Paths

Survey of Information Security

Authors: Joe Abraham, Lee Allen, Matt Glass, Richard Harpur, Kevin Henry, Christopher Rees, Bobby Rogers, Keith Watson

This series provides a high-level overview of fundamental information security concepts and showcases these concepts in action within the different information security domains.

Information Security Fundamentals

Learn the fundamental principles of Information Security.

Introduction to Information Security

by Keith Watson

Aug 14, 2018 / 2h 53m

2h 53m

Start Course
Description

There are many components to an organization's information security program. If you are new to cybersecurity or interested in getting started, it can be difficult to identify and understand all of the facets of protecting an organization's information assets. In this course, Introduction to Information Security, you will learn about the information security programs used by organizations. First, you will learn about the foundational principles of information security, such as confidentiality, integrity, governance, risk management, and compliance. Next, you will explore organizational assets and how they are protected through the use of security controls. Then, you will take a look at how auditing, monitoring, and testing is used to review and evaluate the effectiveness of those security controls. Finally, you will discover how organizations manage and prepare for security incidents, disruptions, and disasters and how they manage the day-to-day operations of an information security program. When you are finished with this course, you will have the knowledge and understanding of the bigger picture of information security.

Table of contents
  1. Course Overview2m
  2. Security Principles, Governance, Risk, and Compliance42m
  3. Protecting and Defending Assets57m
  4. Auditing and Monitoring34m
  5. Managing Incidents and Operations37m

Cryptography: The Big Picture

by Matt Glass

Jun 7, 2017 / 1h 24m

1h 24m

Start Course
Description

Securing electronic communications is vital to ensuring that information is protected as it traverses the network. In this course, Cryptography: The Big Picture, you'll learn how cryptography fits into an overall security strategy for any business or government entity. First, you'll dive into learning about the history of cryptography. Next, you'll explore all the different types of cryptographic algorithms. Finally, you'll discover how you can start using cryptography to start protecting your information today. By the end of this course, you'll know how encryption plays a vital role in the security strategy of any business.

Table of contents
  1. Course Overview1m
  2. Course Overview and Basic Concepts11m
  3. Symmetric Key Cryptography29m
  4. Asymmetric Key Cryptography17m
  5. That’s Confidentiality, but What About Integrity?22m
  6. Cryptography Moving Forward2m

Network and Systems Security

Dive into the basics of network and systems security.

Security Architecture and Design: The Big Picture

by Christopher Rees

Jun 13, 2018 / 4h 24m

4h 24m

Start Course
Description

Every day we hear of another company that's been hacked many with millions of user records stolen, leaked to the dark web, or sold to the highest bidder. Understanding what makes an effective security posture is essential to combating this ever-changing threat. In this course, Security Architecture and Design: The Big Picture, you'll learn the essential foundations of what makes an effective information security program along with what infrastructure and applications are required. First, you'll learn about installing and configuring network components, then you'll learn about secure protocols. Next, you'll explore implementing secure network architecture and troubleshooting common security issues. Finally, you'll discover secure systems design, application development and deployment, and physical security controls. When you're finished this course, you'll have a good understanding of the various pieces that make up a solid security posture. Not only will you understand all major components of information security, but also how they fit together, and how to architect them according to best practices, to protect a company's data and digital assets.

Table of contents
  1. Course Overview2m
  2. Setting the Stage9m
  3. Installing and Configuring Network Components1h 11m
  4. Implementing Secure Protocols26m
  5. Implementing Secure Network Architecture18m
  6. Troubleshooting Common Security Issues28m
  7. Implementing Secure Systems Design34m
  8. Secure Application Development and Deployment38m
  9. Physical Security Controls34m

Incident Detection and Response: The Big Picture

by Richard Harpur

Jan 30, 2018 / 1h 3m

1h 3m

Start Course
Description

Cybersecurity thought leaders accept that every organization will suffer security incidents. In this course, Incident Detection and Response: The Big Picture, you will learn to detect and respond to security incidents before they occur to minimize damage to your organization. First, you will learn all about how to detect incidents. Next, you will explore the key activities you need to undertake when responding to a security incident. Finally, you will learn what it takes to prepare now before you are faced with the task of responding to an incident. By the end of this course, you will be more prepared prior to an incident occurring, to ensure a better outcome for your organization.

