Information Security Management Fundamentals for Non-Techies

Buy $99.95 Free Preview

Course curriculum

1. Section Introduction
  FREE PREVIEW
2. The CIA & DAD Triads
  FREE PREVIEW
3. The Parkerian Hexad
  FREE PREVIEW
4. Authentication, Authorization, and Accounting (AAA)
  FREE PREVIEW
5. Defense in Depth
6. Least Privilege
7. Non-Repudiation
8. Implicit Deny
9. Legal and Regulatory Issues
10. Information Security Governance
11. Authentication Basics
12. Identify Proofing
13. General Password Rules
14. Modern Password Guidelines
15. Case Study: Netflix's Calculated Risk for Cloud Success
16. Student Activity: Netflix Case Study Analysis
17. Information Security Principles Quiz
1. Section Introduction
2. What is a Risk?
3. What is an Issue?
4. Introduction to Risk Management
5. Risk Management Process
6. Who Uses Risk Management?
7. The Role of Risk Appetite & Tolerance
8. Exploring Risks and Threats
9. Common Risk Categories
10. Identifying IT Risks
11. Quantitative Risk Analysis
12. Attack Surface Analysis
13. Student Activity: Qualitative Risk Assessment
14. Risk Management Quiz
1. Section Introduction
2. Identifying and Classifying Assets
3. Emerging Modern Asset Types Reference List
4. Understanding the Asset Lifecycle
5. Data Retention
6. Understanding Data States
7. Asset Management Quiz
1. Section Introduction
2. Access Control
3. Physical and Logical Access Controls
4. Access Control Models
5. Attribute-Based Access Controls (ABAC)
6. Modern Authentication Methods
7. Privileged Access Fundamentals
8. Student Activity: Analyzing Your Organization's Access Control
9. Access Control Quiz
1. Section Introduction
2. Introduction to IT Audits
3. Role of IT Audits
4. Benefits of IT Audits
5. Risk of Not Performing IT Audits
6. IT Audit Process and Phases
7. Audit and Control Objectives
8. Gathering Evidence
9. Documenting and Reporting
10. IT Audit Frameworks
11. Student Activity: Auditing Your Home Network
12. Student Activity Takeaway: Auditing Your Home Network
13. IT Auditing Quiz
  FREE PREVIEW
1. Section Introduction
2. What is Compliance?
3. Achieving & Maintaining Compliance
4. Laws, Regulations & Compliance Frameworks
5. Compliance, Laws and Regulations Quiz
1. Section Introduction
2. Buffer Overflows
3. Viruses and Polymorphic Viruses
4. Worms
5. Trojan Horses
6. Logic Bombs
7. Spyware and Adware
8. Ransomeware
9. Rootkits
10. Zero Day Attacks
11. Mobile Malware
12. Cryptojacking
13. Fileless Malware
14. AI-Enhanced Malware
15. Protecting Against Malware
16. Case Study: WannaCry Ransomware Attack
17. Student Activity: WannaCry Case Study Analysis
18. Security Malware Threats Quiz
1. Section Introduction
2. Social Engineering
3. Social Engineering Phone Impersonation Scenarios Overview
4. Social Engineering Phone Call Impersonation Example #1
5. Social Engineering Phone Call Impersonation Example #2
6. Social Engineering Phone Call Impersonation Example #3
7. Social Engineering Phone Impersonation Scenarios Discussion
8. Email Spam, Spoofing, Phishing, and Pharming
9. Modern Phishing Techniques
10. Insider Threats
11. Protocol Spoofing
12. Common Attack Methods
13. Ransomware-as-a-Service (RaaS)
14. Advanced Persistent Threats (APTs)
15. AI-Enabled Threats
16. Supply Chain Risks
17. Case Study: AI-Powered DDoS Attack on Lloyds Banking Group
18. Student Activity: Lloyds Banking Group Case Study Analysis
19. Additional Threats & Vulnerabilities Quiz
1. Section Introduction
2. Introduction to Network Isolation
3. Demilitarized Zone (DMZ)
4. Basic Network Zones
5. Virtual LANs (VLANs)
6. Routers
7. Network Address Translation (NAT)
8. Access Control Lists (ACLs)
9. Network Segmentation & Isolation Quiz
1. Section Introduction
2. Virtual Private Networks
3. Firewalls
4. Web Proxy Servers
5. Honeypots
6. Honeynets
7. Intrusion Detection & Prevention Systems
8. Student Activity: Network Security
9. Network Security Quiz
1. Section Introduction
2. Wireless Encryption Standards
3. Wireless Equivalent Privacy (WEP)
4. Wi-Fi Protected Access (WPA)
5. Wi-Fi Protected Access 2 (WPA2)
6. Wi-Fi Protected Access 3 (WPA3)
7. WPA Enterprise vs. Personal Mode
8. Wireless Network Vulnerabilities & Security
9. Common Wireless Security Threats
10. Case Study: TJX Companies Inc. (TJX) WEP Exploit Data Breach
