Students will learn about the security management process. They will examine risk and risk management, including quantitative and qualitative risk assessments. The course includes discussion of security control types and physical security controls. Students will explore all aspects of Identity and Access Management (IAM) including single-factor and multi-factor authentication, account and access control, single sign-on and federation. Students will learn to harden endpoint devices including mobile and IoT devices. Students explore cryptography including symmetric and asymmetric encryption, hashing and digital signatures, and using Public Key Infrastructure (PKI) to create and manage certificates. Students explore network security including defense in depth, firewalls, IDS/IPS, wireless security, remote access, and cloud computing. Students explore vulnerability management, ethical hacking, and compliance. Then they learn about attackers, social engineering, malware, software/network attacks, wireless and password attacks. Students learn about incident response, forensics, and planning for business continuity. Labs encourage students to apply security concepts to their personal lives, practice applying security to networks, and even include hacking and forensic simulations. At the end of the course, students will complete a capstone project to demonstrate mastery of course objectives and use for personal branding.
Overview
Syllabus
- Security Fundamentals
- In this module, you will explore the information security cycle including the concepts of security, risk and the security management process. Then you will leqarn about physical security including the different control types and physical security controls from each type, and addressing environmental exposures.
- Authentication and Account Management
- In this module, you will explore authentication in depth including learning about authentication factors, multi-factor and single-factor authentication, and strong passwords. You will learn about account management including multiple and shared accounts, single sign-on and access control.
- Device Security
- In this module, you will learn about securing endpoints including patch management and application control. You will explore integrating mobile and IoT devices, and the effects of location services.
- Encryption
- In this module, you will learn the basics of cryptography including the difference between symmetric and asymmetric encryption, and some of the algorithms. You will learn about hashes and digital certificates and understand the fundamentals of a Public Key Infrastructure.
- Network Security
- In this module, you will review network components and learn about defense in depth including firewalls and intrusion detection/prevention systems. You will learn about extending the network perimeter including wireless networks, cloud services and remote access.
- Security Management
- In this module, you will learn about vulnerability scanning and ethical hacking. You will explore data security, security policies, and gain a deeper understanding of risk. You will also learn about compliance.
- Security Threats
- In this module, you will learn about attackers and attacks. You will learn about the concepts behind social engineering and some of the more common social engineering attacks. You will learn about web attacks, malware, software attacks, wireless attacks and password attacks.
- Managing Security Incidents
- In this module, you will learn about how to manage security incidents including prevention techniques. You will gain an understanding of incident response, forensics, business continuity, redundancy, the disaster recovery process, RAID and backups.
- Capstone
- Students will demonstrate mastery of the material by creating and uploading a capstone project.
Taught by
Shadow Farrell