Learning Objectives

At the end of this course, students will be able to:
  1. Formally define: threat, vulnerability, and risk analysis.
  2. Differentiate between quantitative and qualitative RA methodologies.
  3. Identify and prioritize informational assets. Conduct an Information Criticality Analysis.
  4. Perform a Business Impact Analysis.
  5. Conduct formal vulnerability, threat, and risk analyses.
  6. Perform Network Signature Analysis.
  7. Make more informed information systems security policy and procedural evaluations.
  8. Based upon a strategic process, develop appropriate information security policies.
  9. Design a security education, training and awareness program.
  10. Research/report the current information systems security regulatory and legal environment.
  11. Distinguish legal issues in information systems security that can be analyzed by a computer security professional from those that require an attorney.
  12. Conduct a security cost-benefit analysis.
  13. Using the NSA's INFOSEC Assessment Methodology, conduct an INFOSEC assessment./li>
Hosted by www.Geocities.ws

1