Scribd
Upload
571 views4 pages

C1.3-Fundamentals of Information Security

The document outlines an information security course covering 6 units: 1) overview of information security threats, vulnerabilities, and risk assessments; 2) information asset classification; 3) risk analysis and risk management processes; 4) access control methods; 5) physical security controls; and 6) emerging technologies such as cloud computing, internet of things (IoT), blockchain, cryptography, and SCADA security. The course aims to educate on fundamental information security principles and best practices for protecting data and systems.

Uploaded by

Vishaal Tata
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
571 views4 pages

C1.3-Fundamentals of Information Security

The document outlines an information security course covering 6 units: 1) overview of information security threats, vulnerabilities, and risk assessments; 2) information asset classification; 3) risk analysis and risk management processes; 4) access control methods; 5) physical security controls; and 6) emerging technologies such as cloud computing, internet of things (IoT), blockchain, cryptography, and SCADA security. The course aims to educate on fundamental information security principles and best practices for protecting data and systems.

Uploaded by

Vishaal Tata
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 4

Fundamentals of Information Security

Unit 1: Overview of Information Security

 What is Information and why should be protect it?


 Information Security
o Threats
o Frauds
o Thefts
o Malicious Hackers
o Malicious Code
o DenialofServices Attacks
o Social Engineering
 Vulnerability
 Risk
o Risk
o Types Risk – an introduction Business Requirements Information Security
 Definitions Security Policies
o Tier1 (OriginationLevel)
o Tier2 (Function Level)
o Tier3 (Application/Device Level)
o Procedures
o Standards
o Guidelines

Unit 2: Information Asset Classification

 Why should we classify information?


 Information Asset
o Owner
o Custodian
o User
 Information Classification
o Secret
o Confidential
o Private
o Public
o Declassification
o Reclassification
o Retention and Disposal of Information Assets
o Provide Authorization for Access
o Owner Custodian User

Unit 3: Risk Analysis & Risk Management

 Risk Analysis Process


 Asset Definition
 Threat Identification
 Determine Probability of Occurrence
 Determine the Impact of the Threat
 Controls Recommended Risk Mitigation
 Control Types
 Categories
 Cost/Benefit Analysis

Unit 4: Access Control

 User Identity and Access Management


 Account Authorization
 Access and Privilege Management System
 Network Access Control
 Operating Systems Access Controls
 Monitoring Systems Access Controls
 Intrusion Detection System
 Event Logging
 Cryptography

Unit 5: Physical Security

 Identify Security Issuesto Assets and Protection mechanism


o Security aspects – Security of man, material
o Information such as file
o Commercial formula & technical information
o Design, sketches, models, cassettes etc.
o Information security
o Computer hardware, software and liveware security
o Computer based financial frauds and computer viruses and worms, Current
and future danger posing corporate executives.
 Perimeter Security
 Fire Prevention and Detection
 Safe Disposal of Physical Assets.
 Security devices
o Access Control System – Identity, screening, movement control, computer
security systems;
o Security alarm systems
o Fire alarm systems – Fire prevention and precautions, protective equipment;
o Deployment of Dog squad,
o Emergency preparedness plan
o Security guards – Duties and responsibilities
o Modern Sophisticated equipment’s.
Unit 6: Emerging Technologies

 Introduction to Cloud Computing


o Concepts
o Fundamentals of Cloud Computing
o Types of clouds
o Security Design and Architecture
o Cloud Computing Service Models
o The Characteristics of Cloud Computing
o Multi Tenancy Model
o Cloud Security Reference Model
o Cloud Computing Deploying Models

 Cloud Identity and Access Management


o Identity Provisioning
o Authentication
o Key Management for Access Control
o Authorization
o Infrastructure and Virtualization Security
o Hypervisor Architecture Concerns
 Internet of Things
o Overview of IoT
o Key Features of IoT
o IoT Architecture
o Impact of IoT on Business
o Examples of IoT
o Advantages and Disadvantages of IoT
o IoT Hardware
 IoT Sensors
 Wearable Electronics
 Standard Devices
o IoT Software
o IoT technology and Protocols
o IoT Common Issues
o IoT applications Domains
o IoT Liability
o IoT Security and Threats
 Mitigation

 Blockchain & Crypto currency


o Blockchain
 Introducing Block chain
 Public Vs. Private Blockchains
 Data storage: What is a Blockchain?
 Data Distribution: How is new data communicated?
 Consensus: How do you resolve conflicts?
 Write Access: How do you control who can control your data?
 Defence: How do you make it hard for hackers?
 Incentives: How do you pay validators?
o Crypto currency
 Introduction to Cryptography and Cryptocurrencies
 How Bitcoin Achieves Decentralization
 Mechanics of Bitcoin
 How to Store and Use Bitcoins
 Bitcoin Mining
 Bitcoin and Anonymity
 Community, Politics, and Regulation
 Alternative Mining Puzzles
 Bitcoin as a Platform
 Altcoins and the Cryptocurrency Ecosystem
 Decentralized Institutions: The Future of Bitcoin?
 SCADA Security
o Introduction to SCADA
 SCADA Systems
 Evolution of SCADA Systems
 Objectives of SCADA SYSTEMS
 Functions and usage of SCADA
 Components of SCADA
o SCADA in Process Control
o SCADA in Applications
o Real-time monitoring and control using SCADA
o Exploitation of SCADA
o Industrial Control System, Controllers and RISK
o ICS Security Architecture
o Applying security controls to ICS
o Regulatory Compliance

You might also like