Information Security


Learn to make your information technology more secure

Course CodeBIT203
Fee CodeS2
Duration (approx)100 hours
QualificationStatement of Attainment


It's Easy to Enrol

Select a Learning Method

I am studying from...

Enable Javascript to automatically update prices.

All prices in Australian Dollars.

Payment plans available.

Courses can be started at any time from anywhere in the world!

CUT THE RISK -Using Computers can be Risky -but not using them can be too!

Learn to keep information on your computer secure.
  • A course equally important for the individual through to the largest corporation

The most important security concepts related to information on the internet are confidentiality, integrity and availability, whereas the most important concepts related to the people using the information on the internet are authorisation, authentication and non-repudiation.

Learn about Information Security

 

Lesson Structure

There are 11 lessons in this course:

  1. Introduction to Information Security
    • Need for Security
    • Basic Security Concepts
    • Security Breaches and Intrusions
    • Types of Threats
    • Threat Assessment
    • Vulnerability Assessment
    • Security through Obscurity
    • Hackers
    • Crackers
    • The Difference between Hackers and Crackers
    • IP Spoofing
    • Blind Spoofing
    • Man in the Middle Attack
    • Denial of Service
    • Distributed Denial of Service
    • Phishing
    • How to Defend against Spoofing
    • What is a Botnet
    • Types of bots and their Malicious Use
  2. Information Security Ethics
    • Ethical Issues facing IT Professionals
    • Legal Issues facing IT Professionals
    • Intellectual Property Rights
  3. Data Integrity and Backing up
    • What is Data Integrity
    • Protection
    • Detection
    • Correction
    • What is Data backup
    • Full backup
    • Incremental backup
    • Mirror backup
    • Offsite backup
    • Offsite versus Onsite Backup
    • Disk based versus Tape based Backup
    • Online backup
  4. Vulnerabilities of Operating Systems and Information Systems
    • What is Vulnerability
    • Operating Systems and Software Vulnerability
    • Running Virus Protection Software
    • Updating Security Patches for Software
    • Approved Software
    • FTP Vulnerability
    • Trojan Horses
    • Who is at Risk of Trojan Horses
    • Protection against Trojans
  5. Risk Management
    • What is Risk Management
    • Key Roles in the Risk Management Process
    • Risk Assessment
    • Characterising the System
    • Identifying Threats
    • Control Analysis
    • Determining Likelihood Ratings
    • Analyzing the Impact
    • Determining the Risks
    • Controls Recommendations
    • Risk Mitigation
    • Risk Evaluation
  6. Information Security Technologies, Developments and Initiatives
    • What is VPN (Virtual Private Network)
    • Features and Benefits of VPN
    • Components of Remote Access VPN
    • Protocols Used in VPN Connections
    • Advantages and Disadvantages of VPN
    • What is a Firewall
    • Main Functions of Firewalls
    • Packet Filtering
    • Circuit Relay
    • Application Gateway
    • Firewall Rules
    • What are Intrusion Detection Systems (IDS)
    • Types of IDS
    • IDS versus Firewalls
  7. Physical Security
    • What is Physical Security?
    • Natural Disasters and Controls
    • Lightning
    • Power Loss
    • Fire
    • Earthquake
    • Liquid Leakage
    • The Human Factor
    • Locks
    • Tokens
    • Challenge-response Tokens
    • Dumb Cards
    • Smart Cards
    • Biometric Devices
    • Fingerprint Scanners
    • Retnal Scan Devices
    • Palm Scan Devices
    • Hand Geometry Devices
    • Facial Recognition Devices
  8. Developing a security Policy
    • Introduction
    • Need for Security
    • Importance of Security Policy
    • Developing a Security Policy
  9. Implementing and revising a security policy
    • Introduction
    • Communicating the Security Policy
    • Enforcing the Security Policy
    • Assessing the Security Policy
    • Common Security Policies
    • Password Policy
    • Access Control Policy
    • Displaying a Warning Notice
    • Audit Policy
    • Server Security Policy
    • Automatically Forwarded Emailsa Policy
    • Information Sensitivity Policy
    • Anti Virus Policy
    • Remote Access Policy
    • Wireless Communication Policy
  10. Business Continuity and Disaster Recovery Planning
    • Difference between disaster recover and business continuity?
    • Disaster recovery plan
    • Business continuity plan
  11. Information Security Maintenance
    • Time Management
    • Networking
    • Management
    • Attitude
    • Procedures
    • Products and Services
    • The Law

Each lesson culminates in an assignment which is submitted to the school, marked by the school's tutors and returned to you with any relevant suggestions, comments, and if necessary, extra reading.


