Course: Security Essentials
About this course
The class is broken up into three broad sections, awareness, threats (offense), and remediation (defense). The course is taught by a CISSP with over a decade of experience in the Security field and provides a jumping off point for further study of Security concepts, Ethical Hacking, Secure Coding, and/or Security Management. The security landscape is always changing and the course includes discussions of current exploits and security events in the news.
This course is designed for individuals with an IT background but limited security experience and is relevant for both managers and practitioners alike.
At Course Completion
The student will have a good high-lever understanding of security issued faced by organizations and jumping off point for further study of Security concepts, Ethical Hacking, Secure Coding, and/or Security Management.
DAY 1: Security Awareness – Review of ISO 27002
- Security Policy
- Organization of Information Security
- Human Resources Security
- Asset Management
- Access Control
- Physical and Environmental Security
- Operations security
- Communications Security
- Information Systems Acquisition, Development, Maintenance
- Supplier Relationships
- Information Security Incident management
- Information Security Aspects of Business Continuity
DAY 2: Attack Methodology (Offense)
- Scanning Networks
- Gain Access
- Maintain Access
- Clearing Tracks
DAY 3: Security Domains (Defense)
Review of portions of the CISSP Common Body of Knowledge (CBK) as they relate to securing the computing environment, defending against attacks, and responding to attack.
- Asset Security (Protecting Security of Assets)
- Security Engineering (Engineering and Management of Security)
- Communication and Network Security (Designing and Protecting Network Security)
- Identity and Access Management (Controlling Access and Managing Identity)
- Software Development Security (Understanding, Applying, and Enforcing Software Security)
Students should have an IT background as a practitioner or manager.