InformationSecurityOverview:Theevolutionofinformationsecurity-Securitymethodology-Howtobuildasecurityprogram-StrategyandTactics-BusinessProcessesvs.Technical controls-Risk Analysis -Threat Definition -Types of Attacks - Security Organization -Rolesand Responsibilities- Managed Security Services.
DataSecurity:AuthenticationandAuthorization-SecuringUnstructuredData–Information Rights Management - Overview - IRM Technology - Storage Security Evolution -Modernstorage security -Risk Remediation- BestPractices -Database Security.
NetworkSecurity:SecureNetworkdesign-Performance-Availability-Security-Network Device Security - Network Hardening - Wireless Network Security - Radio frequencysecurity basics- wireless vulnerabilities and mitigations - Wireless Intrusion Detection andprevention-VoIP vulnerabilities andcountermeasures.
ComputerSecurity:Operatingsystemsecuritymodels-Operatingsystemmodels-classic security models - Reference Monitor - Securing Infrastructure Services - E-mail - WebServers-DNS Servers-ProxyServers - SecuringMobile Devices -Secure Applicationdesign.
ApplicationSecurityandSecurityOperations:Secureapplicationdesign-securedevelopmentlifecycle-applicationsecuritypractices-Webapplicationsecurity-Clientapplication Security - Remote Administration Security - Writing Secure Software - SecurityOperationsManagement- IncidentResponse and ForensicAnalysis - Physical Security.
Reference Book:
1. MichaelE.Whitman,HerbertJ.Mattord,PrinciplesofInformationSecurity,ThompsonCourseTechnology, 2003. ISBN: 981-243- 862-9. 2. CharlesP.PfleegerandShariLawrencePfleeger,SecurityinComputing,FourthEdition,PearsonPrentice Hall, 2007 ISBN-10:0132390779 ISBN-13: 9780132390774
Text Book:
MarkRhodes-Ousley,InformationSecurity:TheCompleteReference,SecondEdition,McGraw-HillEducation,May 2013,ISBN: 0071784357.