What is this course about?

Organisations today increasingly rely on the Internet and networked systems to conduct business. At the same time, cyber crime and security violations pose an ever-growing threat to business-critical functions and data. To mitigate security threats, safeguard sensitive data and maintain business continuity, it is essential that computers and networks be protected.

In this course, you gain the knowledge and skills to effectively and accurately analyse the security risks to your computer and network systems. You also learn how to view security from the standpoint of the attacker, enabling a more successful implementation of Internet and system defenses. The issues of authenticity, confidentiality, integrity, and availability form the core of the necessary analysis.

Whatever your business environment, there are steps you can take today to help ensure the integrity and confidentiality of your data.

Is this course only valuable for those interested in threats from the Internet?

No. While the course often uses the Internet as an example of an external network, the techniques discussed are equally applicable to all external network connections, including virtual private networks (VPNs), extranets and interdepartmental networks.

What is a security policy and why do I need one?

A security policy is the formal document that describes an organisation's system security issues and how they are addressed. This essential document is developed by assessing the costs of security violations and the likelihood of a particular attack or attacks occurring.

Preparing a security policy involves analysing an organisation's risks, selecting those that must be guarded against, and articulating a policy for addressing those risks. Without such a policy, it is impossible to determine the extent to which security measures may protect the organisation.

Who will benefit from this course and why?

This is a valuable course for all managers, network and system administrators, technical staff, support personnel, and others responsible for the security of their organisations' data and systems. In fact, most members of an organisation has some responsibility for security, regardless of whether or not they have the authority to implement all aspects of a security policy. From the course's treatment of countermeasures, participants learn how they as individuals can prevent possible internal or external attacks.

What background do I need?

Some experience using computers and a Web browser as well as an understanding of the need for computer security is assumed.

Will this course help me prepare for the CISSP Certification examination?

Yes, this course helps you prepare for multiple domains on the CISSP Certification exam. For more information, please refer to the CISSP Q&A.

Does this course provide me with (ISC)² continuing professional education (CPE) credits?

Yes! This course provides you with 32 "A-level" CPE credits toward maintaining your CISSP Certification. Please see the CISSP Q&A for more information on the continuing education requirements of (ISC)².

How much time is spent on each topic?

What workshops are included in the course?

Approximately 30 percent of the course is spent on workshops. Participants use popular computer security tools to test system and network security, and secure systems and communication.

In addition, participants research topical security issues of personal interest to them via the Internet and present the results of their research to the other participants.

Is this course specific to either Linux or Windows?

No. Linux and Windows operating systems are discussed equally. Both are in common use in many companies and issues behind each of these systems are important. TCP/IP is used as a model protocol because of its vast deployment and because it is the protocol used on the Internet.

How does this course relate to other Learning Tree courses?

Related Internet and security courses that may be of interest are:

• 940, Securing Web Applications, Services and Servers: Hands-On provides in-depth, hands-on experience securing Web-based applications and host servers within your organisation
• 433, UNIX® and Linux® Security: Hands-On provides the knowledge and skills you need to establish security for UNIX platforms
• 536, Computer Forensics and Incident Response: Hands-On provides you with extensive experience in the latest Windows-based computer forensic techniques
• 2005, Achieving ISO/IEC 27002 Security Foundation Certification prepares you for the EXIN ISF Certification exam based on ISO/IEC 27002