Fundamentals of Information Security

Unit 1: Overview of Information Security

 What is Information and why should be protect it?

 Information Security
o Threats
o Frauds
o Thefts
o Malicious Hackers
o Malicious Code
o DenialofServices Attacks
o Social Engineering
 Vulnerability
 Risk
o Risk
o Types Risk – an introduction Business Requirements Information Security
 Definitions Security Policies
o Tier1 (OriginationLevel)
o Tier2 (Function Level)
o Tier3 (Application/Device Level)
o Procedures
o Standards
o Guidelines

Unit 2: Information Asset Classification

 Why should we classify information?

 Information Asset
o Owner
o Custodian
o User
 Information Classification
o Secret
o Confidential
o Private
o Public
o Declassification
o Reclassification
o Retention and Disposal of Information Assets
o Provide Authorization for Access
o Owner Custodian User

Unit 3: Risk Analysis & Risk Management

 Risk Analysis Process

  Asset Definition
 Threat Identification
 Determine Probability of Occurrence
 Determine the Impact of the Threat
 Controls Recommended Risk Mitigation
 Control Types
 Categories
 Cost/Benefit Analysis

Unit 4: Access Control

 User Identity and Access Management

 Account Authorization
 Access and Privilege Management System
 Network Access Control
 Operating Systems Access Controls
 Monitoring Systems Access Controls
 Intrusion Detection System
 Event Logging
 Cryptography

Unit 5: Physical Security

 Identify Security Issuesto Assets and Protection mechanism

o Security aspects – Security of man, material
o Information such as file
o Commercial formula & technical information
o Design, sketches, models, cassettes etc.
o Information security
o Computer hardware, software and liveware security
o Computer based financial frauds and computer viruses and worms, Current
and future danger posing corporate executives.
 Perimeter Security
 Fire Prevention and Detection
 Safe Disposal of Physical Assets.
 Security devices
o Access Control System – Identity, screening, movement control, computer
security systems;
o Security alarm systems
o Fire alarm systems – Fire prevention and precautions, protective equipment;
o Deployment of Dog squad,
o Emergency preparedness plan
o Security guards – Duties and responsibilities
o Modern Sophisticated equipment’s.
Unit 6: Emerging Technologies

 Introduction to Cloud Computing

o Concepts
o Fundamentals of Cloud Computing
o Types of clouds
o Security Design and Architecture
o Cloud Computing Service Models
o The Characteristics of Cloud Computing
o Multi Tenancy Model
o Cloud Security Reference Model
o Cloud Computing Deploying Models

 Cloud Identity and Access Management

o Identity Provisioning
o Authentication
o Key Management for Access Control
o Authorization
o Infrastructure and Virtualization Security
o Hypervisor Architecture Concerns
 Internet of Things
o Overview of IoT
o Key Features of IoT
o IoT Architecture
o Impact of IoT on Business
o Examples of IoT
o Advantages and Disadvantages of IoT
o IoT Hardware
 IoT Sensors
 Wearable Electronics
 Standard Devices
o IoT Software
o IoT technology and Protocols
o IoT Common Issues
o IoT applications Domains
o IoT Liability
o IoT Security and Threats
 Mitigation

 Blockchain & Crypto currency

o Blockchain
 Introducing Block chain
 Public Vs. Private Blockchains
 Data storage: What is a Blockchain?
 Data Distribution: How is new data communicated?
 Consensus: How do you resolve conflicts?
 Write Access: How do you control who can control your data?
 Defence: How do you make it hard for hackers?
  Incentives: How do you pay validators?
o Crypto currency
 Introduction to Cryptography and Cryptocurrencies
 How Bitcoin Achieves Decentralization
 Mechanics of Bitcoin
 How to Store and Use Bitcoins
 Bitcoin Mining
 Bitcoin and Anonymity
 Community, Politics, and Regulation
 Alternative Mining Puzzles
 Bitcoin as a Platform
 Altcoins and the Cryptocurrency Ecosystem
 Decentralized Institutions: The Future of Bitcoin?
 SCADA Security
o Introduction to SCADA
 SCADA Systems
 Evolution of SCADA Systems
 Objectives of SCADA SYSTEMS
 Functions and usage of SCADA
 Components of SCADA
o SCADA in Process Control
o SCADA in Applications
o Real-time monitoring and control using SCADA
o Exploitation of SCADA
o Industrial Control System, Controllers and RISK
o ICS Security Architecture
o Applying security controls to ICS
o Regulatory Compliance