Fundamental principles of Information Technology Security and Risk Management: Hardware software processes communications applications and policies and procedures of organizational cyber security and risk management.
Describe the fundamental principles of information technology security. define the concepts of threat evaluation of assets information assets physical operational and information security and how they are related.
Evaluate the need for the careful design of a secure organizational information infrastructure.
Perform risk analysis and risk management. determine both technical and administrative mitigation approaches. explain the need for a comprehensive security model and its implications for the security manager or Chief Security Officer (CSO).
Create and maintain a comprehensive security model. apply security technologies.
Define basic cryptography its implementation considerations and key management.
Design and guide the development of an organization’s security policy
Determine appropriate strategies to assure confidentiality integrity and availability of information.
Apply risk management techniques to manage risk reduce vulnerabilities threats and apply appropriate safeguards/controls.
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.