Pemantapan materi, latihan & simulasi ujian sertifikasi Information Security Foundation (ISF) based on ISO IEC 27001 dari Exin. Topik ujian sertifikasi Information Security Foundation (ISF) based on ISO IEC 27001 meliputi information & security, threats & risks, approach & organization, measures, dan legislation & regulation
CONTENT
1. Introduction
2 Case study: Springbooks an international bookstore
2.1 Introduction
2.2 Springbooks
3. Definitions
4. Information, security and architecture
4.1 Fundamental principles of security
4.2 Parkerian hexad
4.3 Due care and due diligence.
4.4 Information
4.5 Information management.
4.6 Secure information systems design
4.7 Operational processes and information.
4.8 Information architecture.
5. Security management.
5.1 Security definitions.
5.2 Assessing security risks
5.3 Mitigating security risks
5.4 Risk management.
5.5 Risk analysis
5.6 Countermeasures to mitigate the risk
5.7 Types of threats.
5.8 Types of damage.
5.9 Types of risk strategies
5.10 Guidelines for implementing security measures
6. Business assets and information security incidents
6.1 What are business assets?
6.2 Managing business assets
6.3 Classification of information
6.4 Managing information security incidents
6.5 Roles
7. Physical measures
7.1 Physical security
7.2 Protection rings
7.3 The outer ring
7.4 The building
7.5 The working space
7.6 The object
7.7 Alarms
7.8 Fire protection
8 Technical measures (IT security)
8.1 Computerized information systems
8.2 Logical access control
8.3 Security requirements for information systems
8.4 Cryptography
8.5 Types of cryptographic systems
8.6 Security of system files
8.7 Information leaks
8.8 Cryptography policy
9. Organizational measures
9.1 Security policy
9.2 Personnel
9.3 Business continuity management
10. Managing communication and operating processes
10.1 Operating procedures and responsibilities
10.2 Change management
10.3 Segregation of duties
10.4 Development, testing, acceptance and production
10.5 Management of services by a third party
10.6 Protection against malware, phishing and spam
10.7 Some definitions.
10.8 Back-up and restore
10.9 Managing network security.
10.10 Handling media
10.11 Mobile equipment
10.12 Exchanging information
10.13 Services for e-commerce
10.14 Publically available information
11 Law, regulations and standards
11.1 Observance of statutory regulations
11.2 Compliance
11.3 Intellectual property rights (IPR)
11.4 Protecting business documents
11.5 Protecting data and the confidentiality of personal data
11.6 Preventing abuse of IT facilities
11.7 Observing security policy and security standards.
11.8 Monitoring measures
11.9 Information system audits.
11.10 Protecting tools used for auditing information systems
11.11 Standards and standards organizations
Course Features
- Lectures 13
- Quizzes 2
- Duration 2 days
- Skill level All levels
- Language English
- Students 0
- Certificate No
- Assessments Yes
