Operations Security - Operations Security & Physical and Environmental Security | Coursera

For EnterpriseFor Students

Browse
Top Courses
Log In
Join for Free

Operations Security

Loading...

Cybersecurity and Its Ten Domains

University System of Georgia

4.3 (2,130 ratings) | 160K Students Enrolled

Enroll for Free

This course is designed to introduce students, working professionals and the community to the exciting field of cybersecurity. Throughout the MOOC, participants will engage in community discourse and online interaction. Participants will gain knowledge and understanding of cybersecurity and its domains. They will engage with expertly produced videos, gain insight from industry experts, participate in knowledge assessments, practice assessing their environmental awareness, and gain access to materials that address governance and risk management, compliance, business continuity and disaster recovery, cryptography, software development security, access control, network security, security architecture, security operations, and physical and environmental security. Learning will be assessed using strategies aligned to knowledge and understanding. You do not need prior experience in IT security to do well in this course. All you need is a willingness to learn. We will point you to relevant open and free resources to assist you. At the end of this course, you will have the option of applying for undergraduate level course credit at Kennesaw State University (dependent on admission to Kennesaw State University as a degree seeking or a non-degree seeking student). More information is available in final module "Receive Course (undergraduate) Credit at Kennesaw State University".

Skills You'll Learn

Cybersecurity, Cryptography, Information Security (INFOSEC), Cyber-Security Regulation

Reviews

4.3 (2,130 ratings)

5 stars
62.01%
4 stars
21.69%
3 stars
8.02%
2 stars
3.61%
1 star
4.64%

MG

Jul 16, 2020

It was great experience to learn with University System of Georgia. The course and content of Cyber security and Its Ten Domains was excellent. It will really help me in day to day life.

PP

Feb 7, 2016

Superb course with lot of resources to learn concepts. websites really helpful to update knowledge. Simple rules will avoid hefty fines by govt and safeguard brand reputations

From the lesson

Operations Security & Physical and Environmental Security

In this module we are going to cover what amount to some of the more intuitive parts of cybersecurity: operations security and physical and environmental security. Learners will understand operations security from a competitor/enemy/hacker’s viewpoint and then develop and apply countermeasures accordingly. Learners will also be exposed to electric power issues such as brownouts, fire detection and suppression, and HVAC.

Operations Security4:09

Physical and Environmental Security1:14

Taught By

Dr. Humayun Zafar, CEH, CISM
Professor of Information Security and Assurance

Try the Course for Free

Transcript

[MUSIC] Hi, I'm Justin Massey and I'm a Penetration Tester from Coalfire Labs. Today we'll be discussing security operations. [SOUND] Security operations are typically defined in a security policy and include your common buzzwords, such as, [SOUND] the principle of least privilege and patch management. Unfortunately, in many organizations, this policy is poorly implemented and thus increases the overall risk. [SOUND] For example, a company policy may read, all employees are only permitted user access and no administrator or root privileges are granted, unless they are a system administrator. However, users are bugging the system administrator to install software on their local machines, and it begins to grant the user local administrator access to make his job easier. The employees are now free to install whatever software they wish, and oftentimes this leads to malware being installed on workstations. Furthermore, this can lead to devastating impact on the organization, such as crypto locker, encrypting all of the shared drives which the domain user has write access to. [SOUND] It is absolutely necessary for the security team to audit the user permissions and assure the principle of least privilege is being implemented correctly. Another important role of security operations is to ensure sensitive information is properly identified, handled and secured. Also, when sensitive data is no longer needed for business purposes or required by law, it is necessary to destroy the information. The concept is great, but could be difficult to implement. If all system information is stored in one location, one can review the data and determine if it should be destroyed. [NOISE] In our current day of computing, this is not the case. Sensitive data can often be stored on individual's computers rather than a database where it can be easily queried. [NOISE] For example, a comptroller of an organization is required to run tax reports at the end of each year and stores the W2s on a mapped network drive for easy access when needed. The comptroller continues to store them in this location each year for the years to come. If this drive is compromised, the personally identifiable information of the employees is attained by the threat agent and exfiltrated to engage in tax fraud of all of the employees. Educating the employees about proper data handling is a must for all organizations. [SOUND] Media management is yet another security nightmare for organizations. Employees have the need to move data to and from their work location. And an easy way to do this is by a USB flash drive. Unfortunately, no encryption mechanism is built into the hardware and the operating systems also do not support any encryption by default. For your average user, this means that the data stored in the flash drive is in clear text, and readable by anyone who can obtain the flash drive. [SOUND] There are many other examples of security operations, but the underlying problem lies within the implementation of the policy. Audits are necessary to ensure the policy is being implemented properly. But the audit [SOUND] must be inclusive of all assets, and not only where the company thinks the data may reside. As part of the audit, it may be necessary to complete a vulnerability assessment, and correlate it to prior year's assessments, review default configurations, and scrutinize the change management logs. With all this being said, a well implemented security operation starts with training the users and system administrators, and ends with the same people properly following those clearly defined procedures. [MUSIC]

