Security Concepts

Module 2: The Security Concepts lectures and labs provide information regarding tried and true industry standard defensive security concepts, which lay the supportive groundwork for addressing real-world attacks. In this section, we go over various terms used by defensive specialists; cover the CIA triad; discuss a popular attacker methodology model; introduce Defense-in-Depth as a fault-minimizing framework; and then finish up with a discussion about various regulation and policy-focused sources to consider when generating a customized defense.
 
Objectives:
  • Understand the CIA triad
  • Become familiar with a methodology favored by attackers
  • Grasp the importance of the Defense-in-Depth model in protecting sensitive data and assets, regardless of device or format
  • Introduce US government and international standards organizations, and US regulatory/industry watchdog groups, along with their documentation resources
 
WASHINGTON D.C ONLY
Additional labs in module 2 for the 2-day course include:
  • Fixing a Company BCP, DRP and CIRP - Students will become familiar with the Business Continuity Plan (BCP), Business Impact Assessment (BIA), Disaster Recovery Plan (DRP) and Computer Incident Response Plan (CIRP). During the course of the lab, students will perform a gap analysis using the provided BCP, BIAs and DRP, and make the necessary fixes to the DRP.