Ads block

Aktu Notes | Security Assessment and Risk Analysis Notes | HTCS 601 Notes

Aktu Notes | Security Assessment and Risk Analysis Notes | HTCS 601 Notes

AKTU Notes | Security Assessment and Risk Analysis Notes


Security Assessment and Risk Analysis [HTCS 601] Notes Unit 1 LINK


Security Assessment and Risk Analysis [HTCS 601] Notes Unit 2 LINK


Security Assessment and Risk Analysis [HTCS 601] Notes Unit 3 LINK


Security Assessment and Risk Analysis [HTCS 601] Notes Unit 4 LINK


Security Assessment and Risk Analysis [HTCS 601] Notes Unit 5 LINK

_______________________

Syllabus

Unit I
SECURITY BASICS: Information Security (INFOSEC) Overview: critical information
characteristics – availability information states – processing security
countermeasures-education, training and awareness, critical information , characteristics – confidentiality critical information characteristics – integrity, information states – storage, information states – transmission, security , countermeasures- policy, procedures and practices, threats, vulnerabilities.

Unit II
Threats to and Vulnerabilities of Systems: Threats, major categories of threats (e.g., fraud, Hostile Intelligence Service (HOIS). Countermeasures: assessments (e.g., surveys, inspections).
Concepts of Risk Management: consequences (e.g., corrective action, risk assessment), cost/benefit analysis and implementation of controls, monitoring the efficiency and effectiveness of controls (e.g., unauthorized or inadvertent disclosure of information).

Unit III
Security Planning: directives and procedures for policy mechanism.
Contingency Planning/Disaster Recovery: agency response procedures and
continuity of operations, contingency plan components, determination of backup
requirements, development of plans for recovery actions after a disruptive event.

Unit IV
Personnel Security Practices and Procedures: access authorization/verification
(need- to-know), contractors, employee clearances, position sensitivity, security
training and awareness, systems maintenance personnel.
Auditing and Monitoring: conducting security reviews, effectiveness of security
programs, investigation of security breaches, privacy review of accountability
controls, review of audit trails and logs.

Unit V
Operations Security (OPSEC): OPSEC surveys/OPSEC planning INFOSEC: computer security – audit, cryptography-encryption (e.g., point-to-point, network, link).
Case study of threat and vulnerability assessment.

No comments:

Post a Comment