The level 1 course is intended to address the basics of information Security Concepts and the general industry trends. We will be covering the following topics:
What is Information Security? Why do you need it? Basic Principles of Confidentiality, Integrity Availability Concepts Policies, procedures, Guidelines, Standards Administrative Measures and Technical Measures, People, Process, Technology
Current Trends in information Security, Cloud Computing: benefits and Issues related to info Sec. Standards available for InfoSec: Cobit, Cadbury, ISO 27001, OWASP, OSSTMM, etc - An Overview, Certifiable Standards: How, What, When, Who.
Vulnerability, Threat and Risk, Risk Assessment and Mitigation + Quick fixes, Introduction to BCP / DRP / Incident management, Segregation and Separation of Duties & Roles and responsibilities, IT ACT 2000
Types of assessments for Information Security - VAPT of Networks; Web Appln Audits; IT assessments or audits; Assessment of Network Equipments; Assessment of Security Devices (Web Filtering, Firewalls, IDS / IPS, Routers; Data Center Assessment; Security of Application Software; SAP Security; Desktop Security; RDBMS Security; BCP / DRP assessments; Policy reviews;
Network Security & Common and Popular Tools Used
Windows and Linux security, Types of Audits in Windows Environment: Server Security, Active Directory (Group Policy), Anti-Virus, Mails, Malware, End point protection, Shadow Passwords, SUDO users, etc
Web Application Security: OWASP, Common Issues in Web Apps, What is XSS, SQL injection, CSRF, Password Vulnerabilities, SSL, CAPTCHA, Session Hijacking, Local and Remote File Inclusion, Audit Trails, Web Server Issues, etc
- 0 Reviews
- 1 Students
- 330 Courses
Write a public review