Survey of Information Security

Paths

Survey of Information Security

Authors: Keith Watson, Matt Glass, Christopher Rees, Richard Harpur, Joe Abraham, Bobby Rogers, Lee Allen, Kevin Henry

This series provides a high-level overview of fundamental information security concepts and showcases these concepts in action within the different information security domains.

What you will learn

  • Fundamental information security concepts such as confidentiality, integrity and availability as well as cryptography basics
  • Different approaches to network and systems security
  • Different types of security assessments including risk assessments, vulnerability assessments, penetration tests and threat modeling
  • The purpose of security compliance and the major compliance standards

Pre-requisites

There are no prerequisites for this series.

Information Security Fundamentals

Learn the fundamental principles of Information Security.

Introduction to Information Security

by Keith Watson

Aug 14, 2018 / 2h 54m

2h 54m

Start Course
Description

There are many components to an organization's information security program. If you are new to cybersecurity or interested in getting started, it can be difficult to identify and understand all of the facets of protecting an organization's information assets. In this course, Introduction to Information Security, you will learn about the information security programs used by organizations. First, you will learn about the foundational principles of information security, such as confidentiality, integrity, governance, risk management, and compliance. Next, you will explore organizational assets and how they are protected through the use of security controls. Then, you will take a look at how auditing, monitoring, and testing is used to review and evaluate the effectiveness of those security controls. Finally, you will discover how organizations manage and prepare for security incidents, disruptions, and disasters and how they manage the day-to-day operations of an information security program. When you are finished with this course, you will have the knowledge and understanding of the bigger picture of information security.

Table of contents
  1. Course Overview
  2. Security Principles, Governance, Risk, and Compliance
  3. Protecting and Defending Assets
  4. Auditing and Monitoring
  5. Managing Incidents and Operations

Cryptography: The Big Picture

by Matt Glass

Jun 7, 2017 / 1h 24m

1h 24m

Start Course
Description

Securing electronic communications is vital to ensuring that information is protected as it traverses the network. In this course, Cryptography: The Big Picture, you'll learn how cryptography fits into an overall security strategy for any business or government entity. First, you'll dive into learning about the history of cryptography. Next, you'll explore all the different types of cryptographic algorithms. Finally, you'll discover how you can start using cryptography to start protecting your information today. By the end of this course, you'll know how encryption plays a vital role in the security strategy of any business.

Table of contents
  1. Course Overview
  2. Course Overview and Basic Concepts
  3. Symmetric Key Cryptography
  4. Asymmetric Key Cryptography
  5. That’s Confidentiality, but What About Integrity?
  6. Cryptography Moving Forward

Network and Systems Security

Dive into the basics of network and systems security.

Security Architecture and Design: The Big Picture

by Christopher Rees

Jun 13, 2018 / 4h 25m

4h 25m

Start Course
Description

Every day we hear of another company that's been hacked many with millions of user records stolen, leaked to the dark web, or sold to the highest bidder. Understanding what makes an effective security posture is essential to combating this ever-changing threat. In this course, Security Architecture and Design: The Big Picture, you'll learn the essential foundations of what makes an effective information security program along with what infrastructure and applications are required. First, you'll learn about installing and configuring network components, then you'll learn about secure protocols. Next, you'll explore implementing secure network architecture and troubleshooting common security issues. Finally, you'll discover secure systems design, application development and deployment, and physical security controls. When you're finished this course, you'll have a good understanding of the various pieces that make up a solid security posture. Not only will you understand all major components of information security, but also how they fit together, and how to architect them according to best practices, to protect a company's data and digital assets.

Table of contents
  1. Course Overview
  2. Setting the Stage
  3. Installing and Configuring Network Components
  4. Implementing Secure Protocols
  5. Implementing Secure Network Architecture
  6. Troubleshooting Common Security Issues
  7. Implementing Secure Systems Design
  8. Secure Application Development and Deployment
  9. Physical Security Controls

Incident Detection and Response: The Big Picture

by Richard Harpur

Jan 30, 2018 / 1h 4m

1h 4m

Start Course
Description

Cybersecurity thought leaders accept that every organization will suffer security incidents. In this course, Incident Detection and Response: The Big Picture, you will learn to detect and respond to security incidents before they occur to minimize damage to your organization. First, you will learn all about how to detect incidents. Next, you will explore the key activities you need to undertake when responding to a security incident. Finally, you will learn what it takes to prepare now before you are faced with the task of responding to an incident. By the end of this course, you will be more prepared prior to an incident occurring, to ensure a better outcome for your organization.

