Description

Information security was first studied in the early 1970s; today, this has evolved into an imperative and highly complex domain. This course provides a broad overview of information security. Information security (IS) is designed to protect the confidentiality, integrity and availability of computer system data from malicious intentions. Information security is a method designed to secure the sensitive information from unauthorised access, use, deletion, or modification.

Curriculum

MODULE 1: INTRODUCTION TO INFORMATION SECURITY

Definition of information security, Evolution of information security; Basics principles of information security; Critical concepts of information security; Components of the information system; Balancing information security and access; Implementing IT security, The system development life cycle, Security professional in the organisation.

MODULE 2: THE NEED FOR IT SECURITY

Business needs-protecting the functionality, Enabling the safe operations, Protecting the data, Safe guarding the technology assets; Threats-compromises to intellectual property, Deliberate software attacks, Espionage and trespass, Sabotage and vandalism; Attacks-malicious codes, Back doors, Denial of service and distributed denial of service, Spoofing, Sniffing, Spam, Social engineering.

MODULE 3: RISK MANAGEMENT

Definition of risk management, Risk identification and risk control, Identifying and accessing risk, Assessing risk based on probability of occurrence and likely impact, The fundamental aspects of documenting risk via the process of risk assessment, The various risk mitigation strategy options, The categories that can be used to classify controls.

MODULE 4: NETWORK INFRASTRUCTURE SECURITY AND CONNECTIVITY

Understanding infrastructure security - Device based security, Media-based security, Monitoring and diagnosing; Monitoring network - firewall, Intrusion detection system, Intrusion prevention system; OS and network hardening, Application hardening; Physical and network security - Policies, Standards and guidelines

Learning Outcomes

• Explain the different components of an information system
  
• Illustrate how information security and access are balanced
  
• Analyse the current trends in Information Security
  
• Explain different types of attacks in an organisation and how they can be prevented
  
• Identify and compare intrusion detection methods and prevention techniques
  
• Identify different components of risk management
  

Who Should Attend?

• Engineering and IT students
  
• Graduates with a programming background

Job Prospects

• Information Security Analyst
  
• Information Security Consultant
  
• Information Security Engineer
  
• Information Security Officer
  
• Information Security Specialist
  

Certification

After completing this course and successfully passing the certification examination, the student will be awarded the “Information Security Fundamentals” certification.

If a learner chooses not to take up the examination, they will still get a 'Participation Certificate'.