best practices for protecting data and systems.
Original Description:
C1.3-Fundamentals of Information Security
Information sec basics
The document outlines an information security course covering 6 units: 1) overview of information security threats, vulnerabilities, and risk assessments; 2) information asset classification; 3) risk analysis and risk management processes; 4) access control methods; 5) physical security controls; and 6) emerging technologies such as cloud computing, internet of things (IoT), blockchain, cryptography, and SCADA security. The course aims to educate on fundamental information security principles and best practices for protecting data and systems.
The document outlines an information security course covering 6 units: 1) overview of information security threats, vulnerabilities, and risk assessments; 2) information asset classification; 3) risk analysis and risk management processes; 4) access control methods; 5) physical security controls; and 6) emerging technologies such as cloud computing, internet of things (IoT), blockchain, cryptography, and SCADA security. The course aims to educate on fundamental information security principles and best practices for protecting data and systems.
What is Information and why should be protect it?
Information Security o Threats o Frauds o Thefts o Malicious Hackers o Malicious Code o DenialofServices Attacks o Social Engineering Vulnerability Risk o Risk o Types Risk – an introduction Business Requirements Information Security Definitions Security Policies o Tier1 (OriginationLevel) o Tier2 (Function Level) o Tier3 (Application/Device Level) o Procedures o Standards o Guidelines
Unit 2: Information Asset Classification
Why should we classify information?
Information Asset o Owner o Custodian o User Information Classification o Secret o Confidential o Private o Public o Declassification o Reclassification o Retention and Disposal of Information Assets o Provide Authorization for Access o Owner Custodian User
Unit 3: Risk Analysis & Risk Management
Risk Analysis Process
Asset Definition Threat Identification Determine Probability of Occurrence Determine the Impact of the Threat Controls Recommended Risk Mitigation Control Types Categories Cost/Benefit Analysis
Unit 4: Access Control
User Identity and Access Management
Account Authorization Access and Privilege Management System Network Access Control Operating Systems Access Controls Monitoring Systems Access Controls Intrusion Detection System Event Logging Cryptography
Unit 5: Physical Security
Identify Security Issuesto Assets and Protection mechanism
o Security aspects – Security of man, material o Information such as file o Commercial formula & technical information o Design, sketches, models, cassettes etc. o Information security o Computer hardware, software and liveware security o Computer based financial frauds and computer viruses and worms, Current and future danger posing corporate executives. Perimeter Security Fire Prevention and Detection Safe Disposal of Physical Assets. Security devices o Access Control System – Identity, screening, movement control, computer security systems; o Security alarm systems o Fire alarm systems – Fire prevention and precautions, protective equipment; o Deployment of Dog squad, o Emergency preparedness plan o Security guards – Duties and responsibilities o Modern Sophisticated equipment’s. Unit 6: Emerging Technologies
Introduction to Cloud Computing
o Concepts o Fundamentals of Cloud Computing o Types of clouds o Security Design and Architecture o Cloud Computing Service Models o The Characteristics of Cloud Computing o Multi Tenancy Model o Cloud Security Reference Model o Cloud Computing Deploying Models
Cloud Identity and Access Management
o Identity Provisioning o Authentication o Key Management for Access Control o Authorization o Infrastructure and Virtualization Security o Hypervisor Architecture Concerns Internet of Things o Overview of IoT o Key Features of IoT o IoT Architecture o Impact of IoT on Business o Examples of IoT o Advantages and Disadvantages of IoT o IoT Hardware IoT Sensors Wearable Electronics Standard Devices o IoT Software o IoT technology and Protocols o IoT Common Issues o IoT applications Domains o IoT Liability o IoT Security and Threats Mitigation
Blockchain & Crypto currency
o Blockchain Introducing Block chain Public Vs. Private Blockchains Data storage: What is a Blockchain? Data Distribution: How is new data communicated? Consensus: How do you resolve conflicts? Write Access: How do you control who can control your data? Defence: How do you make it hard for hackers? Incentives: How do you pay validators? o Crypto currency Introduction to Cryptography and Cryptocurrencies How Bitcoin Achieves Decentralization Mechanics of Bitcoin How to Store and Use Bitcoins Bitcoin Mining Bitcoin and Anonymity Community, Politics, and Regulation Alternative Mining Puzzles Bitcoin as a Platform Altcoins and the Cryptocurrency Ecosystem Decentralized Institutions: The Future of Bitcoin? SCADA Security o Introduction to SCADA SCADA Systems Evolution of SCADA Systems Objectives of SCADA SYSTEMS Functions and usage of SCADA Components of SCADA o SCADA in Process Control o SCADA in Applications o Real-time monitoring and control using SCADA o Exploitation of SCADA o Industrial Control System, Controllers and RISK o ICS Security Architecture o Applying security controls to ICS o Regulatory Compliance