Table of contents
  1. Course Overview
  2. What Is Security Incident Response?
  3. Why Have Security Incident Response?
  4. Incident Detection
  5. Incident Analysis
  6. Incident Response

Digital Forensics: The Big Picture

by Joe Abraham

Jan 9, 2018 / 1h 14m

1h 14m

Start Course
Description

At the core of solving a crime in today’s digital world is a thorough knowledge of digital forensics. In this course, Digital Forensics: The Big Picture, you'll learn the ins and outs of this evolving field. First, you'll begin by diving into the various branches of digital forensics. Next, you'll explore the laws and governance surrounding the field. Finally, you'll develop an understanding of the careers in digital forensics and the employment expectations within it. When you’re finished with this course, you'll have a foundational knowledge of digital forensics that will help you not only understand this field better, but also understand your responsibility with digital devices.

Table of contents
  1. Course Overview
  2. Introduction to Digital Forensics
  3. Digital Forensics: The Branches
  4. Digital Forensics: The Laws and Governance
  5. Digital Forensics: Employment Expectations
  6. Moving Forward with Digital Forensics

Security Assessment and Management

Get started with understanding security assessments and management.

Security Management: The Big Picture

by Bobby Rogers

Mar 15, 2017 / 3h 0m

3h 0m

Start Course
Description

Data breaches and network intrusions are constantly in front page headline news. No matter how the data was lost or the network invaded, tracing the root cause of IT security problems usually leads back to ineffective management of security programs. In this course, Security Management: The Big Picture, you'll gain solid foundational knowledge as well as skills you can use to effectively manage security in your organization. You'll learn how to organize and establish a security management function within your organization as well as the different roles and responsibilities involved in security management. You'll also learn about risk management and how it reduces the likelihood of data breaches and negative events. Finally, you'll learn about the components of organizational resilience, which include business continuity, incident response, and disaster recovery. By the end of this course, you should be able to understand the need for and establish a security management section within your organization.

Table of contents
  1. Course Overview
  2. Organizational Security Management
  3. Establishing a Security Management Program
  4. Deciphering the Risk Management Program
  5. Embracing Organizational Resilience

Vulnerability Management: The Big Picture

by Matt Glass

Sep 27, 2017 / 1h 38m

1h 38m

Start Course
Description

Keeping an information system secure is an essential and continual process to stop potential threats. In this course, Vulnerability Management: The Big Picture, you'll learn the vulnerability management process and how it fits into an information security plan. First, you'll discover the importance of conducting regular vulnerability scans. Next, you'll explore how to prioritize vulnerability remediation. Finally, you'll delve into some tools that are available to help you automate these processes. By the end of this course, you'll have developed a deeper understanding of the basics of the vulnerability management process and the importance of its implementation.

Table of contents
  1. Course Overview
  2. Basic Concepts
  3. Preparation and Scanning
  4. Vulnerability Analysis
  5. Prioritization and Reporting
  6. Remediation and Mitigation
  7. Conclusion

Penetration Testing: The Big Picture

by Keith Watson

Oct 6, 2017 / 2h 23m

2h 23m

Start Course
Description

As more businesses create, collect, and manage large volumes of customer data and provide access to that data through mobile apps, the Web, and IoT devices, there are more opportunities for that data to be compromised and stolen by nefarious individuals, criminal groups, and even governments. Organizations are struggling to improve the accessibility to and increase the value of their intellectual property while simultaneously protecting it from unauthorized exposure. As news in the past few years has shown, this is a significant challenge and many organizations lost control over their customer's data and their own intellectual property. Penetration testing is one technique that organizations use to find and correct weaknesses in their network and systems before someone else does. First, you will learn how penetration testing serves as key component in an organization's information security management program. Next, you will learn about the penetration testing process and techniques used to discover and exploit vulnerabilities. Finally, you will have a good understanding of the software tools, certifications, and other courses that can help you build your technical skills. When you finish this course, you will have the knowledge of how penetration testing is used to improve the security of a network and the techniques and tools used to conduct the testing.

