Managing IT Security
What will you learn?
On completion of this course, delegates will be able to;
- Describe some examples of security breaches
- Identify the three aspects of security and which are most important for particular information systems
- Perform simple information risk assessments
- Explain how to derive policies from business requirements
- Identify the main laws applying to ICT operations, and their implications for computer and network operators
- Identify various approaches to reducing threats and those most likely to be effective against a particular threat
- Describe the main sources of information for detecting and responding to incidents
- Describe the activities required for effective incident response
- Identify common mistakes in the use of passwords and how these are exploited
- Describe some types of social engineering attack
- Describe some different applications of cryptographic technologies
- Discuss the types of policy and process required to make effective use of cryptography
- Explain the stages in a typical computer intrusion and how these can be prevented
- Discuss the two approaches to designing firewall policies
- Explain some threats against which firewalls are not effective
- Discuss some new technologies that challenge the traditional perimiter security model
Course Overview
The security of computer, data and networks is now a matter of importance to everyone who uses them. Computers connected to a network, whether local or wide area, are exposed to many threats against their effective operation and the safety and privacy of the data they hold.
Topics Covered
- Thinking About Security
- What's the Problem
- Risk Management and Policies
- Legal Issues
- Tools for Security
- Detection and Response
- People Security
- Data Security
- System Security
- Network Security
- Next Step
Benefits
This course aims to provide an overview of the security aspects of computer networks from the managerial perspective and focuses on prevention through effective policy and procedures. This is supported by an opportunity for delegates to discuss issues with their peers and the course facilitator.
Who should attend?
This course will be of benefit to any managerial staff responsible for their organisations information security. Delegates should also have an understanding of telecommunication networks and their organisations LAN as well as basic system administration of clients and servers.
Timetable/On the Day
The course will run between 1000 and 1630. Registration will take place between 0930 and 1000. The timetable during the day will be adjusted to allow discussion of areas of particular interest to the audience.
All delegates will receive a specifically written course workbook. Each delegate will also receive a copy of the UCISA Information Security Toolkit document.
A buffet lunch and refreshments will be provided.
Related Courses
