The evolution of information security-Security methodology- How to build a security program-Strategy and Tactics-Business Processes vs. Technical controls- Risk Analysis -Threat Definition -Types of Attacks - Security Organization - Roles and Responsibilities - Managed Security Services.
Authentication and Authorization - Securing Unstructured Data – Information Rights Management - Overview - IRM Technology - Storage Security Evolution - Modern storage security - Risk Remediation - Best Practices - Database Security.
Secure Network design - Performance - Availability - Security - Network Device Security - Network Hardening - Wireless Network Security - Radio frequency security basics - wireless vulnerabilities and mitigations - Wireless Intrusion Detection and prevention - VoIP vulnerabilities and countermeasures.
Operating system security models - Operating system models - classic security models - Reference Monitor - Securing Infrastructure Services - E-mail - Web Servers - DNS Servers - Proxy Servers - Securing Mobile Devices - Secure Application design.
Secure application design - secure development lifecycle - application security practices - Web application security - Client application Security - Remote Administration Security - Writing Secure Software - Security Operations Management - Incident Response and Forensic Analysis - Physical Security.
Reference Book:
1. Michael E. Whitman, Herbert J. Mattord, Principles of Information Security, Thompson Course Technology, 2003. ISBN: 981-243- 862-9 . 2.Charles P. Pfleeger and Shari Lawrence Pfleeger, Security in Computing, Fourth Edition, Pearson Prentice Hall, 2007 ISBN-10: 0132390779 ISBN-13: 9780132390774 3. William Stallings, Cryptography and Network Security, Fourth Edition, Prentice Hall, 2006. ISBN: 81-203- 3018-8.
Text Book:
Mark Rhodes-Ousley, Information Security: The Complete Reference, Second Edition,McGraw-Hill Education, May 2013,ISBN: 0071784357.
