About Course and its Structure
Welcome to Hack2Secure Information Security Concepts and Secure Design Principle Course. So, as the name suggest, we will be looking here for some of the basic concepts laying foundation for any Secure system.
Course well cover information security concepts and related domain. A must have for beginners to build foundation on Security. -- Jaren Kennedy
Under short but precise multiple video lectures, we will talk about some of information security concepts like Confidentiality, Integrity, Availability, Authentication, Authorization, Accountability, Cryptography, SSL/TLS protocols, Hashing, Digital Signatures, Password Security, Access Control mechanism and many more. List doesn't end here, we will also learn some of the popular security attack types impacting these security concepts like Denial of Service, Spoofing, Man-in-the-Middle etc.
We will also walk through some of the security design principles which one needs to ensure while designing any Software or System architecture. These principles concentrates on architectural structures, whether hardware or software, that are required to Support Information protection. Overview on concepts like Least Privilege, Separation of Duties, Defense in Depth, Least Common Mechanism, Securing the weakest link and many more alike will be discussed as part of same.
This training will create a strong foundation for basic security concepts and methodologies. It doesn't only covers brief, it cover the real world realm of security concept. The explanation of topics are very close to our day-in-out life surrounding. The contents well organized and explained. Each Quiz questions will refresh and clear your understanding of topic. The pictorial way of explanation helps to visualize the concept easily. I strongly recommend this training to not only to newbies but also it will be great addition for security professionals who wants to brush up their fundamentals.
-- Senior Security Engineer, Devendra Durgapal
Why take this course:
In current world, ensuring Information Security is one of the mandatory requirement. It doesn't matter, if you are an Administrator managing a single System or a complete Infrastructure, Tester or a Developer involved in product development or delivery to customer or anyone using internet for his personal purpose. This course talk about importance of ensuring Security and impacts of same, if it is not addressed properly.
This course is very well presented and is good for both Professionals and students looking to update their Information Security skills. The modules are packed with lots of information. -- Lacie Evans
The course is simple and easy to understand as it has examples to clarify the concepts. I would definitely recommend this course !!! -- IT Manager, Sujata Sridhar
Current video talks about, Information Security and its importance in IT industry. We will also see, meaning of term 'Return of Investment' (ROI) from Security point of view.
Terminology used in Information Security is often confusing, as most of the terms are theoritically integrally related. Current video talks about some of these terms used frequently while discussing any domain or topic in Information Security.
In current video, we will provide overview on CIA triad and then talk about 'Confidentiality' in detail, which is all about protecting data from un-required disclosure. We will see, what confidentiality means and discuss some of the common methods required to ensure it. Video also provides some details on Information Disclosure attack and Steganography.
In current video we will talk about Cryptography process, its types (Symmetric & Asymmetric) and how it is used to ensure Confidentiality of Information.
Current Video talks about Public Key Infrastructure and how it is used for Key Management. We will also discuss some details on Digital Certificates and its purpose.
Current video, talks about basic concepts related with TLS/SSL protocol and how its handshake process make effective use of PKI for key distribution.
Current video talks about Integrity of an information, which is another part of CIA triad and is one of the must have requirements of any Secure Systems. We will also talk in brief about attacks like Man-in-the-Middle and Tampering and some of the measures to ensure integrity.
Current video talks about use and features of Hashing and Digital Signature and How these are used to ensure Integrity of a data.
Current video talks about Availability, which is the 3rd leg of CIA triad. Along with that, we will also discuss about Denial of Service attack which could result in compromise of Availability of a System.
Current video talks about Authentication and its different modes of implementation, viz Something You Know, Have and Are.
Password is the most widely used mechanism to ensure Authentication. In current video, we will walk through some of the commonly known Password characteristics, best practices to implement them, common attacks which could compromise Passwords and some details on One-Time Password and Single Sign-On Process.
Current video talks about other two parts of AAA concept, which are Authorization and Accountability. Authorization process ensures proper privileges of Authenticated User, while Accountability is all about keeping track of Actions and consumed resources by User. Along with these, we will also discuss on Privilege Escalation attack and about Non-Repudiation.
Current video talks about Access Control mechanism. We will talk about different layers (Physical, Logical and Administrative) of Access Control measures and different modes (MAC, DAC, RBAC and RuBAC) to implement them.
Current Video provides a Quick Walk Through on some of the Security concepts and Design Principles as discussed under this course.
Hack2Secure is an expert team of Certified Information Security Professionals, who have years of experience in the exciting field of IT Security. We believe and understand the needs of today's IT professionals and is best positioned to offer world class Security Training & Professional Services in Information Security.
Hack2Secure is one of the few companies who offer wide range of theoretical and practical security training programs that can help a diverse group of people, from College Students to Corporate Professionals. We believe in knowledge sharing and transfer. Our experienced trainers will provide you the required knowledge of tools, techniques and resources along with guidance, so that you could be at the forefront of a vital and rapidly changing IT industry.