Course 1 - Security Concepts and Practices
This is the first course under the specialization SSCP.
In this course, we will focus on the core aspects of security concepts and practice, starting with the importance of codes of ethics. We will then cover the basic principles of information security and move on to describe security controls, their implementation, maintenance, and assessment. We will also address the identification of corporate assets and the change management life cycle. We will then explain the importance of awareness and training and conclude with an exploration of physical security operations.
Course 1 Learning Objectives
After completing this course, the participant will be able to:
- Recall the ISC2 Code of Ethics.
- Explain the importance of an organizational code of ethics in the cybersecurity profession.
- Compare the security concepts of confidentiality, integrity, and availability.
- Apply accountability in the implementation of certain data protection controls.
- Explain the concept of non-repudiation.
- Discuss the concept of least privilege.
- Indicate the importance of segregation of duties.
- Differentiate technical, physical, and administrative security controls.
- Relate security controls to considerations of assessing compliance requirements and organizational needs.
- Indicate the importance of periodic audit and review of security controls.
- Categorize various control types or technologies based on their different roles as part of an overall security structure and posture.
- Summarize the security of assets all through the stages of their life cycle.
- Examine operational requirements of change management.
- Categorize security education and awareness strategies.
- Define measurements for gauging the effectiveness of a security education and awareness program.
- Indicate strategies that security professionals can use to collaborate with physical security operations.
Who Should Take This Course: Beginners
Experience Required: No prior experience required
Overview
Syllabus
- Overview
- This course will focus on the core aspects of security concepts and practice, beginning with a discussion of the importance of codes of ethics. We will then discuss the basic principles of information security and move on to describe security controls, their implementation, maintenance, and assessment. We will also discuss the identification of corporate assets as well as the change management life cycle. We will explain the importance of bolstering awareness and training and will conclude with a discussion on collaborating with physical security operations.
Taught by
ISC2 Education & Training