In this course, you will explore information security through some introductory material and gain an appreciation of the scope and context around the subject. This includes a brief introduction to security management and network and computer security that allows you to begin the journey into the study of information security and develop your appreciation of some key information security concepts.
The course concludes with key aspects of information risk and security management, in addition, summaries some of the key aspects in computer and network security, including some appreciation of threats, attacks, exploits and vulnerabilities as well as a discussion around a simple model of the information security industry and explores skills, knowledge and roles so that you can determine and analyses potential career opportunities in this developing profession and consider how you may need to develop personally to attain your career goals.
2. Course Objective
The objective of this course is to equipped students with the basic knowledge how to gather initial digital footprint and investigation as part of the competition.
- To learn basics of information security, in both management aspect and technical aspect.
- To understand of various types of threats and attacks, and learn methods to prevent, detect and react to it.
- To learn basics of application and network security.
3. Course outcome
After completed this course, the participants will be able to:
- Understand the principles of organizational security and the elements of effective security policies
- To become able to explain various Information security threat and controls for it.
- Understand the importance of security management.
- Understand the appropriate security measures against threats.
4. Pre-requirement of the participants
The participant needs to have:
- Basic knowledge on Information Technology and Operation System (Windows and Linux)
- Familiar with networking, Internet and e-mail concept
- Basic knowledge in Linux
- Bring your own laptop
5. Course Outline
|08.30 – 11:30||Module 1 – Cyber Crime and AttackComputer related CrimesCyber AttackThreat Actor||3h|
|08.30 – 11:30||Module 2 – Information SecurityInformation Security PrincipleNecessity of Information SecuritySecurity Policy||3h|
|08.30 – 11:30||Module 2 – Information SecurityThreats to informationRisk AnalysisTechnical Security Measure||3h|
|08.30 – 11:30||Module 3 – Introduction to ISO 27001Standard and Control||3h|
|08.30 – 11:30||Module 4 – Threats and VulnerabilitiesWhat is Threat?Threats on the network||3h|
|08.30 – 11:30||Module 4 – Threats and Vulnerabilities Application Security||3h|
|08.30 – 11:30||Module 5 – Unauthorized Access MethodsOutline UnauthorizedReconnaissance Stage||3h|
|08.30 – 11:30||Module 5 – Unauthorized Access MethodsAttack StageDemo||3h|
|08.30 – 11:30||Module 6 – Countermeasure on ServerDNS ServerWeb ServerMail ServerFTP||3h|
|08.30 – 11:30||Module 7 – Detection of Unauthorized accessTCP DumpIDS (Snort)/IPSSyslog (system logger)Firewalls and Perimeter Defenses||3h|