The most serious risk that organizations are facing today is unauthorized access to sensitive data. To control such data breaches, organizations require strong identification, authentication, and authorization mechanisms to effectively manage access to critical assets and sensitive data. This module provides an overview of various methods and techniques used for the identification, authentication, and authorization of users accessing critical assets and resources.

Compliance, policies, and governance are integral to an information security program for any organization. An organization needs to comply with certain regulatory standards to run its businesses. At the same time, it must also have strong security policies and governance in order to fulfill regulatory standards. The current module addresses this administrative aspect of an organization’s network security.

Physical security plays a major role in every organization. It entails the protection of critical information, network infrastructure, physical equipment and devices, facilities, personnel, etc. from environmental disasters, terrorism, vandalism, and theft. This module explains the importance of physical security, various physical security controls, importance of workplace security, and various environmental controls.

The most important aspect of security controls is the protection of organizational assets such as people, property, and data. By establishing security controls, an organization can either reduce or completely mitigate risks to their assets. This module provides an overview of various technical controls that help organizations in protecting their private networks and IT assets.

Cloud computing is an emerging technology that delivers computing services such as online business applications, online data storage, and webmail over the Internet. Cloud implementation enables a distributed workforce, reduces organization expenses, provides data security, etc. This module provides an overview of virtualization and cloud computing concepts that help organizations securely store or process data on the cloud.

This module deals with network security for wireless networks in enterprises. Wireless networks are widely used across organizations today and are prone to various attacks. Therefore, organizations need to focus on the planning for securing the wireless network across the organization.

With the introduction of mobile phones in enterprises, enterprise security has become more complex. Enterprise mobile security has become a major challenge for organizations. Therefore, it is important for organizations to address these security concerns to effectively manage the security of mobile devices. This module provides an overview of mobile device security risks and best practices for mobile platforms.

The use of Internet of Things (IoT) devices in enterprise IT infrastructure has created a vast security perimeter. IoT devices use both networks and the cloud. However, they are highly vulnerable to malware, ransomware, and botnet attacks. Attackers can easily compromise IoT endpoints. Understanding the security measures will help in securing IoT-enabled environments. This module provides an overview of IoT device security.

Cryptography and cryptographic (“crypto”) systems help in securing data against interception and compromise during online transmissions. This module provides a comprehensive understanding of different cryptosystems and algorithms, one-way hash functions, and public key infrastructures (PKIs). It also covers various tools used to encrypt sensitive data.

Data breaches can be costly for organizations. Therefore, it is important to keep organization data safe from prying eyes. This module explains the importance of data, and various techniques to protect data.

Organizations need to perform network monitoring and analyze network traffic to identify suspicious activities across their networks. This module covers the concept of network traffic monitoring.