Information Security Roles, Learning Objectives

Implementing Security Education, Training, and Awareness

Security Education Training and Awareness (SETA) program begins after the information security program has been in place. Program offers 3 major benefits

·         Program improve employee benefits

·         Inform members of the organization about where to report violations of policy.

·         Enable the organization to hold employees accountable for their actions.

Employee accountability is necessary to ensure that the acts of an individual do not threaten the long-term viability of the entire organization.

Learning Objectives

Understanding of:

·         Access control systems and methodology

·         Applications and systems development

·         Business continuity planning

·         Cryptography

·         Law, Investigation, and ethics

·         Operations security

·         Physical security

·         Security architecture and models

·         Security management practices

·         Telecommunications, network and Internet Security.

Accomplishment In:

·         Firewalls

·         IDSs

·         Access Controls

·         Vulnerability assessment

·         Operating System Security

·         Cryptography

Mastery of:

·         Firewall ACLs

·         Firewall architecture

·         Firewall generations

·         Proxy services

·         DMZ configuration

·         VPN configuration

·         Remote firewall management.

Source: Management of Information Security by Michael E Whitman and Herbert J. Mattord