Professional Documents
Culture Documents
SYLLABUS
Chapter 1: The Engineering Lifecycle Using Security Design Principles
Fundamental Concepts of Security Models
Common System Components
How They Work Together
Enterprise Security Architecture
Common Security Services
Zachman Framework
Capturing and Analyzing Requirements
Creating and Documenting Security Architecture
Chapter 2: Information Systems Security Evaluation Models
Common Formal Security Models
Product Evaluation Models
Industry and International Security Implementation Guidelines
Security Capabilities of Information Systems
o Access Control Mechanisms
o Secure Memory Management
Chapter 3: Vulnerabilities of Security Architectures
Systems
Technology and Process Integration
Single Point of Failure (SPOF)
Client-Based Vulnerabilities
Server-Based Vulnerabilities
Database Security
o Large Scale Parallel Data Systems
o Distributed Systems
o Cryptographic Systems
Software and System Vulnerabilities and Threats
o Web-Based
Vulnerabilities in Mobile Systems
o Risks from Remote Computing
o Risks from Mobile Workers
Vulnerabilities in Embedded Devices and Cyber-Physical Systems
Chapter 4: The Application and Use of Cryptography
The History of Cryptography
Emerging Technology
Core Information Security Principles
Additional Features of Cryptographic Systems
The Cryptographic Lifecycle
Public Key Infrastructure (PKI)
Key Management Processes
Creation and Distribution of Keys
Digital Signatures
Digital Rights Management (DRM)
Non-Repudiation
Hashing
Simple Hash Functions
Methods of Cryptanalytic Attacks
Chapter 5: Design
Site and Facility Design Considerations
o The Security Survey
Site Planning
o Roadway Design
o Crime Prevention through Environmental Design (CPTED)
o Windows
Design and Implement Facility Security
Implementation and Operation of Facilities Security
o Communications and Server Rooms
o Restricted and Work Area Security
o Data Center Security