Description
In cooperation with industry best-practices and a wealth of corporate experience, Redmond Worldwide has released the Educational Audio Series entitled: Cyber Security. This library was developed specifically for individuals in the business of Continuity Management and provides experience-rooted advice and expert direction for end-to-end continuity management and planning. This set includes:
- 6 Segments Plus Workbook
- 6 Continuing Ed Points from DRII
Session One
- About Cyber Terrorist – Learning About The Enemy
- Tools of Their Trade
- Equipment Used to Attack
- Personnel and Training
Session Two
- Access Control and Identification
- Security Management Controls
- Physical security
- Computer security
- Identification and authentication (I&A)
- Authorization
- Accountability
- Access Control Techniques
- Discretionary Access Control
- Mandatory Access Control
- Telecommunication
- Policy
- Application security
- Common exploits
- Security testing for applications
Session Three
- Incident Reporting And Response Planning And Recovery Plans
- Information Security and Risk Management
- Basic Principles of Information Security
- Confidentiality, integrity, availability
- Risk management
- Types of controls
- Security classification for information
- Access control
- Cryptography
- Information security as a process
- Security planning
- Incident response plans
- Change management
- Disaster recovery planning
- Steps in the risk management process
- Establish the context
- Identification
- Assessment
- Risk Mitigation Plan
- Implementation
- Review and evaluation of the plan
- Areas of risk management
- Enterprise risk management
- Project Management
Session Four
- Operations Security
- Counter Intelligence
- Information Security (INFOSEC)
- Transmission Security (TRANSEC)
- Communications Security (COMSEC)
- Signal Security (SIGSEC)
- Systems Security
- Physical (Environmental) Security
- Elements
- Design
Session Five
- Security Architecture and Design
- Access control list (ACL)
- Capability-based security
- Multi-level security (MLS)
- Role-based access control (RBAC)
- Lattice-based access control (LBAC)
- Modeling
- Telecommunications and Network Security
- Intrusion Detection
- Types of Intrusion-Detection systems
- Passive system vs. reactive system
- IDS evasion techniques
-
Control Objectives for Information and related Technology (COBIT)
-
European Union Agency for Network and Information Security (ENISA)
-
Federal Financial Institutions Examination Council (FFIEC)
-
Health Insurance Portability and Accountability Act (HIPAA)
-
National Institute of Standards and Technology (NIST)
-
Payment Card Industry Data Security Standard (PCIDSS)
-
ISO/IEC 27001
-
ISO/IEC 27002
-
ISO/IEC 27003
-
ISO/IEC 27004
-
ISO/IEC 27005
-
ISO/IEC 27007
-
ISO/IEC 29100
-
ISO/IEC 38500