Module 4 - Security
Lesson Description
This lesson looks at the other facets of security that come into play when thinking about cyber security in general. Starting with physical and personnel security, it then moves into the secure development process, security best practice and ends with an introduction to security architecture.
Learning Objectives
The objectives of this lesson are to provide you with and understanding of:
- Physical security - lighting, CCTV, fencing, intrusion detection, screening, destruction, UPS and generators, access and control of entry
- People, employees, contractors, customers (resource, vulnerability, threat), recruitment, screening, Social Engineering, Common People Exploits, T&C's, in role, change in role, termination, insider threat, supply chain challenges
- Secure by Design, Secure Development Life Cycle (SDLC)
- Reduce the attack surface, defense in depth, test security, weaknesses and vulnerabilities, secure coding, learn from mistakes
- Security design architecture, enterprise design frameworks (TOGAF, ZACHMAN, SABSA), patterns (NCSC, Open Security Architecture)
Intended Audience
This lesson is ideal for members of cyber security management teams, IT managers, security and systems managers, information asset owners and employees with legal compliance responsibilities. It acts as a foundation for more advanced managerial or technical qualifications.
Prerequisites
There are no specific pre-requisites to study this lesson, however a basic knowledge of IT, an understanding of the general principles of information technology security, and awareness of the issues involved with security control activity would be advantageous.
Feedback
We welcome all feedback and suggestions - please contact us at support@cloudacademy.com if you are unsure about where to start or if would like help getting started.