Information Security Concepts and Secure Design Principles

Course provides overview on basic Security concepts and design principles laying foundation for any Secure system.
3.7 (13 ratings)
Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
1,015 students enrolled
25% off
Take This Course
  • Lectures 17
  • Length 2 hours
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works


Find online courses made by experts from around the world.


Take your courses with you and learn anywhere, anytime.


Learn and practice real-world skills and achieve your goals.

About This Course

Published 3/2015 English

Course Description

About Course and its Structure

Welcome to Hack2Secure Information Security Concepts and Secure Design Principle Course. So, as the name suggest, we will be looking here for some of the basic concepts laying foundation for any Secure system.


Course well cover information security concepts and related domain. A must have for beginners to build foundation on Security. -- Jaren Kennedy


Under short but precise multiple video lectures, we will talk about some of information security concepts like Confidentiality, Integrity, Availability, Authentication, Authorization, Accountability, Cryptography, SSL/TLS protocols, Hashing, Digital Signatures, Password Security, Access Control mechanism and many more. List doesn't end here, we will also learn some of the popular security attack types impacting these security concepts like Denial of Service, Spoofing, Man-in-the-Middle etc.

We will also walk through some of the security design principles which one needs to ensure while designing any Software or System architecture. These principles concentrates on architectural structures, whether hardware or software, that are required to Support Information protection. Overview on concepts like Least Privilege, Separation of Duties, Defense in Depth, Least Common Mechanism, Securing the weakest link and many more alike will be discussed as part of same.


This training will create a strong foundation for basic security concepts and methodologies. It doesn't only covers brief, it cover the real world realm of security concept. The explanation of topics are very close to our day-in-out life surrounding. The contents well organized and explained. Each Quiz questions will refresh and clear your understanding of topic. The pictorial way of explanation helps to visualize the concept easily. I strongly recommend this training to not only to newbies but also it will be great addition for security professionals who wants to brush up their fundamentals.

-- Senior Security Engineer, Devendra Durgapal


Why take this course:

In current world, ensuring Information Security is one of the mandatory requirement. It doesn't matter, if you are an Administrator managing a single System or a complete Infrastructure, Tester or a Developer involved in product development or delivery to customer or anyone using internet for his personal purpose. This course talk about importance of ensuring Security and impacts of same, if it is not addressed properly.


This course is very well presented and is good for both Professionals and students looking to update their Information Security skills. The modules are packed with lots of information. -- Lacie Evans

The course is simple and easy to understand as it has examples to clarify the concepts. I would definitely recommend this course !!! -- IT Manager, Sujata Sridhar


What are the requirements?

  • Student must know how to atleast use a Computer System and make use of Internet :)

What am I going to get from this course?

  • Learn Information Security Basic Concepts
  • Overview on Security concepts like Confidentiality, Integrity and Availability
  • About SSL/TLS protocol and its detailed Handshake process
  • About Cryptography, Hashing process and Digital Signatures
  • Overview on Security concepts like Authentication, Authorization and Availability
  • About Password Security, Access Control methods and models
  • Overview on common Security Attacks like Denial Of Service, Man-in-the-Middle etc
  • Overview on Security Design Principles, required to be ensured for secure Software Development and Network Architecture.

Who is the target audience?

  • This course provides overview on Information Security concepts, so is suited for anyone who wants to learn Information security from Scratch.
  • This course provides foundation step for IT security and is suited for IT professionals across the domains, Network Administrators, Developers, QA engineers and of course Security Professionals.
  • This course can also be used by Students from Management background, it provides them overview on basic security terminology, best practices and process overflow of different Security concepts
  • No prior programming knowledge is required.

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.


Section 1: Course Introduction and Topics

Current video provides overview on topics covered under Hack2Secure Information Security Concepts and Secure Design Principles course.

Section 2: Importance of Information Security and Basic Security Terminology

Current video talks about, Information Security and its importance in IT industry. We will also see, meaning of term 'Return of Investment' (ROI) from Security point of view.

3 questions


Terminology used in Information Security is often confusing, as most of the terms are theoritically integrally related. Current video talks about some of these terms used frequently while discussing any domain or topic in Information Security.

5 questions
Section 3: C.I.A. Triad

In current video, we will provide overview on CIA triad and then talk about 'Confidentiality' in detail, which is all about protecting data from un-required disclosure. We will see, what confidentiality means and discuss some of the common methods required to ensure it. Video also provides some details on Information Disclosure attack and Steganography.

3 questions

In current video we will talk about Cryptography process, its types (Symmetric & Asymmetric) and how it is used to ensure Confidentiality of Information.

3 questions

Current Video talks about Public Key Infrastructure and how it is used for Key Management. We will also discuss some details on Digital Certificates and its purpose.

2 questions

Current video, talks about basic concepts related with TLS/SSL protocol and how its handshake process make effective use of PKI for key distribution.

3 questions

Current video talks about Integrity of an information, which is another part of CIA triad and is one of the must have requirements of any Secure Systems. We will also talk in brief about attacks like Man-in-the-Middle and Tampering and some of the measures to ensure integrity.

2 questions

Current video talks about use and features of Hashing and Digital Signature and How these are used to ensure Integrity of a data.

2 questions

Current video talks about Availability, which is the 3rd leg of CIA triad. Along with that, we will also discuss about Denial of Service attack which could result in compromise of Availability of a System.

3 questions
Section 4: AAA (Authentication, Authorization and Accountability) concept

Current video talks about Authentication and its different modes of implementation, viz Something You Know, Have and Are.

4 questions

Password is the most widely used mechanism to ensure Authentication. In current video, we will walk through some of the commonly known Password characteristics, best practices to implement them, common attacks which could compromise Passwords and some details on One-Time Password and Single Sign-On Process.

3 questions

Current video talks about other two parts of AAA concept, which are Authorization and Accountability. Authorization process ensures proper privileges of Authenticated User, while Accountability is all about keeping track of Actions and consumed resources by User. Along with these, we will also discuss on Privilege Escalation attack and about Non-Repudiation.

2 questions

Current video talks about Access Control mechanism. We will talk about different layers (Physical, Logical and Administrative) of Access Control measures and different modes (MAC, DAC, RBAC and RuBAC) to implement them.

3 questions
Section 5: Secure Design Principles
Secure Design Principles
4 questions
Section 6: Course Summary

Current Video provides a Quick Walk Through on some of the Security concepts and Design Principles as discussed under this course.

Section 7: Complete Course Details: Data Storage Network and Security
Course Details & Offers
1 page

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Hack2Secure Training, IT Security Training

Hack2Secure is an expert team of Certified Information Security Professionals, who have years of experience in the exciting field of IT Security. We believe and understand the needs of today's IT professionals and is best positioned to offer world class Security Training & Professional Services in Information Security.

Hack2Secure is one of the few companies who offer wide range of theoretical and practical security training programs that can help a diverse group of people, from College Students to Corporate Professionals. We believe in knowledge sharing and transfer. Our experienced trainers will provide you the required knowledge of tools, techniques and resources along with guidance, so that you could be at the forefront of a vital and rapidly changing IT industry.

Ready to start learning?
Take This Course