Information Security
Course Contents
Module – I
Information Security and Risk Management
- Security Management
- Security Management Responsibilities
- The Top-Down Approach to Security
- Fundamental Principles of Security
- Organizational Security Model
- Information Risk Management
- Risk Analysis
- Threats Analysis
- Quantitative Risk Analysis
- Qualitative Risk Analysis
- Policies, Standards, Baselines, Guidelines, and Procedures
- Information Classification
- Classification Controls
- Classification Controls
- Layers of Responsibility
- Hiring Practices, Employee Controls
- Security-Awareness Training
Physical and Environmental Security
- Introduction to Physical Security
- Crime Prevention Through Environmental Design
- Protecting Assets
- Internal Support Systems
- Perimeter Security
- Auditing Physical Acces
Operations Security
- Administrative Management
- Operational Responsibilities
- Asset Identification and Management
- System Controls
- Configuration Management
- Media Controls
- Network and Resource Availability
- Contingency Planning
- Mainframes
- E-mail Security
Module – II
Telecommunications and Network Security
- Open Systems Interconnection Reference Model
- TCP/IP
- IPv6
- Types of Transmission
- LAN Networking
- Network Topology
- LAN Protocols
- LAN Protocols
- Routing Protocols
Cryptography
- The History of Cryptography
- Cryptography Definitions and Concepts
- Steganography
- Substitution Ciphers
- Substitution Ciphers
- Transposition Ciphers
- Symmetric vs. Asymmetric Algorithms
- Block and Stream Ciphers
Business Continuity and Disaster Recovery
- Business Continuity Planning
- Project Initiation
- Business Impact Analysis
- Preventive Measures
- Preventive Measures
- Facility Recovery
- Supply and Technology Recovery
- Data Backup Alternatives
- Electronic Backup Solutions
- Choosing a Software Backup Facility
- Insurance
- Implementing Strategies
- Testing and Revising the Plan
