Introducing IA DescriptionInformation assurance (IA) is the practice of managing risks related to the use, processing, storage, and transmission of information or data and the systems and processes used for those purposes. While focused dominantly on information in digital form, the full range of IA encompasses not only digital but also analog or physical form. Information assurance as a field has grown from the practice of information security which in turn grew out of practices and procedures of computer security.
Course ObjectivesUpon completing the course, the participants will be able to:
- Understand IA models and technologies
- Describe the concepts of IA, like DID (Defence-In-Depth) and more
- Explain the use of components and definitions of IA (confidentiality, integrity, availability) according to the context of given organization (based on security levels)
- Understand how the IA models are used in modern environments: from physical security to application development cycles
Topics
- IA basics
- IA definitions and concepts
- IA models: CIA, Five Pillars, Parkerian Hexad (authenticity, utility, and possession)
- IA processes
- Defence In Depth
- Cyber IA
Target AudienceSecurity Officers, Security Personnel, CSOs, CROs, CTOs, Application Developers PrerequisitesBasic knowledge in security Duration2 Days Outline
- What is IA
- History of IA
- Brief - Known Models of IA
- IA processes
- IA standards (ISO, BSI)
- IA definition
- Countermeasures
- Confidentiality
- Integrity
- Availability
- Authentication
- Authenticity
- Non-repudiation
- Utility
- C-I-A
- Five Pillars
- Parkerian Hexad
- Audits
- BIA
- Vulnerability Assessment
- IA in BCP and DRP
- IRP and CERT
- Tier Defence
- Event Correlation
- Known Frameworks (Risk IT, CobiT, PCI DSS, ISO 17799 or ISO/IEC 27002)
- Social Engineering
- Law and Regulations
- Cloud IA
- Internet vs LAN
- IA and Decision making (Logical Information vs Physical Information)
- Conventional Weaponry
.jpg?id=3589855)