Explore our Catalog

Join for free and get personalized recommendations, updates and offers.

Coursera Footer

Top Online Courses

Finding Purpose & Meaning in Life
Understanding Medical Research
Japanese for Beginners
Introduction to Cloud Computing
Foundations of Mindfulness
Fundamentals of Finance
Machine Learning
Machine Learning Using Sas Viya
The Science of Well Being
Covid-19 Contact Tracing
AI for Everyone
Financial Markets
Introduction to Psychology
Getting Started with AWS
International Marketing
C++
Predictive Analytics & Data Mining
UCSD Learning How to Learn
Michigan Programming for Everybody
JHU R Programming
Google CBRS CPI Training

Top Online Specializations

Natural Language Processing (NLP)
AI for Medicine
Good with Words: Writing & Editing
Infections Disease Modeling
The Pronounciation of American English
Software Testing Automation
Deep Learning
Python for Everybody
Data Science
Business Foundations
Excel Skills for Business
Data Science with Python
Finance for Everyone
Communication Skills for Engineers
Sales Training
Career Brand Management
Wharton Business Analytics
Penn Positive Psychology
Washington Machine Learning
CalArts Graphic Design

Online Certificates

Professional Certificates
MasterTrack Certificates
Google IT Support
IBM Data Science
Google Cloud Data Engineering
IBM Applied AI
Google Cloud Architecture
IBM Cybersecurity Analyst
Google IT Automation with Python
IBM z/OS Mainframe Practitioner
UCI Applied Project Management
Instructional Design Certificate
Construction Engineering and Management Certificate
Big Data Certificate
Machine Learning for Analytics Certificate
Innovation Management & Entrepreneurship Certificate
Sustainabaility and Development Certificate
Social Work Certificate
AI and Machine Learning Certificate
Spatial Data Analysis and Visualization Certificate

Online Degree Programs

Computer Science Degrees
Business Degrees
Public Health Degrees
Data Science Degrees
Bachelor's Degrees
Bachelor of Computer Science
MS Electrical Engineering
Bachelor Completion Degree
MS Management
MS Computer Science
MPH
Accounting Master's Degree
MCIT
MBA Online
Master of Applied Data Science
Global MBA
Master's of Innovation & Entrepreneurship
MCS Data Science
Master's in Computer Science
Master's in Public Health

Coursera

About
What We Offer
Leadership
Careers
Catalog
Certificates
MasterTrack™ Certificates
Degrees
For Enterprise
For Government
For Campus

Community

Learners
Partners
Developers
Beta Testers
Translators
Blog
Tech Blog
Teaching Center

More

Terms
Privacy
Help
Accessibility
Press
Contact
Directory
Affiliates

Learn Anywhere

Get it on Google Play

© 2021 Coursera Inc. All rights reserved.