Security Operations, Risk Management, Human Element and Physical Security
Module Overview
In this module we will focus on various important topics in information security. We will start with operational security, discuss how to identify the risks pertinent to security of information and operations and how to manage them.
We will continue with issues that pertain to the human element of information security, in particular we focus on measures to minimize effects of human factor in security. These measures are related to security awareness training, protecting data, passwords, social engineering, network usage, malware, use of personal equipment on corporate networks, clean desk policies, and policy and regulatory knowledge. We will address main categories of physical security controls, to include deterrent, detective, and preventive measures, and discuss how they might be put in place to mitigate physical security issues.
Module Objectives
By the end of this module you should be able to:
- Define the terms vulnerability, threat, and risk. (CO1)
- Identify threats, vulnerabilities, and risks in a given scenario. (CO1,CO2)
- List the main steps in risk management in information security. (CO2,CO7)
- Define the terms Single Loss Expectancy (SLE), Annual Loss Expectancy (ALE), Annual Rate of Occurence (ARO), Cost-benefit analysis. (CO1,CO7)
- Perform basic qualitative and quantitative risk analysis in information security.(CO7)
- Discuss the significance of security policy as a main tool in protecting information.(CO8)
- Evaluate a security policy to identify vulnerabilities.(CO8)
- Define the terms Business Continuity Plan (BCP) and Data Recovery Plan (DRP) and describe the relationship between them.(CO1,CO8)
- Discuss the human factor in information security and measures for defending against it.(C02,CO3)
- Describe main categories of physical security controls. (CO3)
Task List
The tasks included in this module are:
Online:
- Study the presentation in the module
- Complete the lab
- Complete module 6 reflection assignment