Course

Course Summary
Credit Type:
Course
ACE ID:
ISCT-0001
Organization:
International Information System Security Certification Consortium ISC2
Location:
Classroom-based
Length:
40 hours
Dates Offered:
Credit Recommendation & Competencies
Level Credits (SH) Subject
Lower-Division Baccalaureate 2 Information Security, Cyber Security, or Computer Security
Description

Objective:

The course objective is to provide a comprehensive review of the knowledge required to implement, monitor and administer IT infrastructure in accordance with information security policies and procedures that ensure data confidentiality, integrity and availability. Taught by an (ISC)²-authorized instructor, the course covers seven Domains, including domain 1: access controls; domain 2: security operations and administration; domain 3: risk identification, monitoring and analysis; domain 4: incident response and recovery; domain 5: cryptography; domain 6: network and communications security; and domain 7: systems and application security.

Learning Outcomes:

  • Understand the different access control systems and how they should be implemented to protect the system and data using the different levels of confidentiality, integrity and availability
  • Identify and differentiate key cryptographic concepts and how to apply them, implement secure protocols, key management concepts, key administration and validation, and Public Key Infrastructure as it applies to securing communications in the presence of third parties
  • Define and identify the networks and communications security needed to secure network structure, data transmission methods, transport formats, and the security measures used to maintain integrity, availability, authentication and confidentiality of the information being transmitted
  • Understand the processes necessary for working with management and information owners, custodians and users so that proper data classifications are defined. This will ensure the proper handling of all hard copy and electronic information as it is applied by the security operations and administration
  • Identify, measure and control losses associated with adverse events, and review, analyze, select and evaluate safeguards for mitigating risk
  • Identify how to handle incident response and recovery using consistent, applied approaches including the use of the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) concepts to mitigate damages, recover business operations, avoid critical business interruption, and apply emergency response and post-disaster recovery
  • Identify and define technical and non-technical attacks and how an organization can protect itself from these attacks including the concepts in endpoint device security, cloud infrastructure security, securing big data systems and securing virtual enviro

General Topics:

  • Domain 1: access controls
  • Domain 2: security operations and administration
  • Domain 3: risk identification, monitoring and analysis
  • Domain 4: incident response and recovery
  • Domain 5: cryptography
  • Domain 6: network and communications security
  • Domain 7: systems and application security
Instruction & Assessment

Instructional Strategies:

  • Audio Visual Materials
  • Case Studies
  • Classroom Exercise
  • Discussion
  • Laboratory
  • Lectures
  • Practical Exercises

Methods of Assessment:

  • Examinations

Minimum Passing Score:

70%
Supplemental Materials