Send More Info
Apply Now
Classroom Login
Call Now
Call Now 855-300-1469

MGT 5155 Security in the Enterprise


Course Description

Cybersecurity must operate within real-world constraints. In this course, students will explore interconnections between security solutions and the enterprise. Topics include legal and regulatory considerations, attack and trust models, risk, and the economics of security.

Course Description

  1. Understand the classification and valuation of information
  2. Understand the relevant legislation and legal obligations of security professionals
  3. Understand risk-based security decision making
  4. Understand security frameworks
  5. Derive the processes used in security operations, including:
    1. Device hardening
    2. Asset management
    3. Vulnerability remediation
    4. Incident response
    5. Computer forensics
  6. Attack models and testing
  7. The impact of human factors on security technology

Week 1


Module: Introduction and Overview
Lecture: Introduction and Overview

Outcomes

 After completing this module, students should be able to:

  • Understand the objectives of the class
  • Understand the work expected from the student
  • Understand the student evaluation process
  • Understand the concept of the enterprise
Module: Information
Lecture: Information 

Outcomes

 After completing this module, students should be able to:

  • Define information in the context of the enterprise
  • Understand information classification methodologies
  • Explain why classification of information is necessary

Week 2


Module: Risk-Based Security
Lecture: Risk-Based Security

Outcomes

After completing this module, students should be able to:

  • Understand the concept of risk
  • Understand why risk management is the keystone of a security program
  • Understand the continuous nature of risk assessment
Module: Frameworks
Lecture: Frameworks

Outcomes

After completing this module, students should be able to:

  • Understand the various security frameworks 
  • Understand which frameworks apply to a given enterprise
  • Understand how the frameworks differ

Week 3


Module: Legislation
Lecture: Legislation

Outcomes

After completing this module, students should be able to:

  • Understand local, state, and federal cyber laws
  • Understand the issues associated with cyberlegislation creation
  • Understand the issues associated with cyber enforcement
Module: Legal Obligations
Lecture: Legal Obligations

Outcomes

After completing this module, students should be able to:

  • Understand the term “best effort”
  • Understand the term “industry standard”
  • Understand contractual requirements
  • Understand lawful and unlawful intercept

Week 4


Module: Security Operations, Part 1
Lecture: Security Operations, Part 1

Outcomes

After completing this module, students should be able to:

  • Explain asset management as it relates to security
  • Explain configuration management
  • Understand the concept of device hardening
  • Understand how the security architecture is derived

Week 5


Module: Security Operations, Part 2
Lecture: Security Operations, Part 2

Outcomes

After completing this module, students should be able to:

  • Understand the elements of incident response
  • Understand the concept of event management
  • Understand the concept of continuous monitoring
  • Understand the concept of computer forensics 

Week 6


Module: Attack Models
Lecture: Attack Models

Outcomes

 After completing this module, students should be able to:

  • Be able to explain red team/blue team exercises
  • Understand flaw hypothesis testing
  • Understand social engineering

Week 7


Module: Security Testing
Lecture: Security Testing

Outcomes

 After completing this module, students should be able to:

  • Understand the various types of security testing
  • Understand when to perform security testing
  • Understand when it is appropriate to have outside test resources 

Week 8


Module: Human Factors
Lecture: Human Factors

Outcomes

After completing this module, students should be able to:

  • Understand why security features are not used
  • Understand the concept of transparency
  • Understand how to be a helpful help desk 

The course description, objectives and learning outcomes are subject to change without notice based on enhancements made to the course. November 2013