Information Security

Course CodeBIT203
Fee CodeS2
Duration (approx)100 hours
QualificationStatement of Attainment

Learn to Manage Intellectual Property Better

This is an extremely important area of study in today's world, with relevance to many industries, from IT and Education to writing and publishing.  The creation of intellectual property is expensive in terms of both money and human resources;  extremely valuable and easily stolen. A proper and up to date understanding of information security is something that anyone who deals with intellectual property, should know about.
  • Start any time, work at your own pace, study from anywhere
  • Expert, professional tutors with hands on knowledge of both IT and publishing industries

Lesson Structure

There are 11 lessons in this course:

  1. Introduction to Information Security
    • Need for Security
    • Basic Security Concepts
    • Security Breaches and Intrusions
    • Types of Threats
    • Threat Assessment
    • Vulnerability Assessment
    • Security through Obscurity
    • Hackers
    • Crackers
    • The Difference between Hackers and Crackers
    • IP Spoofing
    • Blind Spoofing
    • Man in the Middle Attack
    • Denial of Service
    • Distributed Denial of Service
    • Phishing
    • How to Defend against Spoofing
    • What is a Botnet
    • Types of bots and their Malicious Use
  2. Information Security Ethics
    • Ethical Issues facing IT Professionals
    • Legal Issues facing IT Professionals
    • Intellectual Property Rights
  3. Data Integrity and Backing up
    • What is Data Integrity
    • Protection
    • Detection
    • Correction
    • What is Data backup
    • Full backup
    • Incremental backup
    • Mirror backup
    • Offsite backup
    • Offsite versus Onsite Backup
    • Disk based versus Tape based Backup
    • Online backup
  4. Vulnerabilities of Operating Systems and Information Systems
    • What is Vulnerability
    • Operating Systems and Software Vulnerability
    • Running Virus Protection Software
    • Updating Security Patches for Software
    • Approved Software
    • FTP Vulnerability
    • Trojan Horses
    • Who is at Risk of Trojan Horses
    • Protection against Trojans
  5. Risk Management
    • What is Risk Management
    • Key Roles in the Risk Management Process
    • Risk Assessment
    • Characterising the System
    • Identifying Threats
    • Control Analysis
    • Determining Likelihood Ratings
    • Analyzing the Impact
    • Determining the Risks
    • Controls Recommendations
    • Risk Mitigation
    • Risk Evaluation
  6. Information Security Technologies, Developments and Initiatives
    • What is VPN (Virtual Private Network)
    • Features and Benefits of VPN
    • Components of Remote Access VPN
    • Protocols Used in VPN Connections
    • Advantages and Disadvantages of VPN
    • What is a Firewall
    • Main Functions of Firewalls
    • Packet Filtering
    • Circuit Relay
    • Application Gateway
    • Firewall Rules
    • What are Intrusion Detection Systems (IDS)
    • Types of IDS
    • IDS versus Firewalls
  7. Physical Security
    • What is Physical Security?
    • Natural Disasters and Controls
    • Lightning
    • Power Loss
    • Fire
    • Earthquake
    • Liquid Leakage
    • The Human Factor
    • Locks
    • Tokens
    • Challenge-response Tokens
    • Dumb Cards
    • Smart Cards
    • Biometric Devices
    • Fingerprint Scanners
    • Retinal Scan Devices
    • Palm Scan Devices
    • Hand Geometry Devices
    • Facial Recognition Devices
  8. Developing a security Policy
    • Introduction
    • Need for Security
    • Importance of Security Policy
    • Developing a Security Policy
  9. Implementing and revising a security policy
    • Introduction
    • Communicating the Security Policy
    • Enforcing the Security Policy
    • Assessing the Security Policy
    • Common Security Policies
    • Password Policy
    • Access Control Policy
    • Displaying a Warning Notice
    • Audit Policy
    • Server Security Policy
    • Automatically Forwarded Emails Policy
    • Information Sensitivity Policy
    • Anti Virus Policy
    • Remote Access Policy
    • Wireless Communication Policy
  10. Business Continuity and Disaster Recovery Planning
    • Difference between disaster recover and business continuity?
    • Disaster recovery plan
    • Business continuity plan
  11. Information Security Maintenance
    • Time Management
    • Networking
    • Management
    • Attitude
    • Procedures
    • Products and Services
    • The Law

CONTROLLING WHO ACCESSES INFORMATION IS IMPORTANT

Internet security is a burning issue in today's world.

This course is a good starting point for learning about something that every organisation, business and individual is increasingly affected by.

A key issue with displaying information on the internet or on any other information system is to make sure that only the authorised people are able to view that information, because confidentiality is a very important attribute when it comes to information security.  In some countries, there is a need to protect the privacy of individuals and prevent unlawful access to their information. This includes, but is not limited to: information stored in banks, hospitals and medical records, medical laboratories and medical research data, the tax office and many others.

When private information is circulating on an insecure network, it may be subject to many forms of misuse, including theft and corruption. Data corruption occurs when information is modified by a third-party, thus resulting in the loss of integrity for this data. It is important to note that information can be modified by people with or without malicious intent; for this reason, it is important to keep confidential information secure at all times, to avoid any accidental tampering (such as human error) or intentional tampering.

Needless to say, it is always important to maintain data integrity during any type of communication, but in critical cases such as EFT (electronic funds transfer), army and security agencies communications, and air traffic control, maintaining data integrity becomes an absolute necessity. This means that extreme care should be taken to prevent data from being deleted, modified, or becoming inaccessible, this resulting in loss of data availability and people won’t be able to access the information when required.

To secure data availability on the network, it is important to reduce network outages as much as possible, because the availability of the network itself is extremely important. If the network is down, network users will not be able to access the network and any resources available on that network.

Most organisations nowadays apply some form of security to restrict unlawful access to data stored on their networks. This is mainly achieved by using authentication and authorisation which will be explained below:

Authentication on a network provides a proof that a network user is indeed the person they are claiming to be, either by asking the user to input a password (something they know), a smartcard (something they have), or a biometric identity print (such as a finger print).

Authorisation on a network provides a proof that a certain network user has the right to read a file, run a program, delete a folder, or perform other network activities.

It is important to understand that authentication and authorisation work together, because a user needs to be authenticated first before they can be authorised to perform network activities.





Check out our eBooks

It's Easy to Enrol

Select a Learning Method

 

$461.00Payment plans available.

Courses can be started at any time from anywhere in the world!

Need Help?

Take advantage of our personalised, expert course counselling service to ensure you're making the best course choices for your situation.