Information Security Management Fundamentals for Non-Techies from Udemy

What's inside

Learning objectives

Understand the fundamentals of information security management
Have a working understanding of the many aspects of it security

Be prepared for more advanced information security courses
Better protect your business & i.t. infrastructure

Understand the fundamentals of information security management
Have a working understanding of the many aspects of it security
Be prepared for more advanced information security courses
Better protect your business & i.t. infrastructure

Syllabus

Course Introduction

Welcome to the Course!

Why Learn Information Security Management From Me?

What This Course Is & What It Isn't

Course Curriculum Overview

Course-Taking Interface Tips & Tricks

Download Course Lecture PDFs and the Udemy Ratings System

Student Exercise: Introduce Yourself

Short Message for WGU Students

Getting Started in Information Security

The Many Areas of Information Security

The State of Cybersecurity in 2023

The Most Valuable Beginner IT Security Certifications for 2023

Core Information Security Principles

Section Introduction

The CIA Triad

Authentication, Authorization, and Accounting (AAA)

Defense in Depth

Least Privilege

Non-Repudiation

Implicit Deny

Legal and Regulatory Issues

Information Security Governance

Authentication Basics

Identify Proofing

General Password Rules

Information Security Principles Quiz

Risk Management

Introduction to Risk Management

Risk Management Process

Exploring Risks and Threats

Quantitative Risk Analysis

Attack Surface Analysis

Student Exercise: Qualitative Risk Assessment

Risk Management Quiz

Asset Management

Identifying and Classifying Assets

Understanding the Asset Lifecycle

Data Retention

Understanding Data States

Asset Management Quiz

Access Control

Physical and Logical Access Controls

Access Control Models

Attribute-Based Access Controls (ABAC)

Student Activity: Analyzing Your Organization's Access Control

Access Control Quiz

IT Auditing

Introduction to IT Audits

Role of IT Audits

Benefits of IT Audits

Risk of Not Performing IT Audits

IT Audit Process and Phases

Audit and Control Objectives

Gathering Evidence

Documenting and Reporting

IT Audit Frameworks

Student Activity: Auditing Your Home Network

Student Exercise Takeaway: Auditing Your Home Network

IT Auditing Quiz

Compliance, Laws and Regulations

What is Compliance?

Achieving & Maintaining Compliance

Laws, Regulations & Compliance Frameworks

Compliance, Laws and Regulations Quiz

Security Malware Threats

Buffer Overflows

Viruses and Polymorphic Viruses

Worms

Trojan Horses

Logic Bombs

Spyware and Adware

Ransomware

Rootkits

Zero Day Attacks

Protecting Against Malware

Case Study: WannaCry Ransomware Attack

Student Exercise: WannaCry Case Study Analysis

Security Malware Threats Quiz

Additional Threats & Vulnerabilities

Social Engineering

Social Engineering Phone Impersonation Scenarios Overview

Social Engineering Phone Call Impersonation Example #1

Social Engineering Phone Call Impersonation Example #2

Social Engineering Phone Call Impersonation Example #3

Social Engineering Phone Impersonation Scenarios Discussion

Email Spam, Spoofing, Phishing, and Pharming

Protocol Spoofing

Common Attack Methods

Student Exercise: Phishing Campaign

Additional Threats & Vulnerabilities Quiz

Network Segmentation & Isolation

Good to know

Know what's good

, what to watch for

, and possible dealbreakers

Introduces students to the core principles of cybersecurity, which is a foundational concept in a career in IT

Provides a basis for more advanced courses in information security

Well-rounded curriculum that covers various aspects of cybersecurity

Prepares students for the most valuable beginner IT security certifications

Real-world scenario-based quizzes and case studies enhance learning

Reviews summary

Insightful ism fundamentals

learners say this course presents ">engaging assignments, concepts, and lecturesreadingsexamsquizzeshomework assignments" well received by students. According to students, it covers "core concepts" and several detailed subtopics including legal and regulatory, viruses, malware, and more. Many reviewers claim this course is largely positive with instructors described as knowledgeable and enthusiastic. Reviewers also highlight ">easy-to-understand materials that provide "practical content" and real-world examples. Students also mention that they enjoyed the "thorough and detailed" nature of the content as well as its "clear and organized" delivery.

Provides "detailed" content without overwhelming students and is complemented by "clear and organized" delivery.

"Great pace, great talking points, overall very impressed with easy to use format that makes it easy to understand everything being discussed."

Materials are "well structured" and "organized" with "clear" content and helpful supplemental materials.

"Great course filled with practical content that anyone can use on a daily basis during the course of their career in cyber security."

