Information Assurance and Security Level 1: Security and Risk Management (CISSP Domain 1) - DIT 15535
|DIT 15535||24 hours|
*Previously Information Assurance and Security Level 1: Information Security Management*
The purpose of this course is to introduce students to the theoretical knowledge required to effectively design and manage the overall security posture of an organization. Topics include concepts of confidentiality, integrity and availability, security governance principles, legislative, regulatory and privacy compliance requirements, legal and regulatory issues that pertain to information security in a global context. The course will also discuss professional ethics, and procedures to develop and implement security policy, standards, procedures, and guidelines. This course is conceptual in nature and covers examination content delivered through the ISC2 – Certified Information Systems Security Professional.
Upon successful completion of this course, students will be able to:
- Explain the importance of Information Security (InfoSec) and Information Assurance (IA) Management;
- Describe basic concepts about Information Security (InfoSec) and Information Assurance (IA);
- Compare relevant legislation and regulations;
- Distinguish between the various threat categories;
- Differentiate between qualitative and quantitative risk analysis;
- Describe the various architecture protection mechanisms;
- Classify formal Information Security (InfoSec) models;
- Explain how physical security and environmental controls relate to Information Assurance (IA);
- Compare Biometric Systems and access controls;
- Interpret and critically analyze the Information Assurance posture of an organization's environment.