Table of contents
  1. Course Overview
  2. The Role of Penetration Testing in Security Testing
  3. Penetration Tests
  4. The Penetration Testing Execution Standard (PTES)
  5. Penetration Testers and Their Tools

Threat Modeling: The Big Picture

by Lee Allen

Jun 27, 2017 / 1h 5m

1h 5m

Start Course
Description

Whether you're a developer, executive, ethical hacker, or just have an avid interest in protecting yourself: You cannot protect something unless you understand what you're protecting it from. In this course, Threat Modeling: The Big Picture, you'll be provided with a high-level overview of the ins and outs of threat modeling. First, you'll cover what threat modeling is and how it can be used to identify the types of attacks you might vulnerable to. Next, you'll explore how to use that information to ensure you are protecting yourself. Finally, you'll learn of potential challenges that you may face when attempting to use threat modeling for your day to day activities, projects or environments. When you're finished with this course, you'll have a foundational understanding of threat modeling that will help you strategically identify opportunities for attack, and then use that information to ensure that your applications and environments are protected.

Table of contents
  1. Course Overview
  2. The Power of Threat Modeling
  3. Tools of the Trade
  4. Improving Application Security with Threat Modeling
  5. Threat Modeling for Hackers
  6. Expected Challenges

Auditing and Compliance

Learn more about how auditing works and how to comply with regulations.

Information Systems Auditing: The Big Picture

by Kevin Henry

Apr 3, 2017 / 1h 34m

1h 34m

Start Course
Description

Information technology is a critical component of business operations today. Nearly every part of the business relies on technology and networks in order to operate. This means that the IT audit function is important. In this course, Information Systems Auditing: The Big Picture, you'll learn the value of audit from the perspective of either the auditor or the auditee that is subject of the audit. First, you'll discover audit planning and audit evidence. Next, you'll explore audit recommendations. Last, you'll learn about audit reporting and how you can report your findings to management. By the end this course, you’ll have an overview of IS auditing and the ways to be a more effective auditor along with being readily equipped to support an ongoing audit.

Table of contents
  1. Course Overview
  2. The Role and Benefits of Information Systems Auditing
  3. The Audit Plan
  4. Conducting an Audit
  5. Analysis of Evidence
  6. Audit Recommendations
  7. Audit Reporting
  8. Follow Up and Monitoring

Security Compliance: The Big Picture

by Richard Harpur

Feb 12, 2019 / 1h 43m

1h 43m

Start Course
Description

There are now more Security Compliance requirements than ever before and with new requirements arriving each year it can be difficult to stay informed. In this course, Security Compliance: The Big Picture, you’ll receive a walk through of the major security compliance requirements. First, you'll discover the scope for each compliance program. Next, you’ll learn what your obligations are under each security compliance program. Finally, you'll explore the implications of non-compliance, which can be very significant in some cases. Best of all, this course simplifies the security requirements and doesn’t get caught up on technical language, allowing you to quickly get an overview of each security compliance program. When you’re finished with this course, you'll have developed a foundational knowledge of many security compliance programs and be confident talking to your peers or clients about these programs.

Table of contents
  1. Course Overview
  2. The What, Who, and Why of Security Compliance
  3. Complying with the PCI Standard
  4. Complying with GDPR
  5. Complying with the ISO27000 Standards Family
  6. Complying with HIPPA
  7. Complying with SOX and GLBA
  8. Complying with the UK Cyber Essentials
  9. Complying with FISMA and the Australian Privacy Act
  10. Understanding NIST Standards

ISO/IEC 27001 Information Security: The Big Picture

by Richard Harpur

Jun 1, 2016 / 2h 20m

2h 20m

Start Course
Description

Demand is growing for organizations to demonstrate their adherence to best practice for Information Security. If you're considering the ISO/IEC 27001 certification for your organization, completing this course will give you the confidence to achieve this security milestone. In ISO/IEC 27001 Information Security: The Big Picture, you'll learn essential knowledge of what is required to get your organization certified to this international standard. First, you will learn how to download and interpret the standard documentation and formal text. Next, you'll learn the process you need to go through to attain certification. Then, you'll learn how to retain your certification once you have successfully become certified. Finally, you will learn what tools and support you should consider to help make the process as easy and rapid as possible. When you're finished with this course, you will have the skills and knowledge to get your organization certified to an international information security standard.

Table of contents
  1. Course Overview
  2. Why ISO/IEC 27001 Is so Important
  3. Understanding the Standard’s Structure
  4. Certification Life Cycle - Attaining Your Certification
  5. Certification Life Cycle - Retaining Your Certification
  6. Getting Your Toolset and Support Ready