"The course is amazing and beyond my expectations."

"Excellent arrangement of topics and accompanying pdf notes."

"notes are easy to find and access, which is critical for taking notes."

Instructor is "knowledgeable" and "enthusiastic" and provides "clear" and "concise" explanations.

"Alton has a very clear way of explaining things and does it with great enthusiasm."

"He makes the slides come to life by actively using all the possible tools to ensure I was totally engaged, which I thought was a wonderful idea."

Provides helpful "quizzes" and "assignments" that are "engaging" ways to test knowledge and reinforce learning.

"The quizzes at the of the lessons help reiterate the information previously discussed."

"very good course and, i wanna say very very thank you for the course owner because he can provide very great course with low price, and one again thank you"

Includes "practical content" with plenty of "real-world examples" that are "easy-to-understand" and "applicable".

"Really good and comprehensive look to ISM."

"Includes the basics but also goes into detail more with more obscure parts of ISM."

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Information Security Management Fundamentals for Non-Techies with these activities:

Review Network Security Fundamentals

Show steps

This course builds upon foundational concepts of network security. Reviewing these topics will help you bridge the gap and prepare for success.

Browse courses on network security

Show steps

Review OSI Model and TCP/IP stack
Revisit basic network protocols (e.g., HTTP, DNS, FTP)
Recall common network security threats (e.g., viruses, malware)

Review Cryptography and Network Security

Show steps

This book is a widely recognized resource for understanding cryptography and network security concepts, which are foundational to this course.

View Computer Security: Principles and Practice PDF... on Amazon

Show steps

Review basic cryptographic algorithms (e.g., symmetric, asymmetric)
Understand network security protocols (e.g., SSL/TLS, IPsec)

Practice Password Cracking Techniques

Show steps

This course emphasizes the importance of password security. Practicing password cracking techniques will reinforce this concept.

Browse courses on Password Cracking

Show steps

Use online password cracking tools (e.g., Hashcat, John the Ripper)
Experiment with different password cracking techniques (e.g., brute force, dictionary attacks)
Understand password hashing and encryption algorithms

Three other activities

Expand to see all activities and additional details

Show all six activities

Follow Tutorials on Web Application Security

Show steps

This course introduces web application security concepts. Following tutorials will complement the course material and provide practical experience.

Browse courses on Web Application Security

Show steps

Find tutorials on OWASP Top 10 vulnerabilities
Learn how to use web security testing tools (e.g., Burp Suite, ZAP)

Create a Network Security Diagram

Show steps

This course emphasizes the importance of network design for security. Creating a network security diagram will help you apply these concepts.

Browse courses on network security

Show steps

Identify network components (e.g., routers, switches, firewalls)
Map network connections and flow of traffic
Apply security principles to the network design

Attend an Information Security Conference

Show steps

Attending industry events can provide valuable insights and networking opportunities to enhance your knowledge.

Browse courses on Information Security

Show steps

Research upcoming information security conferences
Register for the event and attend sessions
Network with professionals in the field

Career center

Learners who complete Information Security Management Fundamentals for Non-Techies will develop knowledge and skills that may be useful to these careers:

Vulnerability Analyst

Vulnerability Analysts identify and assess vulnerabilities in software and systems. They work closely with Information Security Analysts and Security Engineers to develop and implement security measures to mitigate vulnerabilities. Vulnerability Analysts must have a strong understanding of information security management and vulnerability assessment principles. This course can help aspiring Vulnerability Analysts build a foundation in information security management, which will help them identify and assess vulnerabilities more effectively.

See salaries and explore the career path for Vulnerability Analyst

Identity and Access Management (IAM) Specialist

Identity and Access Management (IAM) Specialists manage an organization's identities and access to resources. They work closely with Information Security Analysts and Security Engineers to develop and implement security policies and procedures for identity and access management. IAM Specialists must have a strong understanding of information security management and identity and access management principles. This course can help aspiring IAM Specialists build a foundation in information security management, which will help them manage identities and access more effectively.

See salaries and explore the career path for Identity and Access Management (IAM) Specialist

Data Security Analyst

Data Security Analysts protect an organization's data from unauthorized access, use, disclosure, disruption, modification, or destruction. They work closely with Information Security Analysts and Security Engineers to develop and implement security measures to protect data. Data Security Analysts must have a strong understanding of information security management and data security principles. This course can help aspiring Data Security Analysts build a foundation in information security management, which will help them protect data more effectively.

See salaries and explore the career path for Data Security Analyst

IT Auditor

IT Auditors evaluate an organization's IT systems and controls to ensure that they are secure and compliant with regulations. They also make recommendations for improvements to security and compliance. IT Auditors must have a strong understanding of information security management and auditing principles. This course can help aspiring IT Auditors build a foundation in information security management, which will help them perform more effective audits.

