Integrated Process Engineering and Auditing solution for compliance
with: SOX, SAS 70,
CMM and ISO 9001
Click here to review book and place order
Computer Security
 
Overview: The decentralization of information resources and the advent of distributed processing have introduced additional threats against corporate information resources. Compared to other assets in the organization, information resources are most susceptible to danger inflicted by disgruntled workers, hackers and natural disaster. In today's information age, the most valuable assets of any corporation are its information resources.
   
Course Objectives:
• To provide the knowledge needed to identiy and adequately planning for threats involving the use of computer systems.
• To provide an understanding of the pitfalls inherent in the use of computers and how to plan against them.
• To provide an understanding of the legal, ethical and managerial issues associated with the use of computers.
• To provide and understanding of security requirements related to microcomputers, databases, computer networks, data communications equipment and mainframe systems.


Target Audience:
• Corporate IT Executives
• IT Managers
• Systems Engineers
• Systems Analysts
• Software Developers
• Quality Assurance Specialists
• Auditors


Prerequisite: This course assumes some knowledge of computer systems and at a minimum, one computer programming language.
   
ISC-6002 Computer Networks Course Content Specification
OVERVIEW DATABASE SECURITY Confinement
Types of Security Breaches Database Security Design Memory and Addressing
Human Factors Multi-level Security File Protection
Security Planning Server Security CONTINGENCY PLANNING
Risk Analysis Client Security Backup Recovery
HARDWARE SECURITY Data Reliability and Integrity Redundancy
Hardware Security Data Sensitivity Cold Site/Hot Site
Operating System Hardware Control Inference Issues Insurance
Access Controls NETWORK SECURITY Natural Disaster
SOFTWARE SECURITY Identification and Authentication MANAGEMENT ISSUES
Types of Software Threats Communications Media Personnel Training
The Orange Book Data Integrity Security Personnel
Configuration Management Digital Signal Transmission Ongoing Evaluation
Software Controls Analog Transmission Enforcement
Modularity and Encapsulation Dedicated Communications Commitment
Information Access Threats Switched Communications Security Requirements
Information Service Threats Access Control Awareness
ENCRYPTION/DECRYPTION Traffic Control Periodic Reviews
Data Encryption Standards Trusted Interfaces Segregation of Duties
Encryption Technique Active Node Threats LEGAL ISSUES
Decryption Technique O/S SECURITY Patents
Monoalphabetic Substitution NCSC Certification Copyrights
Cipher Techniques Operating Security Design Software Piracy
Polyalphabetic Trusted Software Legislation
Encryption Guidelines Trusted Privileges VIRUSES
Public Keys Compartmentalization Types of Viruses
Private Keys Access Log Preventive Measures

 
Copyright © 1999-2008 Independent Software Certification