ObjectivesTo provide the knowledge and skills required to evaluate security risks inherent in information systems (workstations, servers, LAN, WAN, intranets, extranets and the Internet), and to identify the measures and policies to be implemented.
Targeted audienceThose in network positions, IT management positions, project management positions, management positions and those seeking vocational retraining.
PrerequisiteKnowledge of computer science.
- Identifying risks and threats
- In-depth defense: gatekeeper, intrusion detection system and decoy systems (honeypots)
- Protecting wireless networks: safely accessing internal resources using virtual private networks
- Managing authentication (password management and two-factor authentication)
- Security of applications, Web sites, application servers and databases, workstations, mobile devices and connected objects
- Better practices/critical security controls according to CIS; Standardized approach: ISO 2700x standards
- Risk analysis, security methods, the role of audits and implementation
- Putting people at the heart of security: organizing the security channel; awareness
- Managing security incidents: preventive action plan and proper responses
- Security and outsourcing
- Security and Cloud Computing
Note: ISO 27001, 27002 and 27005 norms are covered in detail in Course RE201 (27001/27002).