See salaries and explore the career path for IT Auditor

Information Security Analyst

Information Security Analysts plan and implement security measures to protect an organization's computer networks and systems. They develop security policies and procedures, and they monitor and maintain security systems. Information security analysts play a critical role in safeguarding businesses and organizations from cyber threats. This course can help aspiring Information Security Analysts understand the fundamentals of information security management, which is essential for developing effective security measures. The course covers topics such as risk management, asset management, access control, and IT auditing, which are all essential to securing an organization's IT infrastructure.

See salaries and explore the career path for Information Security Analyst

Security Engineer

Security Engineers design, implement, and maintain security systems to protect an organization's computer networks and systems. They work closely with Information Security Analysts to develop and implement security policies and procedures. Security Engineers often have a strong background in computer science and engineering, and they must be up-to-date on the latest security threats and technologies. This course can help Security Engineers build a foundation in information security management, which will help them develop and implement more effective security solutions.

See salaries and explore the career path for Security Engineer

Cybersecurity Analyst

Cybersecurity Analysts monitor and analyze security events to identify and respond to threats. They work closely with Information Security Analysts and Security Engineers to develop and implement security measures. Cybersecurity Analysts must have a strong understanding of information security management and cybersecurity principles. This course can help aspiring Cybersecurity Analysts build a foundation in information security management, which will help them identify and respond to threats more effectively.

See salaries and explore the career path for Cybersecurity Analyst

Incident Responder

Incident Responders investigate and respond to security incidents. They work closely with Information Security Analysts and Cybersecurity Analysts to contain and mitigate the impact of security breaches. Incident Responders must have a strong understanding of information security management and incident response principles. This course can help aspiring Incident Responders build a foundation in information security management, which will help them respond to security incidents more effectively.

See salaries and explore the career path for Incident Responder

Cloud Security Engineer

Cloud Security Engineers design and implement security measures for cloud-based systems and applications. They work closely with Information Security Analysts and Security Engineers to develop and implement security policies and procedures for cloud environments. Cloud Security Engineers must have a strong understanding of information security management and cloud security principles. This course can help aspiring Cloud Security Engineers build a foundation in information security management, which will help them design and implement more effective security solutions for cloud environments.

See salaries and explore the career path for Cloud Security Engineer

Compliance Analyst

Compliance Analysts ensure that an organization's IT systems and practices are compliant with regulations. They work closely with IT Auditors to identify and mitigate risks. Compliance Analysts must have a strong understanding of information security management and regulatory compliance. This course can help aspiring Compliance Analysts build a foundation in information security management, which will help them ensure that their organizations are compliant with regulations.

See salaries and explore the career path for Compliance Analyst

Malware Analyst

Malware Analysts investigate and analyze malware to identify its behavior and vulnerabilities. They work closely with Information Security Analysts and Cybersecurity Analysts to develop and implement security measures to protect against malware. Malware Analysts must have a strong understanding of information security management and malware analysis principles. This course can help aspiring Malware Analysts build a foundation in information security management, which will help them analyze malware more effectively.

See salaries and explore the career path for Malware Analyst

Security Architect

Security Architects design and implement security solutions for organizations. They work closely with Information Security Analysts and Security Engineers to develop and implement security policies and procedures. Security Architects must have a strong understanding of information security management and security architecture principles. This course can help aspiring Security Architects build a foundation in information security management, which will help them design and implement more effective security solutions.

See salaries and explore the career path for Security Architect

Network Administrator

Network Administrators are responsible for managing an organization's computer networks. They install, configure, and maintain network hardware and software. Network Administrators must have a strong understanding of networking and security principles. This course can help Network Administrators build a foundation in information security management, which will help them secure their networks.

See salaries and explore the career path for Network Administrator

Security Consultant

Security Consultants help organizations to identify and mitigate security risks. They provide advice on security policies, procedures, and technologies. Security Consultants must have a strong understanding of information security management principles. This course can help aspiring Security Consultants build a foundation in information security management, which will help them provide better advice to their clients.

See salaries and explore the career path for Security Consultant

IT Manager

IT Managers are responsible for planning, implementing, and managing an organization's IT infrastructure. They oversee the IT budget, and they make decisions about which technologies to invest in. IT Managers must have a strong understanding of information security management, as they are responsible for protecting their organization's IT assets. This course can help aspiring IT Managers develop a foundation in information security management, which will help them make more informed decisions about security.

See salaries and explore the career path for IT Manager