This online course will teach you how to keep the information you hold on your computer secure; this may be for an individual or a large company/business. Since the birth of the internet in the early 1990’s information has become increasingly accessible – by everyone. This is the main reason why information security is such high priority for big companies as well users at home.
With this course you will learn:
- To keep information from your computer secure
- The need for security and the different ways it can be compromised
- About data integrity and how it can be backed up safely
- The vulnerabilities of different Operating Systems and how they are exploited
- Understand the need for security policies, planning and implementation of recovery plans
Course Structure
The duration of this online course is 100 hours. This consists of 11 in-depth lessons:
1. Introduction to Information Security
- Need for Security
- Basic Security Concepts
- Security Breaches and Intrusions
- Types of Threats
- Threat Assessment
- Vulnerability Assessment
- Security through Obscurity
- Hackers
- Crackers
- The Difference between Hackers and Crackers
- IP Spoofing
- Blind Spoofing
- Man in the Middle Attack
- Denial of Service
- Distributed Denial of Service
- Phishing
- How to Defend against Spoofing
- What is a Botnet
- Types of bots and their Malicious Use
2. Information Security Ethics
- Ethical Issues facing IT Professionals
- Legal Issues facing IT Professionals
- Intellectual Property Rights
3. Data Integrity and Backing up
- What is Data Integrity
- Protection
- Detection
- Correction
- What is Data backup
- Full backup
- Incremental backup
- Mirror backup
- Offsite backup
- Offsite versus Onsite backup
- Disk based versus Tape based backup
- Online backup
4. Vulnerabilities of Operating Systems and Information Systems
- What is Vulnerability
- Operating Systems and Software Vulnerability
- Running Virus Protection Software
- Updating Security Patches for Software
- Approved Software
- FTP Vulnerability
- Trojan Horses
- Who is at Risk of Trojan Horses
- Protection against Trojans
5. Risk Management
- What is Risk Management
- Key Roles in the Risk Management Process
- Risk Assessment
- Characterising the System
- Identifying Threats
- Control Analysis
- Determining Likelihood Ratings
- Analyzing the Impact
- Determining the Risks
- Controls Recommendations
- Risk Mitigation
- Risk Evaluation
6. Information Security Technologies, Developments and Initiatives
- What is VPN (Virtual Private Network)
- Features and Benefits of VPN
- Components of Remote Access VPN
- Protocols Used in VPN Connections
- Advantages and Disadvantages of VPN
- What is a Firewall
- Main Functions of Firewalls
- Packet Filtering
- Circuit Relay
- Application Gateway
- Firewall Rules
- What are Intrusion Detection Systems (IDS)
- Types of IDS
- IDS versus Firewalls
7. Physical Security
- What is Physical Security?
- Natural Disasters and Controls
- Lightning
- Power Loss
- Fire
- Earthquake
- Liquid Leakage
- The Human Factor
- Locks
- Tokens
- Challenge-response Tokens
- Dumb Cards
- Smart Cards
- Biometric Devices
- Fingerprint Scanners
- Retnal Scan Devices
- Palm Scan Devices
- Hand Geometry Devices
- Facial Recognition Devices
8. Developing a Security Policy
- Introduction
- Need for Security
- Importance of Security Policy
- Developing a Security Policy
9. Implementing and revising a security policy
- Introduction
- Communicating the Security Policy
- Enforcing the Security Policy
- Assessing the Security Policy
- Common Security Policies
- Password Policy
- Access Control Policy
- Displaying a Warning Notice
- Audit Policy
- Server Security Policy
- Automatically Forwarded Emailsa Policy
- Information Sensitivity Policy
- Anti Virus Policy
- Remote Access Policy
- Wireless Communication Policy
10. Business Continuity and Disaster Recovery Planning
- Difference between Disaster Recovery and Business Continuity
- Disaster Recovery Plan
- Business Continuity Plan
11. Information Security Maintenance
Potential Threats
IP Spoofing
IP Spoofing is when people try to unlawfully access a cumputer or information system, like a server, using an IP address of a trusted host.
Non-Blind Spoofing
Non-blind spoofing is simular to IP Spoofing but it requires both the attacker (hacker) and the victim to be on the exact same subnet.
Blind Spoofing
Blind spoofing is a type of sophisticated IP spoofing attack whereby the attacker needs to sample the sequence numbers because the sequence number and the acknowledgment numbers are unreachable. To do so, the attacker will need to send many packets to the target computer and attempt to sample sequence numbers.
“Man in the Middle” attack
A man in the middle attack (also called “MITM attack”) is a term used to refer to both blind spoofing and non-blind spoofing attacks. A man in the middle attack occurs when a malicious party intercepts a communication between 2 legitimate parties. By doing so, the intruder will be able to view, modify, or delete information flowing between the 2 parties without being noticed by the sender or the receiver.
Phishing
Phishing is term used in the world of information security; it refers to a fraudulent attempt to steal a user’s personal information (such as usernames, passwords, date of birth, credit card numbers, bank account logins and passwords, etc.). The main purpose of phishing is to steal money form users, whether from their emails, phone calls, or websites logins (such as internet banking logins).
HOW DOES A WARNBOROUGH ONLINE COURSE WORK?
You can start the course whenever is convenient for you. You will be studying from home and have access to support from our qualified tutors. Practical exercises and research tasks will be set at the end of each lesson – including an assignment. You will submit this assignment to your course tutor, who will mark your work and give you constructive feedback and suggestions.
If you have any questions please contact us.