Table of contents
  1. Course Overview2m
  2. What Is Security Incident Response?15m
  3. Why Have Security Incident Response?10m
  4. Incident Detection 13m
  5. Incident Analysis 11m
  6. Incident Response10m

Digital Forensics: The Big Picture

by Joe Abraham

Jan 9, 2018 / 1h 13m

1h 13m

Start Course
Description

At the core of solving a crime in today’s digital world is a thorough knowledge of digital forensics. In this course, Digital Forensics: The Big Picture, you'll learn the ins and outs of this evolving field. First, you'll begin by diving into the various branches of digital forensics. Next, you'll explore the laws and governance surrounding the field. Finally, you'll develop an understanding of the careers in digital forensics and the employment expectations within it. When you’re finished with this course, you'll have a foundational knowledge of digital forensics that will help you not only understand this field better, but also understand your responsibility with digital devices.

Table of contents
  1. Course Overview1m
  2. Introduction to Digital Forensics4m
  3. Digital Forensics: The Branches23m
  4. Digital Forensics: The Laws and Governance19m
  5. Digital Forensics: Employment Expectations17m
  6. Moving Forward with Digital Forensics7m

Security Assessment and Management

Get started with understanding security assessments and management.

Security Management: The Big Picture

by Bobby Rogers

Mar 15, 2017 / 3h 0m

3h 0m

Start Course
Description

Data breaches and network intrusions are constantly in front page headline news. No matter how the data was lost or the network invaded, tracing the root cause of IT security problems usually leads back to ineffective management of security programs. In this course, Security Management: The Big Picture, you'll gain solid foundational knowledge as well as skills you can use to effectively manage security in your organization. You'll learn how to organize and establish a security management function within your organization as well as the different roles and responsibilities involved in security management. You'll also learn about risk management and how it reduces the likelihood of data breaches and negative events. Finally, you'll learn about the components of organizational resilience, which include business continuity, incident response, and disaster recovery. By the end of this course, you should be able to understand the need for and establish a security management section within your organization.

Table of contents
  1. Course Overview1m
  2. Organizational Security Management51m
  3. Establishing a Security Management Program44m
  4. Deciphering the Risk Management Program30m
  5. Embracing Organizational Resilience51m

Vulnerability Management: The Big Picture

by Matt Glass

Sep 27, 2017 / 1h 37m

1h 37m

Start Course
Description

Keeping an information system secure is an essential and continual process to stop potential threats. In this course, Vulnerability Management: The Big Picture, you'll learn the vulnerability management process and how it fits into an information security plan. First, you'll discover the importance of conducting regular vulnerability scans. Next, you'll explore how to prioritize vulnerability remediation. Finally, you'll delve into some tools that are available to help you automate these processes. By the end of this course, you'll have developed a deeper understanding of the basics of the vulnerability management process and the importance of its implementation.

Table of contents
  1. Course Overview1m
  2. Basic Concepts17m
  3. Preparation and Scanning26m
  4. Vulnerability Analysis17m
  5. Prioritization and Reporting16m
  6. Remediation and Mitigation13m
  7. Conclusion4m

Penetration Testing: The Big Picture

by Keith Watson

Oct 6, 2017 / 2h 22m

2h 22m

Start Course
Description

As more businesses create, collect, and manage large volumes of customer data and provide access to that data through mobile apps, the Web, and IoT devices, there are more opportunities for that data to be compromised and stolen by nefarious individuals, criminal groups, and even governments. Organizations are struggling to improve the accessibility to and increase the value of their intellectual property while simultaneously protecting it from unauthorized exposure. As news in the past few years has shown, this is a significant challenge and many organizations lost control over their customer's data and their own intellectual property. Penetration testing is one technique that organizations use to find and correct weaknesses in their network and systems before someone else does. First, you will learn how penetration testing serves as key component in an organization's information security management program. Next, you will learn about the penetration testing process and techniques used to discover and exploit vulnerabilities. Finally, you will have a good understanding of the software tools, certifications, and other courses that can help you build your technical skills. When you finish this course, you will have the knowledge of how penetration testing is used to improve the security of a network and the techniques and tools used to conduct the testing.