11. Student Activity: TJX Case Study Analysis
12. Wireless Security Quiz
1. Section Introduction
2. Open-Source Intelligence (OSINT)
3. Vulnerability Assessments
4. Penetration Testing
5. Exploit Frameworks
6. Interview with a Professional Ethical Hacker Blog Article
7. Security Assessments
8. Red vs Blue Team Exercises in the Workplace
9. Security Assessments and Testing Quiz
1. Section Introduction
2. Wireshark Network Sniffing
3. Nmap Zenmap Network Scanner
4. Tenable Nessus Vulnerability Scanner
5. Ethical Hacking for Beginners (YouTube Series)
6. Case Study: Equifax Web App Vulnerability
7. Student Activity: Equifax Case Study Analysis
1. Section Introduction
2. Introduction to Continuous Monitoring
3. Endpoint Detection and Response (EDR)
4. Security Information and Event Management (SIEM)
5. Security Orchestration, Automation, and Response (SOAR)
6. Case Study: Target Data Breach - When Alerts Go Unheeded
7. Student Activity: Target Case Study Analysis
8. Continuous Monitoring Quiz
1. Section Introduction
2. Hardening End-User Systems
3. Hardening Servers
4. Patch and Change Management
5. Separation of Services
6. Hardening Systems Quiz
1. Section Introduction
2. Bring Your Own Device (BYOD) Security
3. Mobile Device Hardening
4. IoT Device Security
5. Virtual Machine (VM) Security
6. Container Security
7. Automated Security Configuration Management
8. Securing Modern Devices & Systems Quiz
1. Section Introduction
2. Introduction to Cryptography
3. Symmetric Encryption
4. Asymmetric Encryption
5. Hashing Algorithms
6. Digital Certificates and Certificate Authorities
7. Email Encryption Use Cases
8. Windows Encrypted File System Use Case
9. Revisiting VPN
10. Software versus Hardware-Based Encryption
11. Quantum Computing and Post-Quantum Cryptography
12. Student Activity: Explore Hashing
13. Introduction to Cryptography Quiz
1. Section Introduction
2. Understanding Incidents and Disasters
3. Incident Response
4. Disaster Recovery and Business Continuity
5. Case Study: British Airways IT Failure
6. Student Activity: British Airways Case Study Analysis
7. Incident Response, DRP and BCP Quiz
1. Section Introduction
2. Introduction to Cyber Resiliency
3. Geographic Dispersal & Redundancy
4. Load Balancing Basics
5. Power Management & Uninterruptible Power Supply (UPS)
6. Backup Strategies & Types
7. Site Recovery Options
8. Student Activity: Cyber Resiliency Planning
9. Cyber Resiliency Quiz
1. Section Introduction
2. Importance of IT Security in Application Development
3. Software Development Lifecycle (SDLC)
4. DevSecOps
5. Static and Dynamic Testing
6. Authorization to Operate (ATO)
7. Application Development Security Quiz
1. Section Introduction
2. What is Zero Trust?
3. Tenets of Zero Trust
4. Why Do We Need Zero Trust?
5. Digital Transformation & Zero Trust
6. The NIST Zero Trust Architectural (ZTA) Model
7. VPN-Less Implementation ZTA Use Case
8. Real-Life ZTA Example
9. Student Activity: Your Organization & Zero Trust
10. Zero Trust Quiz
1. Section Introduction
2. Acceptable Use
3. Code of Ethics
4. Mandatory Vacations
5. Separation of Duties
6. Job Rotation
7. Education and Training
8. Remote Work
9. Student Activity: Acceptable Use Policy
10. Personnel Policies Quiz
1. Congratulations

About this course

$99.95
236 lessons
16.5 hours of video content

Discover your potential, starting today

Enroll today

Information Security Management Fundamentals for Non-Techies

Course curriculum

Course Introduction

Getting Started in Information Security

Core Information Security Principles

Risk Management

Asset Management

Access Control

IT Auditing

Compliance, Laws and Regulations

Security Malware Threats

Additional Threats & Vulnerabilities

Network Segmentation & Isolation

Network Security

Wireless Networking Security

Security Assessments and Testing

Security Assessment Tools

Continuous Monitoring

Hardening End-User Systems and Servers

Securing Modern Devices & Systems

Introduction to Cryptography

Incident Response, Disaster Recovery & Business Continuity

Cyber Resiliency

Application Development Security

Introduction to Zero Trust

Personnel Policies

Congratulations!

About this course

Discover your potential, starting today