Information Assurance and Security
History and Context
Explain information assurance and security models, and relate these to historical and current security problems in the context of standards, best practices, policy, planning, usability and continuous education.
Use risk assessment methods to create a security plan that uses both technical and non-technical countermeasures for a management audience.
Develop as a team, incident response, disaster recovery and business continuity plans with an awareness of laws, regulatory standards and best practices.
Install and configure various countermeasures such as firewalls, intrusion detection systems, virtual private networks, and encryption systems; and explain the benefits, limitations and usability impact these may have within an organization.
Explain how the processes of certification, accreditation and maintenance can mitigate risks, and be able to support these by performing a penetration test using basic hacking techniques.
Security for technical and non-technical personnel
Instruct technical and non-technical audiences about the key elements of a good security implementation.