Security Concepts and Practices

Course 1 - Security Concepts and Practices This is the first course under the specialization SSCP. In this course, we will focus on the core aspects of security concepts and practice, starting with the importance of codes of ethics. We will then cover the basic principles of information security and move on to describe security controls, their implementation, maintenance, and assessment. We will also address the identification of corporate assets and the change management life cycle. We will then explain the importance of awareness and training and conclude with an exploration of physical security operations. Course 1 Learning Objectives After completing this course, the participant will be able to: - Recall the ISC2 Code of Ethics. - Explain the importance of an organizational code of ethics in the cybersecurity profession. - Compare the security concepts of confidentiality, integrity, and availability. - Apply accountability in the implementation of certain data protection controls. - Explain the concept of non-repudiation. - Discuss the concept of least privilege. - Indicate the importance of segregation of duties. - Differentiate technical, physical, and administrative security controls. - Relate security controls to considerations of assessing compliance requirements and organizational needs. - Indicate the importance of periodic audit and review of security controls. - Categorize various control types or technologies based on their different roles as part of an overall security structure and posture. - Summarize the security of assets all through the stages of their life cycle. - Examine operational requirements of change management. - Categorize security education and awareness strategies. - Define measurements for gauging the effectiveness of a security education and awareness program. - Indicate strategies that security professionals can use to collaborate with physical security operations. Who Should Take This Course: Beginners Experience Required: No prior experience required

• Recall the ISC2 Code of Ethics
• Explain the importance of an organizational code of ethics in cybersecurity
• Compare confidentiality, integrity, and availability concepts
• Apply accountability in data protection controls
• Explain the concept of non-repudiation
• Discuss the principle of least privilege

• No prior experience required