This course is a comprehensive study of the techniques used to protect information infrastructure and assets, with a primary focus on the Defense In Depth model that emphasizes the role of people, process and technology. Topics include security problems in computing, networks and distributed systems, and the criticality of the CIS triad; confidentiality, integrity and availability of technology-based resources.
- Develop solutions based on data developed from security assessments to prepare comprehensive security plans that include security procedures, training, and technology.
- Design for implementation the preventive, detective and corrective tools and procedures used to monitor the information security posture of an organization.
- Review operating system and application vulnerability assessments and compliance auditing across multiple platform and application environments.
- Assist in the selection, configuration, and maintenance of security software and utilities in line with the vulnerability assessment life-cycle.
- Develops and implement automated procedures to conduct assessments.
- Works with organizational management to develop information security standards, procedures and guidelines across multiple platform and application environments.
- Develops the development, testing and implementation of security policy, standards and risk mitigation techniques.
- Provides technical expertise and support in risk assessments and in implementation of information security planning and procedures.
- Develops and maintains an ongoing IT security awareness and employee training program.
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.