WHO IS USING YOUR COMPUTER?

 
The first step is to ensure that only the authorised people are able to view that information, because confidentiality is a very important attribute when it comes to information security. 
This may be obvious and simple -but it is a measure that is all too often relaxed.
This course does of course deal with much more complex issues as well though!
 
In some countries, there is a need to protect the privacy of individuals and prevent unlawful access to their information. This includes, but is not limited to: information stored in banks, hospitals and medical records, medical laboratories and medical research data, the tax office and many others.

When private information is circulating on an insecure network, it may be subject to many forms of misuse, including theft and corruption. Data corruption occurs when information is modified by a third-party, thus resulting in the loss of integrity for this data. It is important to note that information can be modified by people with or without malicious intent; for this reason, it is important to keep confidential information secure at all times, to avoid any accidental tampering (such as human error) or intentional tampering.

Needless to say, it is always important to maintain data integrity during any type of communication, but in critical cases such as EFT (electronic funds transfer), army and security agencies communications, and air traffic control, maintaining data integrity becomes an absolute necessity. This means that extreme care should be taken to prevent data from being deleted, modified, or becoming inaccessible, this resulting in loss of data availability and people won’t be able to access the information when required.

To secure data availability on the network, it is important to reduce network outages as much as possible, because the availability of the network itself is extremely important. If the network is down, network users will not be able to access the network and any resources available on that network.

Most organisations nowadays apply some form of security to restrict unlawful access to data stored on their networks. This is mainly achieved by using authentication and authorisation which will be explained below:

Authentication on a network provides a proof that a network user is indeed the person they are claiming to be, either by asking the user to input a password (something they know), a smartcard (something they have), or a biometric identity print (such as a finger print).

Authorisation on a network provides a proof that a certain network user has the right to read a file, run a program, delete a folder, or perform other network activities.

It is important to understand that authentication and authorisation work together, because a user needs to be authenticated first before they can be authorised to perform network activities.

 
YOUR NEXT STEP? 
 
Either Talk to us or enrol 
 
 
 
To Enrol -Use panel (at top of page) or  Phone (07) 5562 1099

 


Credentials

ACS Distance Education holds an Educational Membership with the ATA
ACS Distance Education holds an Educational Membership with the ATA

ACS is an Organisational Member of the British Institute for Learning and Development
ACS is an Organisational Member of the British Institute for Learning and Development

ACS Global Partner - Affiliated with colleges in seven countries around the world.
ACS Global Partner - Affiliated with colleges in seven countries around the world.



Need assistance?



Start Now!


      


Dr. Sherif Sakr

Research Scientist and University Lecturer in Computer Science and Engineering. Sherif has a PhD in Computer Science, MSc, BSc.
Martin Powdrill

25 years working in Telecommunications, IT, Organisational Development, and Energy Conservation & Efficiency, prior to setting up his own Permaculture consulting business. Martin has a Bsc (Hons) Applied Science (Resources Option), MSc Computer Studies, P
Josiane Joubran

CSC consultant with IBM, Software QA Engineer, Course Writer and Tutor. Josiane is an I.T professional with extensive experience with computer hardware and engineering in Lebanon and Australia. Josiane has a B.Eng., Grad.Dip.I.T., Master Info.Tech., MCP,
Sarah Jury

Over 15 years working in small business, I.T., education and science. Sarah has a PGCE(Post Compulsory Education), BSc(Hons) (Genetics), DipComp(Open), CertWebApps(Open). She has designed and created several Web sites for different organisations.