Table of contents
  1. Course Overview1m
  2. The Role of Penetration Testing in Security Testing22m
  3. Penetration Tests1h 1m
  4. The Penetration Testing Execution Standard (PTES)42m
  5. Penetration Testers and Their Tools16m

Threat Modeling: The Big Picture

by Lee Allen

Jun 27, 2017 / 1h 5m

1h 5m

Start Course
Description

Whether you're a developer, executive, ethical hacker, or just have an avid interest in protecting yourself: You cannot protect something unless you understand what you're protecting it from. In this course, Threat Modeling: The Big Picture, you'll be provided with a high-level overview of the ins and outs of threat modeling. First, you'll cover what threat modeling is and how it can be used to identify the types of attacks you might vulnerable to. Next, you'll explore how to use that information to ensure you are protecting yourself. Finally, you'll learn of potential challenges that you may face when attempting to use threat modeling for your day to day activities, projects or environments. When you're finished with this course, you'll have a foundational understanding of threat modeling that will help you strategically identify opportunities for attack, and then use that information to ensure that your applications and environments are protected.

Table of contents
  1. Course Overview1m
  2. The Power of Threat Modeling13m
  3. Tools of the Trade10m
  4. Improving Application Security with Threat Modeling20m
  5. Threat Modeling for Hackers8m
  6. Expected Challenges10m

Auditing and Compliance

Learn more about how auditing works and how to comply with regulations.

Information Systems Auditing: The Big Picture

by Kevin Henry

Apr 3, 2017 / 1h 33m

1h 33m

Start Course
Description

Information technology is a critical component of business operations today. Nearly every part of the business relies on technology and networks in order to operate. This means that the IT audit function is important. In this course, Information Systems Auditing: The Big Picture, you'll learn the value of audit from the perspective of either the auditor or the auditee that is subject of the audit. First, you'll discover audit planning and audit evidence. Next, you'll explore audit recommendations. Last, you'll learn about audit reporting and how you can report your findings to management. By the end this course, you’ll have an overview of IS auditing and the ways to be a more effective auditor along with being readily equipped to support an ongoing audit.

Table of contents
  1. Course Overview2m
  2. The Role and Benefits of Information Systems Auditing12m
  3. The Audit Plan10m
  4. Conducting an Audit20m
  5. Analysis of Evidence13m
  6. Audit Recommendations10m
  7. Audit Reporting12m
  8. Follow Up and Monitoring10m

ISO/IEC 27001 Information Security: The Big Picture

by Richard Harpur

Jun 1, 2016 / 2h 20m

2h 20m

Start Course
Description

Demand is growing for organizations to demonstrate their adherence to best practice for Information Security. If you're considering the ISO/IEC 27001 certification for your organization, completing this course will give you the confidence to achieve this security milestone. In ISO/IEC 27001 Information Security: The Big Picture, you'll learn essential knowledge of what is required to get your organization certified to this international standard. First, you will learn how to download and interpret the standard documentation and formal text. Next, you'll learn the process you need to go through to attain certification. Then, you'll learn how to retain your certification once you have successfully become certified. Finally, you will learn what tools and support you should consider to help make the process as easy and rapid as possible. When you're finished with this course, you will have the skills and knowledge to get your organization certified to an international information security standard.

Table of contents
  1. Course Overview1m
  2. Why ISO/IEC 27001 Is so Important32m
  3. Understanding the Standard’s Structure41m
  4. Certification Life Cycle - Attaining Your Certification25m
  5. Certification Life Cycle - Retaining Your Certification15m
  6. Getting Your Toolset and Support Ready23m

What you will learn

  • Fundamental information security concepts such as confidentiality, integrity and availability as well as cryptography basics
  • Different approaches to network and systems security
  • Different types of security assessments including risk assessments, vulnerability assessments, penetration tests and threat modeling
  • The purpose of security compliance and the major compliance standards

Pre-requisites

There are no prerequisites for this series.