Introduction to Information Security LiveLessons provides technical professionals with a relatively brief, high-level overview of information security concepts, including the fundamental steps needed to secure a system, the types of threats and vulnerabilities they may encounter, and what steps can and should be taken to mitigate those threats and vulnerabilities.

Description

Information security directly impacts virtually every type of business. While related issues appear in the media more and more, it’s typically in a fragmented fashion that really doesn’t help give the people tasked with protecting organizational data and other assets a “big picture” view of what the real threats and vulnerabilities are, or what steps should be taken to mitigate them. In this video training, Scott offers a relatively brief, coherent high-level overview of the various types of threats and what steps can and should be taken in response.

About the Instructor

Scott Aurnou is the Vice-President of SOHO Solutions, a NY-based IT consulting and managed services firm, where he focuses on security and privacy-related issues. Scott uses his combined legal, business, and technical background to help organizations identify and address technology-related risk and market exposure and regularly teaches non-technical executives and professionals about information security and related issues in language they can understand. Scott is also a Certified Information Privacy Professional and Certified Information Privacy Technologist and has authored numerous articles relating to privacy and security.

Skill Level

• Beginner
• Intermediate

• A fundamental understanding of information security threats and vulnerabilities
• The basic steps taken to protect a network
• Mistakes people make and how to counter them
• A fundamental understanding of the non-technical aspects of securing a network
• The basics of reacting to a security incident

• Technical professionals with non-security backgrounds who have been assigned security responsibilities.
• Any professionals, executives, etc. with fundamental technical knowledge who wish to get a basic, high-level overview of security issues in a relatively brief format

• Basic understanding of computers, mobile devices, and related technological concepts
• Familiarity with basic networking and server technology

The LiveLessons Video Training series publishes hundreds of hands-on, expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. This professional and personal technology video series features world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, IBM Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include: IT Certification, Programming, Web Development, Mobile Development, Home and Office Technologies, Business and Management, and more. View all LiveLessons on InformIT at: http://www.informit.com/livelessons .

Table of Contents

Introduction

Introduction to Information Security LiveLessons: Introduction 00:03:10

Lesson 1: Understanding Basic Security

Learning Objectives 00:00:53

1.1 Understand security basics

1.2 Comprehend why all tech personnel need a basic understanding of security

1.3 Appreciate the importance of explaining security to non-tech personnel

Lesson 2: Creating a Secure Environment—First Steps

Learning Objectives

2.1 Appreciate the essential need for leadership buy-in

2.2 Understand risk assessments

2.3 Understand policies and plans

2.4 Understand the importance of cyber liability insurance

2.5 Appreciate the necessity of security awareness training

2.6 Identify information security best practices

Lesson 3: Securing Your Firm’s Network

Learning Objectives

3.1 Recognize primary threats to the network

3.2 Identify the basic steps to mitigate network threats

3.3 Understand perimeter defenses

3.4 Understand network monitoring and related issues

3.5 Understand encryption

3.6 Physically secure network assets

3.7 Use the cloud securely

3.8 Understand vulnerability assessments and pentesting

3.9 Securely dispose of network data and resources

Lesson 4: Consider an Easier Way to Gain a Foothold on a Network—Hacking the Humans Who Use It

Learning Objectives

4.1 Understand social engineering and its effects

4.2 Utilize strong passwords and authentication methods

4.3 Understand the risks that come with using the Web

4.4 Recognize insider threats

Lesson 5: Mitigating Client-Side Threats (Desktops and Laptops)

Learning Objectives

5.1 Address endpoint security

5.2 Recognize and mitigate threats related to remote access

5.3 Identify and address client-side physical security issues

Lesson 6: Protecting Mobile Devices

Learning Objectives

6.1 Identify threats specific to mobile devices

6.2 Recognize the risks associated with BYOD programs

6.3 Properly dispose of mobile devices and data

Lesson 7: Reacting when Something Goes Wrong

Learning Objectives

7.1 Determine what happened

7.2 Institute business continuity/disaster recovery plans

7.3 Respond to a successful attack

Summary

Introduction to Information Security LiveLessons: Summary